我们的客户使用Veracode的扫描工具扫描ASP.NET应用程序。除了下面的内容,我们已经解决了许多缺陷。ASP.NET Veracode的扫描问题
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')
(CWE ID 113)(1 flaw) in the line
HttpContext.Current.Response.AddHeader("Content-Disposition", contentDisposition);
这是相应的代码:
public static void DownloadFile(string fileName, byte[] dByteData, bool isNoOpen = false)
{
byte[] fileContents = new byte[] { };
string contentDisposition = string.Empty;
fileContents = dByteData;
if (string.IsNullOrWhiteSpace(fileName))
{
return;
}
fileName = fileName.Replace("\n", "").Replace("\r", "");
string contentType = "application/*.".Replace("\n", "").Replace("\r", "");
contentDisposition = "attachment; filename=\"" + HttpContext.Current.Server.UrlPathEncode(fileName) + "\"";//While Downloading file - file name comes with junk characters
contentDisposition= contentDisposition.Replace("\n", "").Replace("\r", "");
HttpContext.Current.Response.Buffer = true;
HttpContext.Current.Response.Clear();
HttpContext.Current.Response.ClearContent();
HttpContext.Current.Response.ClearHeaders();
HttpContext.Current.Response.Charset = "";
HttpContext.Current.Response.ContentType = contentType;
if (isNoOpen)
{
HttpContext.Current.Response.AddHeader("X-Download-Options", "noopen");
}
HttpContext.Current.Response.AddHeader("Content-Disposition", contentDisposition);
HttpContext.Current.Response.AddHeader("Content-Length", fileContents.Length.ToString());
HttpContext.Current.Response.BinaryWrite(fileContents.ToArray());
HttpContext.Current.Response.End();
HttpContext.Current.Response.Flush();
HttpContext.Current.ApplicationInstance.CompleteRequest();
}
文件名或路径(CWE ID 73)的外部控制
if (File.Exists(filePath))
{
File.Delete(filePath);
}
它显示错误在File.Delete
线。我们试图消毒文件路径,也用于Path.GetFullpath
但徒劳而已。