IDEMPIERE-4495 github code scanning alerts (#305)
* IDEMPIERE-4495 github code scanning alerts Failure to use secure cookies * Query built without neutralizing special characters
This commit is contained in:
Carlos Ruiz
GitHub
parent
c0867c01ee
commit
9075b6d84b
|
|
@ -450,7 +450,7 @@ public final class WebUtil
|
|||
{
|
||||
Cookie cookie = new Cookie (WebEnv.COOKIE_INFO, propertiesEncode(cookieProperties));
|
||||
cookie.setComment("(c) iDempiere, Inc - Jorg Janke");
|
||||
cookie.setSecure(false);
|
||||
cookie.setSecure(true);
|
||||
cookie.setPath("/");
|
||||
if (cookieProperties.size() == 0)
|
||||
cookie.setMaxAge(0); // delete cookie
|
||||
|
|
|
|||
|
|
@ -992,7 +992,6 @@ public class DB_Oracle implements AdempiereDatabase
|
|||
Text1 NVARCHAR2(2000) NULL,
|
||||
Text2 VARCHAR2(2000) NULL
|
||||
);
|
||||
**/
|
||||
try
|
||||
{
|
||||
String myString1 = "123456789 12345678";
|
||||
|
|
@ -1007,13 +1006,13 @@ public class DB_Oracle implements AdempiereDatabase
|
|||
System.out.println(Util.size(myString.toString()));
|
||||
//
|
||||
Connection conn2 = db.getCachedConnection(cc, true, Connection.TRANSACTION_READ_COMMITTED);
|
||||
/** **/
|
||||
//
|
||||
PreparedStatement pstmt = conn2.prepareStatement
|
||||
("INSERT INTO X_Test(Text1, Text2) values(?,?)");
|
||||
pstmt.setString(1, myString.toString()); // NVARCHAR2 column
|
||||
pstmt.setString(2, myString.toString()); // VARCHAR2 column
|
||||
System.out.println(pstmt.executeUpdate());
|
||||
/** **/
|
||||
//
|
||||
Statement stmt = conn2.createStatement();
|
||||
System.out.println(stmt.executeUpdate
|
||||
("INSERT INTO X_Test(Text1, Text2) values('" + myString + "','" + myString + "')"));
|
||||
|
|
@ -1024,6 +1023,7 @@ public class DB_Oracle implements AdempiereDatabase
|
|||
}
|
||||
db.cleanup();
|
||||
System.out.println("--------------------------------------------------");
|
||||
**/
|
||||
System.exit(0);
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue