Semgrep-NA-Workshop · r2c-david · Nov 16, 2023 · semgrep-na-workshop · Nov 16, 2023 · semgrep-na-workshop
diff --git a/r2c-david.java b/r2c-david.java
@@ -0,0 +1,10 @@
+
+public class TestLog3 {
+  private final static Logger log = Logger.getLogger(Logger.GLOBAL_LOGGER_NAME);
+
+  protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+      // ruleid: crlf-injection-logs-deepsemgrep-sanitizer
+      log.info("foo"+request.getParameter("param"));
-      log.info("foo"+request.getParameter("param"));
+      log.info("foo" + Jsoup.clean(request.getParameter("param"), Whitelist.none()));
-      log.info("foo"+request.getParameter("param"));
+      log.info("foo" + Jsoup.clean(request.getParameter("param"), Whitelist.none()));
+      response.getWriter().append("Served at: ").append(request.getContextPath());
+  }
+}