SYMBOL INDEX (208 symbols across 49 files) FILE: Ch04_OutputEscapingJSF/src/main/java/de/dominikschadow/webappsecurity/ContactController.java class ContactController (line 30) | @ManagedBean(name = "contact") method getFirstname (line 39) | public String getFirstname() { method setFirstname (line 43) | public void setFirstname(String firstname) { method getLastname (line 47) | public String getLastname() { method setLastname (line 51) | public void setLastname(String lastname) { FILE: Ch04_OutputEscapingJSP/src/main/java/de/dominikschadow/webappsecurity/OutputEscapingWebAppInitializer.java class OutputEscapingWebAppInitializer (line 26) | public class OutputEscapingWebAppInitializer extends AbstractAnnotationC... method getRootConfigClasses (line 27) | @Override method getServletConfigClasses (line 32) | @Override method getServletMappings (line 37) | @Override FILE: Ch04_OutputEscapingJSP/src/main/java/de/dominikschadow/webappsecurity/WebConfig.java class WebConfig (line 32) | @Configuration method viewResolver (line 36) | @Bean method configureDefaultServletHandling (line 45) | @Override FILE: Ch04_OutputEscapingJSP/src/main/java/de/dominikschadow/webappsecurity/controller/ContactController.java class ContactController (line 34) | @Controller method addContact (line 39) | @RequestMapping(value = "/addContact", method = RequestMethod.POST) FILE: Ch04_OutputEscapingJSP/src/main/java/de/dominikschadow/webappsecurity/controller/IndexController.java class IndexController (line 30) | @Controller method index (line 33) | @RequestMapping(method = GET) FILE: Ch04_OutputEscapingJSP/src/main/java/de/dominikschadow/webappsecurity/domain/Contact.java class Contact (line 24) | public class Contact { method getFirstname (line 28) | public String getFirstname() { method setFirstname (line 32) | public void setFirstname(String firstname) { method getLastname (line 36) | public String getLastname() { method setLastname (line 40) | public void setLastname(String lastname) { FILE: Ch04_OutputEscapingJSP/src/test/java/de/dominikschadow/webappsecurity/controller/ContactControllerTest.java class ContactControllerTest (line 31) | public class ContactControllerTest { method testContactPage (line 32) | @Test FILE: Ch04_OutputEscapingJSP/src/test/java/de/dominikschadow/webappsecurity/controller/IndexControllerTest.java class IndexControllerTest (line 31) | public class IndexControllerTest { method testIndexPage (line 32) | @Test FILE: Ch05_AccessReferenceMaps/src/main/java/de/dominikschadow/webappsecurity/AccountController.java class AccountController (line 34) | @ManagedBean(name = "account") method getAccountId (line 43) | public int getAccountId() { method setAccountId (line 47) | public void setAccountId(int accountId) { method getUserId (line 51) | public int getUserId() { method getAccount (line 55) | public Account getAccount() { method getAccountReferences (line 59) | public List getAccountReferences() { method AccountController (line 63) | public AccountController() { method show (line 69) | public String show() { FILE: Ch05_AccessReferenceMaps/src/main/java/de/dominikschadow/webappsecurity/AccountIntegerController.java class AccountIntegerController (line 35) | @ManagedBean(name = "accountInteger") method getIaAccountId (line 43) | public int getIaAccountId() { method setIaAccountId (line 47) | public void setIaAccountId(int iaAccountId) { method getUserId (line 51) | public int getUserId() { method getAccount (line 55) | public Account getAccount() { method getAccountReferences (line 59) | public List getAccountReferences() { method AccountIntegerController (line 63) | public AccountIntegerController() { method show (line 71) | public String show() { FILE: Ch05_AccessReferenceMaps/src/main/java/de/dominikschadow/webappsecurity/AccountRandomController.java class AccountRandomController (line 35) | @ManagedBean(name = "accountRandom") method getRaAccountId (line 43) | public String getRaAccountId() { method setRaAccountId (line 47) | public void setRaAccountId(String raAccountId) { method getUserId (line 51) | public int getUserId() { method getAccount (line 55) | public Account getAccount() { method getAccountReferences (line 59) | public List getAccountReferences() { method AccountRandomController (line 63) | public AccountRandomController() { method show (line 71) | public String show() { FILE: Ch05_AccessReferenceMaps/src/main/java/de/dominikschadow/webappsecurity/AccountsDAO.java class AccountsDAO (line 38) | public class AccountsDAO { method getAccountsForUser (line 41) | public List getAccountsForUser(int userId) { method loadAccount (line 45) | public Account loadAccount(int id) { method queryAccount (line 49) | private Account queryAccount(int id) { method queryAccounts (line 62) | private List queryAccounts(int userId) { FILE: Ch05_AccessReferenceMaps/src/main/java/de/dominikschadow/webappsecurity/AccountsIntegerDAO.java class AccountsIntegerDAO (line 38) | public class AccountsIntegerDAO { method retrieveAccount (line 42) | public Account retrieveAccount(int accountId) { method loadAccountsForUser (line 54) | public List loadAccountsForUser(User user) { method queryAccounts (line 58) | private List queryAccounts(User user) { FILE: Ch05_AccessReferenceMaps/src/main/java/de/dominikschadow/webappsecurity/AccountsRandomDAO.java class AccountsRandomDAO (line 38) | public class AccountsRandomDAO { method retrieveAccount (line 42) | public Account retrieveAccount(String accountReference) { method loadAccountsForUser (line 52) | public List loadAccountsForUser(User user) { method queryAccounts (line 56) | private List queryAccounts(User user) { FILE: Ch05_AccessReferenceMaps/src/main/java/de/dominikschadow/webappsecurity/HibernateUtil.java class HibernateUtil (line 32) | public class HibernateUtil { method HibernateUtil (line 38) | private HibernateUtil() { method getSessionFactory (line 41) | public static SessionFactory getSessionFactory() { method queryUserAccounts (line 49) | public static List queryUserAccounts(User user) { FILE: Ch05_AccessReferenceMaps/src/main/java/de/dominikschadow/webappsecurity/domain/Account.java class Account (line 29) | @Entity method getAccountId (line 37) | public int getAccountId() { method setAccountId (line 41) | public void setAccountId(int accountId) { method getName (line 45) | public String getName() { method setName (line 49) | public void setName(String name) { method getType (line 53) | public String getType() { method setType (line 57) | public void setType(String type) { method getOwnerId (line 61) | public int getOwnerId() { method setOwnerId (line 65) | public void setOwnerId(int ownerId) { FILE: Ch05_AccessReferenceMaps/src/main/java/de/dominikschadow/webappsecurity/domain/User.java class User (line 29) | @Entity method getUserId (line 35) | public int getUserId() { method setUserId (line 39) | public void setUserId(int userId) { method getName (line 43) | public String getName() { method setName (line 47) | public void setName(String name) { FILE: Ch05_HSTS/src/main/java/de/dominikschadow/webappsecurity/filter/HSTSFilter.java class HSTSFilter (line 32) | public class HSTSFilter implements Filter { method init (line 35) | @Override method doFilter (line 40) | @Override method destroy (line 48) | @Override FILE: Ch05_HSTS/src/main/java/de/dominikschadow/webappsecurity/servlets/LoginServlet.java class LoginServlet (line 37) | @WebServlet(name = "LoginServlet", urlPatterns = {"/LoginServlet"}) method doPost (line 43) | @Override FILE: Ch05_SessionFixation/src/main/java/de/dominikschadow/webappsecurity/servlets/LoginServlet.java class LoginServlet (line 37) | @WebServlet(name = "LoginServlet", urlPatterns = {"/LoginServlet"}) method doPost (line 43) | @Override FILE: Ch06_SQLInjection/src/main/java/de/dominikschadow/webappsecurity/domain/Customer.java class Customer (line 25) | @Entity method getCustId (line 37) | public int getCustId() { method setCustId (line 41) | public void setCustId(int custId) { method getName (line 45) | public String getName() { method setName (line 49) | public void setName(String name) { method getStatus (line 53) | public String getStatus() { method setStatus (line 57) | public void setStatus(String status) { method getOrderLimit (line 61) | public int getOrderLimit() { method setOrderLimit (line 65) | public void setOrderLimit(int orderLimit) { method getHint (line 69) | public String getHint() { method setHint (line 73) | public void setHint(String hint) { method toString (line 77) | @Override FILE: Ch06_SQLInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/CustomerTable.java class CustomerTable (line 20) | public class CustomerTable { method extractCustomers (line 23) | public static List extractCustomers(ResultSet rs) throws SQL... method writeCustomers (line 39) | public static void writeCustomers(HttpServletResponse response, String... FILE: Ch06_SQLInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/HQLServlet.java class HQLServlet (line 40) | @WebServlet(name = "HQLServlet", urlPatterns = {"/HQLServlet"}) method doPost (line 44) | @Override FILE: Ch06_SQLInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/HibernateUtil.java class HibernateUtil (line 26) | public class HibernateUtil { method HibernateUtil (line 32) | private HibernateUtil() { method getSessionFactory (line 35) | public static SessionFactory getSessionFactory() { FILE: Ch06_SQLInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/InitDbServlet.java class InitDbServlet (line 15) | @WebServlet(name = "InitDbServlet", urlPatterns = {"/"}) method init (line 17) | @Override FILE: Ch06_SQLInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/PreparedStatementServlet.java class PreparedStatementServlet (line 38) | @WebServlet(name = "PreparedStatementServlet", urlPatterns = {"/Prepared... method doPost (line 42) | @Override FILE: Ch06_SQLInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/StatementEscapingServlet.java class StatementEscapingServlet (line 40) | @WebServlet(name = "StatementEscapingServlet", urlPatterns = {"/Statemen... method doPost (line 44) | @Override FILE: Ch06_SQLInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/StatementServlet.java class StatementServlet (line 38) | @WebServlet(name = "StatementServlet", urlPatterns = {"/StatementServlet"}) method doPost (line 42) | @Override FILE: Ch06_XPathInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/XPathEscapingServlet.java class XPathEscapingServlet (line 50) | @WebServlet(name = "XPathEscapingServlet", urlPatterns = {"/XPathEscapin... method init (line 55) | @Override method doPost (line 66) | @Override method printOrderLimit (line 85) | private void printOrderLimit(String xpath, String name, HttpServletRes... FILE: Ch06_XPathInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/XPathServlet.java class XPathServlet (line 49) | @WebServlet(name = "XPathServlet", urlPatterns = {"/XPathServlet"}) method init (line 54) | @Override method doPost (line 65) | @Override method printOrderLimit (line 80) | private void printOrderLimit(String xpath, String name, HttpServletRes... FILE: Ch07_CSP/src/main/java/de/dominikschadow/webappsecurity/CSPReporting.java class CSPReporting (line 38) | @WebServlet(name = "CSPReporting", urlPatterns = {"/CSPReporting"}) method doPost (line 44) | @Override FILE: Ch07_CSP/src/main/java/de/dominikschadow/webappsecurity/WithCSPReportingServlet.java class WithCSPReportingServlet (line 37) | @WebServlet(name = "WithCSPReportingServlet", urlPatterns = {"/WithCSPRe... method doPost (line 43) | @Override FILE: Ch07_CSP/src/main/java/de/dominikschadow/webappsecurity/WithCSPServlet.java class WithCSPServlet (line 38) | @WebServlet(name = "WithCSPServlet", urlPatterns = {"/WithCSPServlet"}) method doPost (line 44) | @Override FILE: Ch07_CSP/src/main/java/de/dominikschadow/webappsecurity/WithoutCSPServlet.java class WithoutCSPServlet (line 36) | @WebServlet(name = "WithoutCSPServlet", urlPatterns = {"/WithoutCSPServl... method doPost (line 42) | @Override FILE: Ch07_XSS/src/main/java/de/dominikschadow/webappsecurity/beans/CustomerController.java class CustomerController (line 31) | @ManagedBean(name = "customer") method CustomerController (line 37) | public CustomerController() { method getCustomer (line 42) | public Customer getCustomer() { method setCustomer (line 46) | public void setCustomer(Customer customer) { method getCustomers (line 50) | public List getCustomers() { method save (line 54) | public String save() { FILE: Ch07_XSS/src/main/java/de/dominikschadow/webappsecurity/beans/SearchController.java class SearchController (line 36) | @ManagedBean(name = "search") method SearchController (line 43) | public SearchController() { method getCustomerName (line 47) | public String getCustomerName() { method setCustomerName (line 51) | public void setCustomerName(String customerName) { method getCustomers (line 55) | public List getCustomers() { method search (line 59) | public String search() { FILE: Ch07_XSS/src/main/java/de/dominikschadow/webappsecurity/daos/CustomerDAO.java class CustomerDAO (line 41) | public class CustomerDAO { method getAllCustomers (line 44) | public List getAllCustomers() { method createCustomer (line 59) | public void createCustomer(Customer customer) { method findCustomers (line 69) | public List findCustomers(Customer customer) { FILE: Ch07_XSS/src/main/java/de/dominikschadow/webappsecurity/daos/HibernateUtil.java class HibernateUtil (line 26) | public class HibernateUtil { method HibernateUtil (line 32) | private HibernateUtil() { method getSessionFactory (line 35) | public static SessionFactory getSessionFactory() { FILE: Ch07_XSS/src/main/java/de/dominikschadow/webappsecurity/domain/Customer.java class Customer (line 25) | @Entity method getCustId (line 37) | public int getCustId() { method setCustId (line 41) | public void setCustId(int custId) { method getName (line 45) | public String getName() { method setName (line 49) | public void setName(String name) { method getStatus (line 53) | public String getStatus() { method setStatus (line 57) | public void setStatus(String status) { method getOrderLimit (line 61) | public int getOrderLimit() { method setOrderLimit (line 65) | public void setOrderLimit(int orderLimit) { method getHint (line 69) | public String getHint() { method setHint (line 73) | public void setHint(String hint) { method toString (line 77) | @Override FILE: Ch07_XSSFilter/src/main/java/de/dominikschadow/webappsecurity/filter/BlacklistFilter.java class BlacklistFilter (line 31) | public class BlacklistFilter implements Filter { method doFilter (line 32) | @Override method init (line 38) | @Override method destroy (line 42) | @Override FILE: Ch07_XSSFilter/src/main/java/de/dominikschadow/webappsecurity/filter/BlacklistRequestWrapper.java class BlacklistRequestWrapper (line 33) | public class BlacklistRequestWrapper extends HttpServletRequestWrapper { method BlacklistRequestWrapper (line 34) | public BlacklistRequestWrapper(HttpServletRequest servletRequest) { method getParameterValues (line 38) | @Override method getParameter (line 55) | @Override method getHeader (line 62) | @Override method stripXSS (line 69) | private static String stripXSS(String value) { FILE: Ch07_XSSFilter/src/main/java/de/dominikschadow/webappsecurity/filter/ESAPIFilter.java class ESAPIFilter (line 31) | public class ESAPIFilter implements Filter { method doFilter (line 32) | @Override method init (line 38) | @Override method destroy (line 42) | @Override FILE: Ch07_XSSFilter/src/main/java/de/dominikschadow/webappsecurity/filter/ESAPIRequestWrapper.java class ESAPIRequestWrapper (line 30) | public class ESAPIRequestWrapper extends HttpServletRequestWrapper { method ESAPIRequestWrapper (line 31) | public ESAPIRequestWrapper(HttpServletRequest servletRequest) { method getParameterValues (line 35) | @Override method getParameter (line 53) | @Override method getHeader (line 60) | @Override method escapeHTML (line 67) | private String escapeHTML(String value) { FILE: Ch07_XSSJSF/src/main/java/de/dominikschadow/webappsecurity/MaximumController.java class MaximumController (line 33) | @ManagedBean(name = "maximum") method getMaximumMap (line 42) | public Map getMaximumMap() { method getMaximumArray (line 46) | public Status[] getMaximumArray() { method getInput (line 50) | public String getInput() { method setInput (line 54) | public void setInput(String input) { FILE: Ch07_XSSJSF/src/main/java/de/dominikschadow/webappsecurity/StandardController.java class StandardController (line 33) | @ManagedBean(name = "standard") method getStandardMap (line 44) | public Map getStandardMap() { method getStandardArray (line 48) | public Status[] getStandardArray() { method getInput (line 52) | public String getInput() { method setInput (line 56) | public void setInput(String input) { FILE: Ch07_XSSJSF/src/main/java/de/dominikschadow/webappsecurity/Status.java class Status (line 28) | public class Status implements Serializable { method Status (line 34) | public Status(String text) { method getLabel (line 39) | public String getLabel() { method getValue (line 43) | public String getValue() { FILE: Ch08_CSRF/src/main/java/de/dominikschadow/webappsecurity/servlets/ProtectedServlet.java class ProtectedServlet (line 42) | @WebServlet(name = "ProtectedServlet", urlPatterns = {"/ProtectedServlet"}) method doGet (line 48) | @Override method doPost (line 95) | @Override FILE: Ch08_CSRF/src/main/java/de/dominikschadow/webappsecurity/servlets/UnprotectedServlet.java class UnprotectedServlet (line 37) | @WebServlet(name = "UnprotectedServlet", urlPatterns = {"/UnprotectedSer... method doGet (line 43) | @Override method doPost (line 69) | @Override FILE: Ch08_CSRF/src/main/java/de/dominikschadow/webappsecurity/token/CSRFTokenHandler.java class CSRFTokenHandler (line 36) | public final class CSRFTokenHandler { method CSRFTokenHandler (line 43) | private CSRFTokenHandler() { method getToken (line 46) | private static String getToken() throws NoSuchAlgorithmException, NoSu... method getToken (line 52) | public static String getToken(HttpSession session) throws ServletExcep... method isValid (line 68) | public static boolean isValid(HttpServletRequest request) throws Servl...