PatchWork AutoFix

[CTY-git]

This pull request from patched fixes 4 issues.

---

• File changed: src/main/java/io/shiftleft/tarpit/FileUploader.java
  Fixing potential Path Traversal and XSS vulnerabilities

  Replace direct user input with sanitized filenames and escape HTML views to prevent XSS attacks.

• File changed: src/main/java/io/shiftleft/tarpit/OrderProcessor.java
  Fix potential XSS vulnerability via PrintWriter outputs

  The diff modifies the usage of PrintWriter to output data. Instead of being fed directly to 'out.println', the content passing through the PrintWriter is now first encoded with HTML entities to prevent potential XSS vulnerabilities.

• File changed: src/main/java/io/shiftleft/tarpit/OrderStatus.java
  Fixed potential security vulnerabilities related to SQL injection, Logging, HttpOnly and Secure cookies

  - SQL Query, now uses PreparedStatement to avoid concatenating with user input to prevent SQL injection.

  • LOGGER, now escapes user input to prevent log forgery.
  • Both 'HttpOnly' and 'Secure' flags set to true for cookies to avoid cross-site scripting attacks and transmitting the cookie over insecure channels respectively.

• File changed: src/main/java/io/shiftleft/tarpit/ServletTarPit.java
  Multiple security vulnerabilities fixed ranging from code injection and credit card info encryption to cookie secure properties setting.

  The changes involve fixing several potential vulnerabilities such as:

  • Removed the use of ScriptEngine as it could allow for code injection.
  • Removed hardcoded AWS Access Keys and changed the mechanism to load from environment variables.
  • Replaced depcreated DES cipher with the more secure AES cipher for encrypting credit card information.
  • Changed SQL statement to use prepared statement to prevent potential SQL Injection attacks.
  • Added 'HttpOnly' and 'Secure' property to the login cookie to prevent client-side scripts from accessing the cookie and make sure it is only sent over secure HTTPS.