Package com.hp.hpl.jena.update

Examples of com.hp.hpl.jena.update.UpdateRequest

1387
1388
1389
1390
1391
1392
1393
1394
        // variable parameter immediately surrounded by quotes
        String str = "PREFIX : <http://example/>\nINSERT DATA { <s> <p> '?var' }";
        ParameterizedSparqlString pss = new ParameterizedSparqlString(str);
        pss.setLiteral("var", "hello' . } ; DROP ALL ; INSERT DATA { <s> <p> \"goodbye");

        UpdateRequest updates = pss.asUpdate();
        Assert.fail("Attempt to do SPARQL injection should result in an exception");
    }
View Full Code Here
1399
1400
1401
1402
1403
1404
1405
1406
        // variable parameters immediately surrounded by quotes
        String str = "PREFIX : <http://example/>\nINSERT DATA { <s> <p> \"?var\" }";
        ParameterizedSparqlString pss = new ParameterizedSparqlString(str);
        pss.setLiteral("var", " . } ; DROP ALL ; INSERT DATA { <s> <p> ");

        UpdateRequest updates = pss.asUpdate();
        Assert.fail("Attempt to do SPARQL injection should result in an exception");
    }
View Full Code Here
1412
1413
1414
1415
1416
1417
1418
1419
        // literal
        String str = "PREFIX : <http://example/>\nINSERT DATA { <s> <p> '?var' }";
        ParameterizedSparqlString pss = new ParameterizedSparqlString(str);
        pss.setLiteral("var", "' . } ; DROP ALL ; INSERT DATA { <s> <p> <o> }#");

        UpdateRequest updates = pss.asUpdate();
        Assert.fail("Attempt to do SPARQL injection should result in an exception");
    }
View Full Code Here
1425
1426
1427
1428
1429
1430
1431
1432
        // ends up being a valid string literal within quotes
        String str = "PREFIX : <http://example/>\nINSERT DATA { <s> <p> ?var }";
        ParameterizedSparqlString pss = new ParameterizedSparqlString(str);
        pss.setLiteral("var", "\" . } ; DROP ALL ; INSERT DATA { <s> <p> <o> }#");

        UpdateRequest updates = pss.asUpdate();
        Assert.assertEquals(1, updates.getOperations().size());
    }
View Full Code Here
1452
1453
1454
1455
1456
1457
1458
1459
        String second = first.equals("var") ? "var2" : "var";

        pss.setLiteral(first, "?" + second);
        pss.setLiteral(second, " . } ; DROP ALL ; INSERT DATA { <s> <p> ");

        UpdateRequest updates = pss.asUpdate();
        Assert.fail("Attempt to do SPARQL injection should result in an exception");
    }
View Full Code Here
1465
1466
1467
1468
1469
1470
1471
1472
        // prevent this
        String str = "PREFIX : <http://example/>\nINSERT DATA { <s> <p> \" ?var \" }";
        ParameterizedSparqlString pss = new ParameterizedSparqlString(str);
        pss.setLiteral("var", " . } ; DROP ALL ; INSERT DATA { <s> <p> ");

        UpdateRequest updates = pss.asUpdate();
        Assert.fail("Attempt to do SPARQL injection should result in an exception");
    }
View Full Code Here
1478
1479
1480
1481
1482
1483
1484
1485
        // prevent this
        String str = "PREFIX : <http://example/>\nINSERT DATA { <s> <p> \"some text ?var other text\" }";
        ParameterizedSparqlString pss = new ParameterizedSparqlString(str);
        pss.setLiteral("var", " . } ; DROP ALL ; INSERT DATA { <s> <p> ");

        UpdateRequest updates = pss.asUpdate();
        Assert.fail("Attempt to do SPARQL injection should result in an exception");
    }
View Full Code Here
1490
1491
1492
1493
1494
1495
1496
1497
        // literal resulting in an injection, we now escape ' so prevent this
        String str = "PREFIX : <http://example/>\nINSERT DATA { <s> <p> ' ?var ' }";
        ParameterizedSparqlString pss = new ParameterizedSparqlString(str);
        pss.setLiteral("var", "' . } ; DROP ALL ; INSERT DATA { <s> <p> <o> }#");

        UpdateRequest updates = pss.asUpdate();
        Assert.assertEquals(1, updates.getOperations().size());
    }
View Full Code Here
1502
1503
1504
1505
1506
1507
1508
1509
        // literal resulting in an injection, we now escape ' so prevent this
        String str = "PREFIX : <http://example/>\nINSERT DATA { <s> <p> 'some text ?var other text' }";
        ParameterizedSparqlString pss = new ParameterizedSparqlString(str);
        pss.setLiteral("var", "' . } ; DROP ALL ; INSERT DATA { <s> <p> <o> }#");

        UpdateRequest updates = pss.asUpdate();
        Assert.assertEquals(1, updates.getOperations().size());
    }
View Full Code Here
1526
1527
1528
1529
1530
1531
1532
1533
        String second = first.equals("var") ? "var2" : "var";

        pss.setLiteral(first, " ?" + second + " ");
        pss.setLiteral(second, " . } ; DROP ALL ; INSERT DATA { <s> <p> ");

        UpdateRequest updates = pss.asUpdate();
        Assert.fail("Attempt to do SPARQL injection should result in an exception");
    }
View Full Code Here
TOP

Related Classes of com.hp.hpl.jena.update.UpdateRequest

  • arq.examples.update.UpdateExecuteOperations
  • arq.examples.update.UpdateProgrammatic
  • arq.examples.update.UpdateReadFromFile
  • arq.load
  • arq.rupdate
  • arq.uparse
  • arq.update
  • com.hp.hpl.jena.query.TestParameterizedSparqlString
  • com.hp.hpl.jena.sparql.engine.http.TestService
  • com.hp.hpl.jena.sparql.graph.TestDatasets
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.