-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #12 from harekrishnarai/CVE-2020-13935
- Loading branch information
Showing
23 changed files
with
110 additions
and
84 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,4 +2,5 @@ node_modules/ | |
.env | ||
npm-debug.log | ||
yarn-error.log | ||
test.md | ||
test.md | ||
backend/target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
37 changes: 37 additions & 0 deletions
37
backend/src/main/java/com/acme/foo/ChatMessageHandler.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
package com.acme.foo; | ||
|
||
import java.util.ArrayList; | ||
import java.util.Collections; | ||
import java.util.List; | ||
|
||
import org.springframework.web.socket.CloseStatus; | ||
import org.springframework.web.socket.WebSocketMessage; | ||
import org.springframework.web.socket.WebSocketSession; | ||
import org.springframework.web.socket.handler.TextWebSocketHandler; | ||
|
||
public class ChatMessageHandler extends TextWebSocketHandler { | ||
|
||
List<WebSocketSession> webSocketSessions = Collections.synchronizedList(new ArrayList<>()); | ||
|
||
@Override | ||
public void afterConnectionEstablished(WebSocketSession session) throws Exception { | ||
System.out.println("Connection established"); | ||
super.afterConnectionEstablished(session); | ||
webSocketSessions.add(session); | ||
} | ||
|
||
@Override | ||
public void afterConnectionClosed(WebSocketSession session, CloseStatus status) throws Exception { | ||
super.afterConnectionClosed(session, status); | ||
webSocketSessions.remove(session); | ||
} | ||
|
||
@Override | ||
public void handleMessage(WebSocketSession session, WebSocketMessage<?> message) throws Exception { | ||
System.out.println("Received " + message); | ||
super.handleMessage(session, message); | ||
for (WebSocketSession webSocketSession : webSocketSessions) { | ||
webSocketSession.sendMessage(message); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Binary file not shown.
Binary file not shown.
Binary file not shown.
This file was deleted.
Oops, something went wrong.
3 changes: 0 additions & 3 deletions
3
backend/target/maven-status/maven-compiler-plugin/compile/default-compile/createdFiles.lst
This file was deleted.
Oops, something went wrong.
3 changes: 0 additions & 3 deletions
3
backend/target/maven-status/maven-compiler-plugin/compile/default-compile/inputFiles.lst
This file was deleted.
Oops, something went wrong.
4 changes: 0 additions & 4 deletions
4
...arget/maven-status/maven-compiler-plugin/testCompile/default-testCompile/createdFiles.lst
This file was deleted.
Oops, something went wrong.
3 changes: 0 additions & 3 deletions
3
.../target/maven-status/maven-compiler-plugin/testCompile/default-testCompile/inputFiles.lst
This file was deleted.
Oops, something went wrong.
Binary file not shown.
Binary file not shown.
60 changes: 0 additions & 60 deletions
60
backend/target/surefire-reports/TEST-com.acme.backdoor.BackdoorTest.xml
This file was deleted.
Oops, something went wrong.
4 changes: 0 additions & 4 deletions
4
backend/target/surefire-reports/com.acme.backdoor.BackdoorTest.txt
This file was deleted.
Oops, something went wrong.
Binary file not shown.
Binary file not shown.
Binary file removed
BIN
-3.18 KB
backend/target/test-classes/com/acme/jndi/LDAPRefServer$OperationInterceptor.class
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
<!doctype html> | ||
<html lang="en"> | ||
<head> | ||
<meta charset="UTF-8"> | ||
<meta name="viewport" | ||
content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"> | ||
<meta http-equiv="X-UA-Compatible" content="ie=edge"> | ||
<title>Document</title> | ||
<script type="application/javascript"> | ||
let ws; | ||
|
||
function connect() { | ||
ws = new WebSocket("ws://localhost:8080/chat-websocket"); | ||
ws.onmessage = function (e) { | ||
printMessage(e.data); | ||
} | ||
ws.onerror = function (e) { | ||
printMessage(e); | ||
} | ||
document.getElementById("connectButton").disabled = true; | ||
document.getElementById("connectButton").value = "Connected"; | ||
document.getElementById("name").disabled = true; | ||
} | ||
|
||
function printMessage(data) { | ||
let messages = document.getElementById("messages"); | ||
let messageData = JSON.parse(data); | ||
let newMessage = document.createElement("div"); | ||
newMessage.innerHTML = messageData.name + " : " + messageData.message; | ||
messages.appendChild(newMessage); | ||
} | ||
|
||
function sendToGroupChat() { | ||
let messageText = document.getElementById("message").value; | ||
document.getElementById("message").value=""; | ||
let name = document.getElementById("name").value; | ||
let messageObject = { | ||
name: name, | ||
message: messageText | ||
} | ||
ws.send(JSON.stringify(messageObject)) | ||
} | ||
</script> | ||
</head> | ||
<body> | ||
<input type="text" id="name"><input id="connectButton" type="button" value="Connect" onclick="connect()"> | ||
<div id="messages"></div> | ||
<input type="text" id="message"> | ||
<input type="button" value="send" onclick="sendToGroupChat()"> | ||
</body> | ||
</html> |