Example 61 with HttpMessage
use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.
the class VariantHeaderUnitTest method shouldNotExtractAnyParameterIfThereAreNoHeaders.
@Test
void shouldNotExtractAnyParameterIfThereAreNoHeaders() {
// Given
VariantHeader variantHeader = new VariantHeader();
HttpMessage messageWithHeaders = createMessageWithoutInjectableHeaders();
// When
variantHeader.setMessage(messageWithHeaders);
// Then
assertThat(variantHeader.getParamList(), is(empty()));
}
Also used :
HttpMessage(org.parosproxy.paros.network.HttpMessage)
Test(org.junit.jupiter.api.Test)
Example 62 with HttpMessage
use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.
the class VariantHeaderUnitTest method shouldIgnoreChangesToHeaderName.
@Test
void shouldIgnoreChangesToHeaderName() {
// Given
VariantHeader variantHeader = new VariantHeader();
HttpMessage message = createMessageWithHeaders(header("X-Header-A", "X"), header("X-Header-B", "Y"), header("X-Header-C", "Z"));
variantHeader.setMessage(message);
// When
String injectedHeader = variantHeader.setParameter(message, header("X-Header-A", "X", 0), "X-Header-Z", "X");
// Then
assertThat(injectedHeader, is(equalTo("X-Header-A: X")));
assertThat(message, containsHeader("X-Header-A", "X"));
}
Also used :
HttpMessage(org.parosproxy.paros.network.HttpMessage)
Test(org.junit.jupiter.api.Test)
Example 63 with HttpMessage
use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.
the class VariantMultipartFormParametersUnitTest method shouldInjectParamValueModificationInGeneralParam.
@Test
void shouldInjectParamValueModificationInGeneralParam() {
// Given
VariantMultipartFormParameters variant = new VariantMultipartFormParameters();
HttpMessage message = createMessage();
String paramName = "person";
String newValue = "injected";
variant.setMessage(message);
// When
variant.setParameter(message, new NameValuePair(NameValuePair.TYPE_MULTIPART_DATA_PARAM, paramName, DEFAULT_PARAM_CONTENT, 1), paramName, newValue);
HttpMessage newMsg = createMessage(newValue, DEFAULT_FILE_NAME, DEFAULT_CONTENT_TYPE, DEFAULT_FILE_PARAM_CONTENT);
// Then
assertThat(message.getRequestBody().toString(), equalTo(newMsg.getRequestBody().toString()));
}
Also used :
HttpMessage(org.parosproxy.paros.network.HttpMessage)
Test(org.junit.jupiter.api.Test)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
Example 64 with HttpMessage
use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.
the class VariantMultipartFormParametersUnitTest method shouldInjectParamValueMultipleTimesModificationInFileNameParam.
@Test
void shouldInjectParamValueMultipleTimesModificationInFileNameParam() {
// Given
VariantMultipartFormParameters variant = new VariantMultipartFormParameters();
HttpMessage message = createMessage();
String paramName = "somefile";
String newValue = "somefile9";
variant.setMessage(message);
// When
InputVectorBuilder inputVectorBuilder = new InputVectorBuilder();
for (int i = 0; i < 10; i++) {
inputVectorBuilder.setNameAndValue(new NameValuePair(NameValuePair.TYPE_MULTIPART_DATA_FILE_NAME, paramName, DEFAULT_FILE_NAME, 2), paramName, PayloadFormat.ALREADY_ESCAPED, newValue, PayloadFormat.ALREADY_ESCAPED);
}
variant.setParameters(message, inputVectorBuilder.build());
HttpMessage newMsg = createMessage(DEFAULT_PARAM_CONTENT, newValue, DEFAULT_CONTENT_TYPE, DEFAULT_FILE_PARAM_CONTENT);
// Then
assertThat(message.getRequestBody().toString(), equalTo(newMsg.getRequestBody().toString()));
}
Also used :
HttpMessage(org.parosproxy.paros.network.HttpMessage)
InputVectorBuilder(org.zaproxy.zap.core.scanner.InputVectorBuilder)
Test(org.junit.jupiter.api.Test)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
Example 65 with HttpMessage
use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.
the class VariantMultipartFormParametersUnitTest method shouldInjectParamValueModificationInFileParam.
@Test
void shouldInjectParamValueModificationInFileParam() {
// Given
VariantMultipartFormParameters variant = new VariantMultipartFormParameters();
HttpMessage message = createMessage();
String paramName = "somefile";
String newValue = "injected";
String origValue = "contents of the file";
variant.setMessage(message);
// When
variant.setParameter(message, new NameValuePair(NameValuePair.TYPE_MULTIPART_DATA_FILE_PARAM, paramName, origValue, 4), paramName, newValue);
HttpMessage newMsg = createMessage(DEFAULT_PARAM_CONTENT, DEFAULT_FILE_NAME, DEFAULT_CONTENT_TYPE, newValue);
// Then
assertThat(message.getRequestBody().toString(), equalTo(newMsg.getRequestBody().toString()));
}
Also used :
HttpMessage(org.parosproxy.paros.network.HttpMessage)
Test(org.junit.jupiter.api.Test)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
Aggregations
HttpMessage (org.parosproxy.paros.network.HttpMessage)460
Test (org.junit.jupiter.api.Test)360
Source (net.htmlparser.jericho.Source)86
ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)86
WithConfigsTest (org.zaproxy.zap.WithConfigsTest)57
CustomPage (org.zaproxy.zap.extension.custompages.CustomPage)48
SpiderParam (org.zaproxy.zap.spider.SpiderParam)36
URI (org.apache.commons.httpclient.URI)34
HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)32
IOException (java.io.IOException)26
DatabaseException (org.parosproxy.paros.db.DatabaseException)26
ArrayList (java.util.ArrayList)24
HashMap (java.util.HashMap)17
FilterResult (org.zaproxy.zap.spider.filters.ParseFilter.FilterResult)17
HistoryReference (org.parosproxy.paros.model.HistoryReference)14
HttpRequestHeader (org.parosproxy.paros.network.HttpRequestHeader)14
AuthenticationState (org.zaproxy.zap.users.AuthenticationState)14
URIException (org.apache.commons.httpclient.URIException)13
User (org.zaproxy.zap.users.User)13
IHTTPSession (fi.iki.elonen.NanoHTTPD.IHTTPSession)11
