Examples with HttpServletRequest jakarta.servlet.http.HttpServletRequest used on opensource projects

Example 21 with HttpServletRequest

use of jakarta.servlet.http.HttpServletRequest in project spring-security by spring-projects.

the class StrictHttpFirewallTests method getFirewalledRequestGetParameterMapWhenControlCharacterInParameterNameThenException.

@Test
public void getFirewalledRequestGetParameterMapWhenControlCharacterInParameterNameThenException() {
    this.request.addParameter("Bad\0Name", "some value");
    HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
    assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(request::getParameterMap);
}

Example 22 with HttpServletRequest

use of jakarta.servlet.http.HttpServletRequest in project spring-security by spring-projects.

the class StrictHttpFirewallTests method getFirewalledRequestGetHeaderWhenControlCharacterInHeaderValueThenException.

@Test
public void getFirewalledRequestGetHeaderWhenControlCharacterInHeaderValueThenException() {
    this.request.addHeader("Something", "bad\0value");
    HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
    assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeader("Something"));
}

Example 23 with HttpServletRequest

use of jakarta.servlet.http.HttpServletRequest in project spring-security by spring-projects.

the class StrictHttpFirewallTests method getFirewalledRequestGetHeadersWhenControlCharacterInHeaderNameThenException.

@Test
public void getFirewalledRequestGetHeadersWhenControlCharacterInHeaderNameThenException() {
    this.request.addHeader("Bad\0Name", "some value");
    HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
    assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeaders("Bad\0Name"));
}

Example 24 with HttpServletRequest

use of jakarta.servlet.http.HttpServletRequest in project spring-security by spring-projects.

the class StrictHttpFirewallTests method getFirewalledRequestGetHeaderWhenUndefinedCharacterInHeaderNameThenException.

@Test
public void getFirewalledRequestGetHeaderWhenUndefinedCharacterInHeaderNameThenException() {
    this.request.addHeader("Bad\uFFFEName", "some value");
    HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
    assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getHeader("Bad\uFFFEName"));
}

Example 25 with HttpServletRequest

use of jakarta.servlet.http.HttpServletRequest in project spring-security by spring-projects.

the class StrictHttpFirewallTests method getFirewalledRequestGetParameterValuesWhenNotAllowedInParameterNameThenException.

@Test
public void getFirewalledRequestGetParameterValuesWhenNotAllowedInParameterNameThenException() {
    this.firewall.setAllowedParameterNames((value) -> !value.equals("bad name"));
    this.request.addParameter("bad name", "good value");
    HttpServletRequest request = this.firewall.getFirewalledRequest(this.request);
    assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> request.getParameterValues("bad name"));
}