From f4906939b1fd03d267204b514bd9384bacfc0f60 Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Fri, 3 May 2024 16:40:40 +0800 Subject: [PATCH 1/7] Patched WebContent/high_yield_investments.htm --- WebContent/high_yield_investments.htm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/WebContent/high_yield_investments.htm b/WebContent/high_yield_investments.htm index 715a931..3b3fea4 100644 --- a/WebContent/high_yield_investments.htm +++ b/WebContent/high_yield_investments.htm @@ -124,7 +124,8 @@

High Yield Investments

if any, to third party products and/or websites are purely coincidental. This site is provided "as is" without warranty of any kind, either express or implied. Watchfire does not assume any risk in relation to your use of this website. For additional Terms of Use, - please go to http://www.watchfire.com/statements/terms.aspx.

+ please go to https://www.watchfire.com/statements/terms.aspx.

+ Copyright © 2006, Watchfire Corporation, All rights reserved. From 661bc7a1e1385f95a335e95bd80e07a1c12b2ea4 Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Fri, 3 May 2024 16:40:40 +0800 Subject: [PATCH 2/7] Patched WebContent/static/security.htm --- WebContent/static/security.htm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/WebContent/static/security.htm b/WebContent/static/security.htm index 42646c0..b107860 100644 --- a/WebContent/static/security.htm +++ b/WebContent/static/security.htm @@ -56,7 +56,7 @@

Keep Your System Up to Date

Backups

It is a good practice to back up important files and folders on your computer. To back up files, you can make copies onto media that you can safely store elsewhere, such as CDs or floppy discs.

-

For more information on home computer security, visit http://www.cert.org/.

+

For more information on home computer security, visit https://www.cert.org/.

Back to Top \ No newline at end of file From c30dec292c2e37b576ca85b2d8d3821e4c469b45 Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Fri, 3 May 2024 16:40:40 +0800 Subject: [PATCH 3/7] Patched WebContent/swagger/lib/marked.js --- WebContent/swagger/lib/marked.js | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/WebContent/swagger/lib/marked.js b/WebContent/swagger/lib/marked.js index c2a678d..abacfa9 100644 --- a/WebContent/swagger/lib/marked.js +++ b/WebContent/swagger/lib/marked.js @@ -308,7 +308,8 @@ Lexer.prototype.token = function(src, top, bq) { if (~item.indexOf('\n ')) { space -= item.length; item = !this.options.pedantic - ? item.replace(new RegExp('^ {1,' + space + '}', 'gm'), '') + ? item.replace(/^ {1,6}/gm, '') + : item.replace(/^ {1,4}/gm, ''); } @@ -1095,8 +1096,8 @@ function unescape(html) { }); } -function replace(regex, opt) { - regex = regex.source; +function replace(hardcodedRegex, opt) { + const regex = hardcodedRegex.source; opt = opt || ''; return function self(name, val) { if (!name) return new RegExp(regex, opt); @@ -1107,6 +1108,7 @@ function replace(regex, opt) { }; } + function noop() {} noop.exec = noop; From 69943574b6995cbe94066b1ae8d2d8b883643b62 Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Fri, 3 May 2024 16:40:40 +0800 Subject: [PATCH 4/7] Patched src/com/ibm/security/appscan/altoromutual/servlet/LoginServlet.java --- .../security/appscan/altoromutual/servlet/LoginServlet.java | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/com/ibm/security/appscan/altoromutual/servlet/LoginServlet.java b/src/com/ibm/security/appscan/altoromutual/servlet/LoginServlet.java index 55303c3..64d2f0e 100644 --- a/src/com/ibm/security/appscan/altoromutual/servlet/LoginServlet.java +++ b/src/com/ibm/security/appscan/altoromutual/servlet/LoginServlet.java @@ -92,6 +92,10 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) //Handle the cookie using ServletUtil.establishSession(String) try{ Cookie accountCookie = ServletUtil.establishSession(username,session); + //Set the HttpOnly flag for the cookie + accountCookie.setHttpOnly(true); + //Set the secure flag for the cookie + accountCookie.setSecure(true); response.addCookie(accountCookie); response.sendRedirect(request.getContextPath()+"/bank/main.jsp"); } @@ -105,3 +109,4 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) } } + From 1009a73706c276960a910a6993af13f945c2aaaf Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Fri, 3 May 2024 16:40:40 +0800 Subject: [PATCH 5/7] Patched WebContent/static/inside_about.htm --- WebContent/static/inside_about.htm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/WebContent/static/inside_about.htm b/WebContent/static/inside_about.htm index cd5517e..345c400 100644 --- a/WebContent/static/inside_about.htm +++ b/WebContent/static/inside_about.htm @@ -9,7 +9,7 @@

About Altoro Mutual

@@ -22,4 +22,4 @@

About Altoro Mutual

Altoro Mutual offers a broad range of commercial, private, retail and mortgage banking services to small- and middle-market businesses and individuals. - \ No newline at end of file + From 6e46512681075c3f8350ebd6e5370b3b7e13c29e Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Fri, 3 May 2024 16:40:40 +0800 Subject: [PATCH 6/7] Patched src/com/ibm/security/appscan/altoromutual/servlet/AdminServlet.java --- .../altoromutual/servlet/AdminServlet.java | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/src/com/ibm/security/appscan/altoromutual/servlet/AdminServlet.java b/src/com/ibm/security/appscan/altoromutual/servlet/AdminServlet.java index bcc1c94..6fd95be 100644 --- a/src/com/ibm/security/appscan/altoromutual/servlet/AdminServlet.java +++ b/src/com/ibm/security/appscan/altoromutual/servlet/AdminServlet.java @@ -59,9 +59,9 @@ else if (request.getRequestURL().toString().endsWith("addUser")){ String username = request.getParameter("username"); String password1 = request.getParameter("password1"); String password2 = request.getParameter("password2"); - if (username == null || username.trim().length() == 0 - || password1 == null || password1.trim().length() == 0 - || password2 == null || password2.trim().length() == 0) + if ( (username == null || username.trim().length() == 0) + || (password1 == null || password1.trim().length() == 0) + || (password2 == null || password2.trim().length() == 0) ) message = "An error has occurred. Please try again later."; if (firstname == null){ @@ -90,10 +90,10 @@ else if (request.getRequestURL().toString().endsWith("changePassword")){ String username = request.getParameter("username"); String password1 = request.getParameter("password1"); String password2 = request.getParameter("password2"); - if (username == null || username.trim().length() == 0 - || password1 == null || password1.trim().length() == 0 - || password2 == null || password2.trim().length() == 0) - message = "An error has occurred. Please try again later."; + if ( (username == null || username.trim().length() == 0) + || (password1 == null || password1.trim().length() == 0) + || (password2 == null || password2.trim().length() == 0) ) + message = "An error has occurred. Please try again later."; if (message == null && !password1.equals(password2)){ message = "Entered passwords did not match."; @@ -121,3 +121,4 @@ else if (request.getRequestURL().toString().endsWith("changePassword")){ } } + From d4f3ad9bc62c42b5e6534cf21fa671c779198df4 Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Fri, 3 May 2024 16:40:40 +0800 Subject: [PATCH 7/7] Patched WebContent/static/inside_community.htm --- WebContent/static/inside_community.htm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/WebContent/static/inside_community.htm b/WebContent/static/inside_community.htm index a10d665..ddfc3d0 100644 --- a/WebContent/static/inside_community.htm +++ b/WebContent/static/inside_community.htm @@ -9,9 +9,9 @@

Volunteering

The employees of Altoro Mutual not only give millions of dollars in donations but thousands of hours of volunteer time to their communities each year. Learn about our current volunteer programs.

Summer 2006

-

The 2006 community efforts of Altoro Mutual and our employees is quite impressive including charitable contributions, volunteerism, diversity initiatives, and other support. View the summary report (PDF, 800KB).

+

The 2006 community efforts of Altoro Mutual and our employees is quite impressive including charitable contributions, volunteerism, diversity initiatives, and other support. View the summary report (PDF, 800KB).

-

Adobe Reader
-Download free Adobe Reader.

+


+Download free Adobe Reader.

- \ No newline at end of file +