Examples with GetSignaturesRequest com.zimbra.soap.account.message.GetSignaturesRequest used on opensource projects

Search in sources :

Example 1 with GetSignaturesRequest

use of com.zimbra.soap.account.message.GetSignaturesRequest in project zm-mailbox by Zimbra.

the class TestGetSignature method getSignature.

@Test
public void getSignature() throws Exception {
    Account acct = provUtil.createAccount(genAcctNameLocalPart(), domain);
    boolean csrfEnabled = Boolean.FALSE;
    SoapTransport transport = authUser(acct.getName(), csrfEnabled, Boolean.FALSE);
    String sigContent = "xss<script>alert(\"XSS\")</script><a href=javascript:alert(\"XSS\")><";
    Signature sig = new Signature(null, "testSig", sigContent, "text/html");
    CreateSignatureRequest req = new CreateSignatureRequest(sig);
    SoapProtocol proto = SoapProtocol.Soap12;
    Element sigReq = JaxbUtil.jaxbToElement(req, proto.getFactory());
    try {
        Element element = transport.invoke(sigReq, false, false, null);
        String sigt = element.getElement("signature").getAttribute("id");
        assertNotNull(sigt);
    } catch (SoapFaultException e) {
        e.printStackTrace();
        assertNull(e);
    }
    GetSignaturesRequest getSigReq = new GetSignaturesRequest();
    sigReq = JaxbUtil.jaxbToElement(getSigReq, proto.getFactory());
    try {
        Element element = transport.invoke(sigReq, false, false, null);
        String sigtContent = element.getElement("signature").getElement("content").getText();
        assertNotNull(sigContent);
        int index = sigtContent.indexOf("alert(\"XSS\")");
        Assert.assertEquals(-1, index);
    } catch (SoapFaultException e) {
        e.printStackTrace();
        assertNull(e);
    }
}
Also used : Account(com.zimbra.cs.account.Account) CreateSignatureRequest(com.zimbra.soap.account.message.CreateSignatureRequest) GetSignaturesRequest(com.zimbra.soap.account.message.GetSignaturesRequest) Signature(com.zimbra.soap.account.type.Signature) Element(com.zimbra.common.soap.Element) SoapProtocol(com.zimbra.common.soap.SoapProtocol) SoapTransport(com.zimbra.common.soap.SoapTransport) SoapFaultException(com.zimbra.common.soap.SoapFaultException) Test(org.junit.Test)

Example 2 with GetSignaturesRequest

use of com.zimbra.soap.account.message.GetSignaturesRequest in project zm-mailbox by Zimbra.

the class TestGetSignature method getSignaturePlainSig.

@Test
public void getSignaturePlainSig() throws Exception {
    Account acct = provUtil.createAccount(genAcctNameLocalPart(), domain);
    boolean csrfEnabled = Boolean.FALSE;
    SoapTransport transport = authUser(acct.getName(), csrfEnabled, Boolean.FALSE);
    String sigContent = "xss<script>alert(\"XSS\")</script><a href=javascript:alert(\"XSS\")><";
    Signature sig = new Signature(null, "testSig", sigContent, "text/plain");
    CreateSignatureRequest req = new CreateSignatureRequest(sig);
    SoapProtocol proto = SoapProtocol.Soap12;
    Element sigReq = JaxbUtil.jaxbToElement(req, proto.getFactory());
    try {
        Element element = transport.invoke(sigReq, false, false, null);
        String sigt = element.getElement("signature").getAttribute("id");
        assertNotNull(sigt);
    } catch (SoapFaultException e) {
        e.printStackTrace();
        assertNull(e);
    }
    GetSignaturesRequest getSigReq = new GetSignaturesRequest();
    sigReq = JaxbUtil.jaxbToElement(getSigReq, proto.getFactory());
    try {
        Element element = transport.invoke(sigReq, false, false, null);
        String sigtContent = element.getElement("signature").getElement("content").getText();
        assertNotNull(sigContent);
        int index = sigtContent.indexOf("alert(\"XSS\")");
        Assert.assertTrue(index > -1);
    } catch (SoapFaultException e) {
        e.printStackTrace();
        assertNull(e);
    }
}
Also used : Account(com.zimbra.cs.account.Account) CreateSignatureRequest(com.zimbra.soap.account.message.CreateSignatureRequest) GetSignaturesRequest(com.zimbra.soap.account.message.GetSignaturesRequest) Signature(com.zimbra.soap.account.type.Signature) Element(com.zimbra.common.soap.Element) SoapProtocol(com.zimbra.common.soap.SoapProtocol) SoapTransport(com.zimbra.common.soap.SoapTransport) SoapFaultException(com.zimbra.common.soap.SoapFaultException) Test(org.junit.Test)

Aggregations

Element (com.zimbra.common.soap.Element)2 SoapFaultException (com.zimbra.common.soap.SoapFaultException)2 SoapProtocol (com.zimbra.common.soap.SoapProtocol)2 SoapTransport (com.zimbra.common.soap.SoapTransport)2 Account (com.zimbra.cs.account.Account)2 CreateSignatureRequest (com.zimbra.soap.account.message.CreateSignatureRequest)2 GetSignaturesRequest (com.zimbra.soap.account.message.GetSignaturesRequest)2 Signature (com.zimbra.soap.account.type.Signature)2 Test (org.junit.Test)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial