Consider the following servlet implementing a micro-blog entry public class AddMBlogEntry extends HttpServlet ( Public void doPost(HttpServletRequest
Fantastic news! We've Found the answer you've been seeking!
Question:
Consider the following servlet implementing a micro-blog entry
Transcribed Image Text:
public class AddMBlogEntry extends HttpServlet ( Public void doPost(HttpServletRequest req.. HttpServletResponse res) Throws ServletExceptoin, IOExceptoin ( // user must be logged in to tweet string userid-req.getSession ().getAttribute("userid"); if (userid=null) { Throw new NotLoggedInException ("User must be loggined"); } // insert tweet. MBlogService svc MBlogService.getInstance(): svc.AddEntry(userid, req.getParameter("tweet")); req.setAttribute("MSG", "Tweet submitted"); req.getRequestDispatcher("/accounts.jsp"). forward (req, resp); a. (10) Write code that performs a CSRF attack against this application. b. (20) Demonstrate how to protect the CSRF attack. Your answer should include the following elements: A new AddMBlogEntry class A portion of the html source for submitting micro-blog entry page which contains the protection against CSRF public class AddMBlogEntry extends HttpServlet ( Public void doPost(HttpServletRequest req.. HttpServletResponse res) Throws ServletExceptoin, IOExceptoin ( // user must be logged in to tweet string userid-req.getSession ().getAttribute("userid"); if (userid=null) { Throw new NotLoggedInException ("User must be loggined"); } // insert tweet. MBlogService svc MBlogService.getInstance(): svc.AddEntry(userid, req.getParameter("tweet")); req.setAttribute("MSG", "Tweet submitted"); req.getRequestDispatcher("/accounts.jsp"). forward (req, resp); a. (10) Write code that performs a CSRF attack against this application. b. (20) Demonstrate how to protect the CSRF attack. Your answer should include the following elements: A new AddMBlogEntry class A portion of the html source for submitting micro-blog entry page which contains the protection against CSRF
Expert Answer:
Answer rating: 100% (QA)
AddMBlogEntry class import javaioIOException import javaioNotActive Exception import javaxservletSer... View the full answer
Related Book For
Data Structures and Algorithms in Java
ISBN: 978-1118771334
6th edition
Authors: Michael T. Goodrich, Roberto Tamassia, Michael H. Goldwasser
Posted Date:
Students also viewed these accounting questions
-
Planning is one of the most important management functions in any business. A front office managers first step in planning should involve determine the departments goals. Planning also includes...
-
Consider the following two scenarios: Scenario I: Over the 20112015 period, Micro Systems, Inc., spends $10 million a year to develop patents on new computer hardware manufacturing technology. While...
-
Consider the micro scale apparatus shown in the figure on the next page. This apparatus is designed to deliver a small, steady stream of methanol (MeOH) vapor to a separate device that reforms the...
-
Each team member is to become an expert on one depreciation method to facilitate teammates' understanding of that method. Follow these procedures: a. Each team member is to select an area of...
-
Situation Amre Inc. capitalized its marketing costs, such as the cost of purchasing mailing lists, instead of treating the costs as expenses. Inspeech capitalized estimated selling, general, and...
-
How much more does $1,000 earn in eight years, compounded daily at 5%, than $1,000 over eight years at 5%, compounded semiannually?
-
Identify responsibility centers (Learning Objective 5) Is each of the following most likely a cost center, a revenue center, a profit center, or an investment center? a. Shipping department of...
-
Place an X in the appropriate columns for each of thesituations. Cash Flows Classification Noncash Effect on Cash Operating Investing Financing Trans- Data Ativity Actvty Activity Increase Decrease...
-
find the inverse function f^-1(x) of function f(x)=1+sqrt(2+3x)
-
1. Why did Tiffany become a takeover target? 2. Acquisitions are one tool to execute corporate strategy. Why did LVMH acquire Tiffany? In your answer, focus on product and geographic diversification....
-
Jasper Company has 62% of its sales on credit and 38% for cash. All credit sales are collected in full in the first month following sale. The company budgets sales of $534,000 for April, $544,000 for...
-
Please see a subset of sales figures for ABC Co. in the table below. Period Sales 1 12070 2 11571 3 11094 After running a regression to estimate the trend, you record a coefficient of 8164.70 on the...
-
How can cross-functional collaboration and knowledge sharing facilitate the dissemination of best practices and standardized processes, promoting a culture of excellence and continuous improvement...
-
Building Depreciation - Building has a 40 year life with a $10,000 residual value at end of 40 year Compute the depreciation for 1 year
-
Explain the concept of Marginal Costing & its practical application usages? Also share the major difference between Marginal Costing & Absorption Costing.
-
Solve for x if 7x2 + 14x = 0.
-
What resources are available to you in CareerCare to support career readiness??[Select all that apply.]
-
When the concentration of a strong acid is not substantially higher than 1.0 10-7 M, the ionization of water must be taken into account in the calculation of the solution's pH. (a) Derive an...
-
Redo the justification of Proposition 7.2 assuming that the the cost of growing the array from size k to size 2k is 3k cyber-dollars. How much should each push operation be charged to make the...
-
Give a simple adapter that implements the stack ADT while using an instance of a deque for storage.
-
An array A contains n integers taken from the interval [0,4n], with repetitions allowed. Describe an efficient algorithm for determining an integer value k that occurs the most often in A. What is...
-
During 20x6, Chester Corporation reported a net income of $1,529,500. On January 1, Chester had 1,400,000 shares of common stock outstanding. The company issued an additional 840,000 shares of common...
-
The stockholders equity section of Ruff Corporations balance sheet on December 31, 20x7, follows. Prepare a statement of stockholders equity for the year ended December 31, 20x8, assuming these...
-
On January 15, the board of directors of Picado International declared a 3-for-1 stock split of its $12 par value common stock, of which 1,600,000 shares were authorized and 400,000 were issued and...
Study smarter with the SolutionInn App