Wednesday 9 November 2011

Solution for fixing Spring's JPetStore AutoBinding vulnerabilities

Here is an O2 blog post that describes my preferred solution for Fixing one of JPetStore's AutoBinding Vulnerabilities (changing the purchase price)

I have to say that as a developer doing the code fix, it was simply amazing and very powerful to have the complete web workflow of the shopping cart available as an automated O2 script .

This allowed me to quickly ensure that: 
  a) the app still behaved as it should (after the fix)
  b) the vulnerabilities identified where properly fixed

What do you think of the solution?