checkmarx fails for the request.getHeader()

69 Views Asked by Swathi At 07 February 2024 at 09:39

When I generate the report checkmarx is always showing SSRF error for request.getHeader() , I altered the code but still checkmarx doesn't pass this condition:

String name_header = request.getHeader("name");
if (name_header.matches("(?=.*[a-zA-Z])(?=.*\\d)(?=.*[!@#*+_(%?/{}\\[\\].,;:-]).*")) {
    LOG.error(" Please validate the name ");
    throw new Exception();
} else {
    headers.set(name, request.getHeader(name_header));
}

and I also tried:

String nameHeader = request.getHeader(name).toLowerCase(Locale.ENGLISH);
if (nameHeaderList.contains(nameHeader)) {
    headers.set(NAME, nameHeader);
} else {
    LOG.error("Please pass valid name");
}

none of the solutions I am trying is working. Any help would be appreciated.

Original Q&A

checkmarx fails for the request.getHeader()

There are 0 best solutions below

Related Questions in JAVA

Related Questions in SPRING-BOOT

Related Questions in CHECKMARX

Trending Questions

Popular # Hahtags

Popular Questions