public void logSessionIdNoncompliant()

in src/java/detectors/untrusted_data_in_decision/UntrustedDataInDecision.java [13:19]

• 6 lines of code
• 3 McCabe index (conditional complexity)

    public void logSessionIdNoncompliant(HttpServletRequest request) {
        final String sessionId = request.getRequestedSessionId();
        // Noncompliant: user-supplied session ID is used to make a decision.
        if (sessionId != null && sessionId.equals("ImportantSession")) {
            System.out.println("Client-provided session ID: " + sessionId + " is important");
        }
    }