logo

Database

Java Accepts Any Mime

Description

Detects insecure MIME type configurations in Java applications where HTTP headers are configured to accept any content type. This vulnerability could allow attackers to bypass content type restrictions and potentially upload malicious files or execute content-type based attacks.

Weakness:

153 - Insecure or unset HTTP headers - Accept

Category: Protocol Manipulation

Detection Strategy

    Identifies calls to header configuration methods like 'header', 'setHeader', and 'headers' in Java code

    Examines the arguments passed to these header methods to check for overly permissive MIME type configurations

    Reports a vulnerability when header configurations accept any MIME type ('*/*') or have unsafe content-type settings

    Focuses on HTTP response header configurations that could impact content type security

Vulnerable code example

import java.net.http.HttpClient;
import java.net.http.HttpRequest;

public class UnsafeHeaderExample {
    public HttpRequest createRequest(String url) throws Exception {
        HttpClient client = HttpClient.newHttpClient();
        
        // Vulnerable: Using Accept: */* header allows accepting any content type...

✅ Secure code example

import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.URI;

public class SafeHeaderExample {
    public HttpRequest createRequest(String url) throws Exception {
        HttpClient client = HttpClient.newHttpClient();
        ...