apply spotless again

SasanLabs · Aug 19, 2024 · 262afac · 262afac
1 parent 4812d61
commit 262afac
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 26 deletions.
diff --git a/src/main/java/org/sasanlabs/service/vulnerability/jwt/JWTVulnerability.java b/src/main/java/org/sasanlabs/service/vulnerability/jwt/JWTVulnerability.java
@@ -11,6 +11,7 @@
 import java.util.List;
 import java.util.Map;
 import java.util.Optional;
+import javax.servlet.http.HttpServletRequest;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.sasanlabs.internal.utility.LevelConstants;
@@ -32,8 +33,6 @@
 import org.springframework.util.MultiValueMap;
 import org.springframework.web.bind.annotation.RequestParam;
 
-import javax.servlet.http.HttpServletRequest;
-
 /**
  * JWT client and server side implementation issues and remediations. Server side issues like: 1.
  * Weak HMAC key 2. none algorithm attack 3. Weak Hash algorithm 4. tweak Algorithm and Key.
@@ -667,25 +666,19 @@ private ResponseEntity<GenericVulnerabilityResponseBean<String>> getJWTResponseB
 
     @AttackVector(
             vulnerabilityExposed = VulnerabilityType.HEADER_INJECTION,
-            description = "HEADER_INJECTION_VULNERABILITY_EXAMPLE"
-    )
+            description = "HEADER_INJECTION_VULNERABILITY_EXAMPLE")
     @VulnerableAppRequestMapping(
             value = LevelConstants.LEVEL_13,
-            htmlTemplate = "LEVEL_13/HeaderInjection_Level13"
-    )
-    public ResponseEntity<GenericVulnerabilityResponseBean<String>> getHeaderInjectionVulnerability(HttpServletRequest request) {
+            htmlTemplate = "LEVEL_13/HeaderInjection_Level13")
+    public ResponseEntity<GenericVulnerabilityResponseBean<String>> getHeaderInjectionVulnerability(
+            HttpServletRequest request) {
         String headerValue = request.getHeader("User-Defined-Header");
         if (headerValue != null && headerValue.contains("malicious")) {
             return new ResponseEntity<>(
                     new GenericVulnerabilityResponseBean<>("Vulnerability exploited!", false),
-                    HttpStatus.OK
-            );
+                    HttpStatus.OK);
         }
         return new ResponseEntity<>(
-                new GenericVulnerabilityResponseBean<>("Safe header", true),
-                HttpStatus.OK
-        );
+                new GenericVulnerabilityResponseBean<>("Safe header", true), HttpStatus.OK);
     }
-
-
 }
diff --git a/src/main/resources/static/templates/JWTVulnerability/LEVEL_13/HeaderInjection_Level13.js b/src/main/resources/static/templates/JWTVulnerability/LEVEL_13/HeaderInjection_Level13.js
@@ -1,18 +1,23 @@
 function addEventListenerToSendHeaderButton() {
-    document.getElementById("sendHeader").addEventListener("click", function() {
-        const headerName = document.getElementById("headerName").value;
-        const headerValue = document.getElementById("headerValue").value;
+  document.getElementById("sendHeader").addEventListener("click", function () {
+    const headerName = document.getElementById("headerName").value;
+    const headerValue = document.getElementById("headerValue").value;
 
-        let url = getUrlForVulnerabilityLevel();
+    let url = getUrlForVulnerabilityLevel();
 
-        doGetAjaxCall(function(data) {
-            document.getElementById("headerResponse").innerHTML = data.isValid ?
-                "Header Injection was successful!" :
-                "Header Injection failed. Please try again.";
-        }, url, true, {
-            [headerName]: headerValue
-        });
-    });
+    doGetAjaxCall(
+      function (data) {
+        document.getElementById("headerResponse").innerHTML = data.isValid
+          ? "Header Injection was successful!"
+          : "Header Injection failed. Please try again.";
+      },
+      url,
+      true,
+      {
+        [headerName]: headerValue,
+      }
+    );
+  });
 }
 
 addEventListenerToSendHeaderButton();