Search in sources :

Example 51 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class AbstractPluginUnitTest method shouldRaiseAlertWith7ParamsBingoDefaultingToMessageUriWhenGivenUriIsNull.

@Test
@SuppressWarnings("deprecation")
void shouldRaiseAlertWith7ParamsBingoDefaultingToMessageUriWhenGivenUriIsNull() {
    // Given
    AbstractPlugin plugin = createDefaultPlugin();
    HostProcess hostProcess = mock(HostProcess.class);
    plugin.init(mock(HttpMessage.class), hostProcess);
    String uri = null;
    String messageUri = "http://example.com/";
    HttpMessage alertMessage = createAlertMessage(messageUri);
    // When
    plugin.bingo(Alert.RISK_LOW, Alert.CONFIDENCE_HIGH, uri, "", "", "", alertMessage);
    // Then
    Alert alert = getRaisedAlert(hostProcess);
    assertThat(alert.getUri(), is(equalTo(messageUri)));
}
Also used : HttpMessage(org.parosproxy.paros.network.HttpMessage) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 52 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class AbstractPluginUnitTest method shouldRaiseAlertWith13ParamsBingoDefaultingToMessageUriWhenGivenUriIsNull.

@Test
@SuppressWarnings("deprecation")
void shouldRaiseAlertWith13ParamsBingoDefaultingToMessageUriWhenGivenUriIsNull() {
    // Given
    AbstractPlugin plugin = createDefaultPlugin();
    HostProcess hostProcess = mock(HostProcess.class);
    plugin.init(mock(HttpMessage.class), hostProcess);
    String uri = null;
    String messageUri = "http://example.com/";
    HttpMessage alertMessage = createAlertMessage(messageUri);
    // When
    plugin.bingo(Alert.RISK_LOW, Alert.CONFIDENCE_HIGH, "", "", uri, "", "", "", "", "", 0, 0, alertMessage);
    // Then
    Alert alert = getRaisedAlert(hostProcess);
    assertThat(alert.getUri(), is(equalTo(messageUri)));
}
Also used : HttpMessage(org.parosproxy.paros.network.HttpMessage) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 53 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class AbstractPluginUnitTest method isPage500ShouldReturnTrueIfNoCustomPageMatchButStatusCode500.

@Test
void isPage500ShouldReturnTrueIfNoCustomPageMatchButStatusCode500() {
    // Given
    CustomPage.Type type = CustomPage.Type.ERROR_500;
    HttpMessage message = new HttpMessage();
    message.getResponseHeader().setStatusCode(500);
    given(parent.isCustomPage(message, type)).willReturn(true);
    plugin.init(message, parent);
    // When
    boolean result = plugin.isPage500(message);
    // Then
    assertThat(result, is(equalTo(true)));
    verify(parent).isCustomPage(message, CustomPage.Type.OK_200);
    verify(parent).isCustomPage(message, CustomPage.Type.NOTFOUND_404);
    verify(parent).isCustomPage(message, type);
}
Also used : CustomPage(org.zaproxy.zap.extension.custompages.CustomPage) HttpMessage(org.parosproxy.paros.network.HttpMessage) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 54 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class AbstractPluginUnitTest method isSuccessShouldReturnFalseIfCustomPage404Matches.

@Test
void isSuccessShouldReturnFalseIfCustomPage404Matches() {
    // Given
    CustomPage.Type type = CustomPage.Type.NOTFOUND_404;
    HttpMessage message = new HttpMessage();
    message.getResponseHeader().setStatusCode(200);
    given(parent.isCustomPage(message, type)).willReturn(true);
    given(parent.isCustomPage(message, CustomPage.Type.ERROR_500)).willReturn(false);
    given(parent.getAnalyser()).willReturn(analyser);
    plugin.init(message, parent);
    // When
    boolean result = plugin.isSuccess(message);
    // Then
    assertThat(result, is(equalTo(false)));
    verify(parent).isCustomPage(message, CustomPage.Type.NOTFOUND_404);
}
Also used : CustomPage(org.zaproxy.zap.extension.custompages.CustomPage) HttpMessage(org.parosproxy.paros.network.HttpMessage) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 55 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class AbstractPluginUnitTest method shouldRaiseAlertWith10ParamsBingo.

@Test
@SuppressWarnings("deprecation")
void shouldRaiseAlertWith10ParamsBingo() {
    // Given
    AbstractPlugin plugin = createDefaultPlugin();
    HostProcess hostProcess = mock(HostProcess.class);
    plugin.init(mock(HttpMessage.class), hostProcess);
    int risk = Alert.RISK_LOW;
    int confidence = Alert.CONFIDENCE_HIGH;
    String name = "name";
    String description = "description";
    String uri = "uri";
    String param = "param";
    String attack = "attack";
    String otherInfo = "otherInfo";
    String solution = "solution";
    HttpMessage alertMessage = createAlertMessage();
    // When
    plugin.bingo(risk, confidence, name, description, uri, param, attack, otherInfo, solution, alertMessage);
    // Then
    Alert alert = getRaisedAlert(hostProcess);
    assertThat(alert.getPluginId(), is(equalTo(plugin.getId())));
    assertThat(alert.getName(), is(equalTo(name)));
    assertThat(alert.getRisk(), is(equalTo(risk)));
    assertThat(alert.getConfidence(), is(equalTo(confidence)));
    assertThat(alert.getDescription(), is(equalTo(description)));
    assertThat(alert.getUri(), is(equalTo(uri)));
    assertThat(alert.getParam(), is(equalTo(param)));
    assertThat(alert.getAttack(), is(equalTo(attack)));
    assertThat(alert.getEvidence(), is(equalTo("")));
    assertThat(alert.getOtherInfo(), is(equalTo(otherInfo)));
    assertThat(alert.getSolution(), is(equalTo(solution)));
    assertThat(alert.getReference(), is(equalTo(plugin.getReference())));
    assertThat(alert.getCweId(), is(equalTo(plugin.getCweId())));
    assertThat(alert.getWascId(), is(equalTo(plugin.getWascId())));
    assertThat(alert.getMessage(), is(sameInstance(alertMessage)));
}
Also used : HttpMessage(org.parosproxy.paros.network.HttpMessage) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Aggregations

HttpMessage (org.parosproxy.paros.network.HttpMessage)460 Test (org.junit.jupiter.api.Test)360 Source (net.htmlparser.jericho.Source)86 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)86 WithConfigsTest (org.zaproxy.zap.WithConfigsTest)57 CustomPage (org.zaproxy.zap.extension.custompages.CustomPage)48 SpiderParam (org.zaproxy.zap.spider.SpiderParam)36 URI (org.apache.commons.httpclient.URI)34 HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)32 IOException (java.io.IOException)26 DatabaseException (org.parosproxy.paros.db.DatabaseException)26 ArrayList (java.util.ArrayList)24 HashMap (java.util.HashMap)17 FilterResult (org.zaproxy.zap.spider.filters.ParseFilter.FilterResult)17 HistoryReference (org.parosproxy.paros.model.HistoryReference)14 HttpRequestHeader (org.parosproxy.paros.network.HttpRequestHeader)14 AuthenticationState (org.zaproxy.zap.users.AuthenticationState)14 URIException (org.apache.commons.httpclient.URIException)13 User (org.zaproxy.zap.users.User)13 IHTTPSession (fi.iki.elonen.NanoHTTPD.IHTTPSession)11