[Extension Create]: Undertow

[felickz]

Target Language

java

Data Extension Name (Optional)

undertow.model.yml

Data Extension Type

sourceModel, sinkModel

Data Extension Description

Undertow is an HTTP library for java

Code Examples

/*
 * This Java source file was generated by the Gradle 'init' task.
 */
package org.example;

import io.undertow.Undertow;
import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
import io.undertow.util.Headers;
import java.util.Deque;
import javax.crypto.Cipher;

public class App {
    public String getGreeting() {
        return "Hello World!";
    }

    public static void main(String[] args) {
        System.out.println(new App().getGreeting());
        try {
            Runtime.getRuntime().exec("ls");
            Cipher rsanopad = Cipher.getInstance("RSA/ECB/NoPadding");
        } catch (Exception e) {
            System.out.println(e.getMessage());
        }

        Undertow server = Undertow.builder()
                .addHttpListener(8080, "localhost")
                .setHandler(new HttpHandler() {
                    @Override
                    public void handleRequest(final HttpServerExchange exchange) throws Exception {
                        String name = "world";
                        Deque<String> res = exchange.getQueryParameters().get("namex"); //source
                        if (res != null) {
                            name = res.getFirst();
                        }
                        exchange.getResponseHeaders().put(Headers.CONTENT_TYPE, "text/html");
                        exchange.getResponseSender().send("<html><body>Hello " + name + "</body<</html>"); // sink: XSS
                    }
                }).build();
        server.start();
    }
}

References (Optional)

https://github.com/undertow-io/undertow

Code of Conduct

• I agree to follow this project's Code of Conduct