Use Parameterized LDAP Query

jSparrow 3.19.0

& jSparrow Maven Plugin 2.16.0 released

jSparrow 3.19.0 continues the series of security rules concerning injection attacks.

Use Parameterized LDAP Query

Similar to SQL queries, the LDAP search filters are also vulnerable to injection attacks. This rule parameterizes all potential user supplied input that are concatenated into an LDAP search filter. For instance, the following code:

is transformed to:

This brings jSparrow to a total of 79 automatic refactoring rules.

Find out more information in the Release Notes for jSparrow Eclipse and jSparrow Maven!

“Technology trust is a good thing, but control is a better one.”

― Stephane Nappo

Happy Coding!