Skip to content

Commit bf62142

Browse files
dschadowdschadow
committed
Refactoring
1 parent c74abd9 commit bf62142

File tree

2 files changed

+16
-33
lines changed

2 files changed

+16
-33
lines changed

Ch06_XPathInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/XPathEscapingServlet.java

Lines changed: 5 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,6 @@
2525
import org.xml.sax.SAXException;
2626

2727
import javax.annotation.PostConstruct;
28-
import javax.servlet.ServletException;
2928
import javax.servlet.annotation.WebServlet;
3029
import javax.servlet.http.HttpServlet;
3130
import javax.servlet.http.HttpServletRequest;
@@ -37,8 +36,8 @@
3736
import javax.xml.xpath.XPathExpression;
3837
import javax.xml.xpath.XPathExpressionException;
3938
import javax.xml.xpath.XPathFactory;
40-
import java.io.File;
4139
import java.io.IOException;
40+
import java.io.InputStream;
4241
import java.io.PrintWriter;
4342

4443
/**
@@ -52,24 +51,22 @@
5251
@WebServlet(name = "XPathEscapingServlet", urlPatterns = {"/XPathEscapingServlet"})
5352
public class XPathEscapingServlet extends HttpServlet {
5453
private static final Logger LOGGER = LoggerFactory.getLogger(XPathEscapingServlet.class);
55-
private static final long serialVersionUID = 1L;
56-
private Document doc;
54+
private static Document doc;
5755

5856
@PostConstruct
5957
@Override
6058
public void init() {
61-
try {
62-
File xmlFile = new File("src/main/resources/customer.xml");
59+
try (InputStream inputStream = getClass().getClassLoader().getResourceAsStream("/customer.xml");) {
6360
DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
6461
DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();
65-
doc = dBuilder.parse(xmlFile);
62+
doc = dBuilder.parse(inputStream);
6663
} catch (SAXException | IOException | ParserConfigurationException ex) {
6764
LOGGER.error(ex.getMessage(), ex);
6865
}
6966
}
7067

7168
@Override
72-
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException {
69+
protected void doPost(HttpServletRequest request, HttpServletResponse response) {
7370
String name = request.getParameter("name");
7471
String password = request.getParameter("password");
7572
LOGGER.info("Received {} and {} as parameter", name, password);

Ch06_XPathInjection/src/main/java/de/dominikschadow/webappsecurity/servlets/XPathServlet.java

Lines changed: 11 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -17,12 +17,13 @@
1717
*/
1818
package de.dominikschadow.webappsecurity.servlets;
1919

20-
import java.io.IOException;
21-
import java.io.InputStream;
22-
import java.io.PrintWriter;
20+
import org.slf4j.Logger;
21+
import org.slf4j.LoggerFactory;
22+
import org.w3c.dom.Document;
23+
import org.w3c.dom.NodeList;
24+
import org.xml.sax.SAXException;
2325

2426
import javax.annotation.PostConstruct;
25-
import javax.servlet.ServletException;
2627
import javax.servlet.annotation.WebServlet;
2728
import javax.servlet.http.HttpServlet;
2829
import javax.servlet.http.HttpServletRequest;
@@ -34,12 +35,9 @@
3435
import javax.xml.xpath.XPathExpression;
3536
import javax.xml.xpath.XPathExpressionException;
3637
import javax.xml.xpath.XPathFactory;
37-
38-
import org.slf4j.Logger;
39-
import org.slf4j.LoggerFactory;
40-
import org.w3c.dom.Document;
41-
import org.w3c.dom.NodeList;
42-
import org.xml.sax.SAXException;
38+
import java.io.IOException;
39+
import java.io.InputStream;
40+
import java.io.PrintWriter;
4341

4442
/**
4543
* Servlet using an XPath expression to query the customer XML document.
@@ -52,34 +50,22 @@
5250
@WebServlet(name = "XPathServlet", urlPatterns = {"/XPathServlet"})
5351
public class XPathServlet extends HttpServlet {
5452
private static final Logger LOGGER = LoggerFactory.getLogger(XPathServlet.class);
55-
private static final long serialVersionUID = 1L;
56-
private Document doc;
53+
private static Document doc;
5754

5855
@PostConstruct
5956
@Override
6057
public void init() {
61-
InputStream inputStream = null;
62-
63-
try {
64-
inputStream = getClass().getClassLoader().getResourceAsStream("/customer.xml");
58+
try (InputStream inputStream = getClass().getClassLoader().getResourceAsStream("/customer.xml");) {
6559
DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
6660
DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();
6761
doc = dBuilder.parse(inputStream);
6862
} catch (SAXException | IOException | ParserConfigurationException ex) {
6963
LOGGER.error(ex.getMessage(), ex);
70-
} finally {
71-
if (inputStream != null) {
72-
try {
73-
inputStream.close();
74-
} catch (IOException ex) {
75-
LOGGER.error(ex.getMessage(), ex);
76-
}
77-
}
7864
}
7965
}
8066

8167
@Override
82-
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException {
68+
protected void doPost(HttpServletRequest request, HttpServletResponse response) {
8369
String name = request.getParameter("name");
8470
String password = request.getParameter("password");
8571
LOGGER.info("Received {} and {} as parameter", name, password);

0 commit comments

Comments
 (0)