优化：优化误报问题

sonar-keyware-plugins-ConfigurationDetection/src/main/java/com/keyware/sonar/Configuration/ConfigurationFileLanguage.java

@@ -21,7 +21,7 @@ public class ConfigurationFileLanguage extends AbstractLanguage {
     public static final String NAME = "Configuration";
     public static final String KEY = "cfg";
     public static final String FILE_SUFFIXES_KEY = "sonar.disposition.file.suffixes";
-    public static final String FILE_SUFFIXES_DEFAULT_VALUE = ".properties,.ini,.conf,.xml,.yml,.json";
+    public static final String FILE_SUFFIXES_DEFAULT_VALUE = ".properties,.ini,.conf,.yml,.json";
 
     private final Configuration config;
 

sonar-keyware-plugins-ConfigurationDetection/src/main/java/com/keyware/sonar/Configuration/rules/checkers/SessionDateChecker.java

@@ -29,9 +29,9 @@ import java.util.Scanner;
 @Rule(key = "SessionDateChecker")
 public class SessionDateChecker implements ConfigCheck {
 
-    private boolean boo = true;
+    private boolean boo = false;
     public void execute(SensorContext context, InputFile inputFile, RuleKey ruleKey){
-        if(boo){
+        if(!boo){
             //文件名称
             String filename = inputFile.filename();
             //校验文件后缀
@@ -41,8 +41,8 @@ public class SessionDateChecker implements ConfigCheck {
                     try (Scanner scanner = new Scanner(file)) {
                         while (scanner.hasNextLine()) {
                             String line = scanner.nextLine();
-                            if (line.contains("server.servlet.session.timeout")) {
+                            if (!line.contains("server.servlet.session.timeout")) {
-                                boo = false;
+                                boo = true;
                                 break;
                             }
                         }
@@ -62,8 +62,8 @@ public class SessionDateChecker implements ConfigCheck {
                     Map<String, Object> obj = yaml.load(fis);
                     if (obj != null){
                         String sessionTimeout = searchForSessionTimeout(obj, "server", "servlet", "session", "timeout");
-                        if (sessionTimeout != null) {
+                        if (sessionTimeout == null) {
-                            boo = false;
+                            boo = true;
                         }
                     }
                 } catch (IOException e) {

sonar-keyware-plugins-java/src/main/java/com/keyware/sonar/java/rules/checkers/OptionsVerifyChecker.java

@@ -27,7 +27,7 @@ import java.util.List;
 @Rule(key = "OptionsVerifyChecker")
 public class OptionsVerifyChecker extends IssuableSubscriptionVisitor implements EndOfAnalysis {
 
-    private boolean boo = true;
+    private boolean boo = false;
 
     @Override
     public List<Tree.Kind> nodesToVisit() {
@@ -36,7 +36,7 @@ public class OptionsVerifyChecker extends IssuableSubscriptionVisitor implements
 
     @Override
     public void visitNode(Tree tree) {
-        if(boo) {
+        if(!boo) {
             MethodInvocationTree methodInvocationTree = (MethodInvocationTree) tree;
             ExpressionTree expressionTree = methodInvocationTree.methodSelect();
             if (expressionTree.is(Tree.Kind.MEMBER_SELECT)) {
@@ -44,19 +44,21 @@ public class OptionsVerifyChecker extends IssuableSubscriptionVisitor implements
                 if("addHeader".equals(selectExpressionTree.identifier().name()) || "setHeader".equals(selectExpressionTree.identifier().name())) {
                     Arguments arguments = methodInvocationTree.arguments();
                     boolean one = false;
-                    boolean two = false;
+                    boolean two = true;
                     for (ExpressionTree argument : arguments) {
                         if(argument.is(Tree.Kind.STRING_LITERAL)){
                             String literalValue = ((LiteralTree) argument).value();
                             if ("\"X-Frame-Options\"".equals(literalValue)) {
                                 one = true;
                             } else if("\"DENY\"".equals(literalValue)){
-                                two = true;
+                                two = false;
                             }
                         }
                     }
-                    if(one && two){
+                    if(one){
-                        boo = false;
+                        if(two){
+                            boo = true;
+                        }
                     }
                 }
             }

sonar-keyware-plugins-java/src/test/files/options/OptionsVerifyOneRule.java

@@ -11,7 +11,7 @@ public class OptionsVerifyOneRule extends OncePerRequestFilter {
 
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
-//        response.setHeader("X-Frame-Options", "DENY"); // 或者使用SAMEORIGIN，ALLOW-FROM等其他策略
+        response.setHeader("X-Frame-Options", "SAMEORIGIN"); // 或者使用SAMEORIGIN，ALLOW-FROM等其他策略
         filterChain.doFilter(request, response);
     }
 }