How to resolve HTTP Parameter Pollution warning?

1.6k Views Asked by Mansi Babbar At 07 April 2025 at 00:34

While checking for findSpecBugs warnings in my scala based application, I encountered:

HTTP Parameter Pollution warning with the message: Concatenating unvalidated user input into a URL can allow an attacker to override the value of a request parameter.

This issue is arising when I am concatenating a URL with a value fetched from the database. Any idea how can I sanitize or validate that value, or is there any other way to resolve this issue?

Original Q&A

There are 1 best solutions below

himanshuIIITian On 19 June 2020 at 08:35 BEST ANSWER

You should use URIBuilder and set the setParameter(<param>, <value>). Like the following:

val builder = new URIBuilder(<url>)
    builder.setParameter("pparam1", "value1").setParameter("param2", "value2")
val request = new HttpGet(builder.build())

I hope this answers your question.

How to resolve HTTP Parameter Pollution warning?

There are 1 best solutions below

Related Questions in SCALA

Related Questions in FIND-SEC-BUGS

Trending Questions

Popular # Hahtags

Popular Questions