rspec/rules/S3374/java/rule.adoc

According to the Common Weakness Enumeration,

____
If two validation forms have the same name, the Struts Validator arbitrarily chooses one of the forms to use for input validation and discards the other. This decision might not correspond to the programmer's expectations...
____


In such a case, it is likely that the two forms should be combined. At the very least, one should be removed.


== Noncompliant Code Example

----
<form-validation>
  <formset>
    <form name="BookForm"> ... </form>
    <form name="BookForm"> ... </form>  <!-- Noncompliant -->
  </formset>
</form-validation>
----


== Compliant Solution

----
<form-validation>
  <formset>
    <form name="BookForm"> ... </form>
  </formset>
</form-validation>
----


== See

* https://cwe.mitre.org/data/definitions/102.html[MITRE, CWE-102] - Struts: Duplicate Validation Forms
* https://owasp.org/www-community/vulnerabilities/Improper_Data_Validation[OWASP, Improper Data Validation] - Struts: Duplicate Validation Forms


ifdef::rspecator-view[]
== Comments And Links
(visible only on this page)

include::comments-and-links.adoc[]
endif::rspecator-view[]
Restructure one-lang rspecs 2021-04-28 16:49:39 +02:00			`According to the Common Weakness Enumeration,`

			`____`
			`If two validation forms have the same name, the Struts Validator arbitrarily chooses one of the forms to use for input validation and discards the other. This decision might not correspond to the programmer's expectations...`
			`____`


			`In such a case, it is likely that the two forms should be combined. At the very least, one should be removed.`

Fix the missing default metadata fields 2021-04-28 18:08:03 +02:00
Restructure one-lang rspecs 2021-04-28 16:49:39 +02:00			`== Noncompliant Code Example`

			`----`
			`<form-validation>`
			`<formset>`
			`<form name="BookForm"> ... </form>`
			`<form name="BookForm"> ... </form> <!-- Noncompliant -->`
			`</formset>`
			`</form-validation>`
			`----`

Fix the missing default metadata fields 2021-04-28 18:08:03 +02:00
Restructure one-lang rspecs 2021-04-28 16:49:39 +02:00			`== Compliant Solution`

			`----`
			`<form-validation>`
			`<formset>`
			`<form name="BookForm"> ... </form>`
			`</formset>`
			`</form-validation>`
			`----`

Fix the missing default metadata fields 2021-04-28 18:08:03 +02:00
Restructure one-lang rspecs 2021-04-28 16:49:39 +02:00			`== See`

			`* https://cwe.mitre.org/data/definitions/102.html[MITRE, CWE-102] - Struts: Duplicate Validation Forms`
			`* https://owasp.org/www-community/vulnerabilities/Improper_Data_Validation[OWASP, Improper Data Validation] - Struts: Duplicate Validation Forms`
Fix the missing default metadata fields 2021-04-28 18:08:03 +02:00
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00
			`ifdef::rspecator-view[]`
			`== Comments And Links`
			`(visible only on this page)`

			`include::comments-and-links.adoc[]`
			`endif::rspecator-view[]`