Examples with HttpMessage org.parosproxy.paros.network.HttpMessage used on opensource projects

Example 86 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class AbstractPluginUnitTest method isPage404ShouldReturnFalseIfNoStatusCodeOrCustomPageMatchesButCustomPage500Does.

@Test
void isPage404ShouldReturnFalseIfNoStatusCodeOrCustomPageMatchesButCustomPage500Does() {
    // Given
    CustomPage.Type type = CustomPage.Type.NOTFOUND_404;
    HttpMessage message = new HttpMessage();
    message.getResponseHeader().setStatusCode(302);
    given(parent.isCustomPage(message, type)).willReturn(false);
    given(parent.isCustomPage(message, CustomPage.Type.ERROR_500)).willReturn(true);
    plugin.init(message, parent);
    // When
    boolean result = plugin.isPage404(message);
    // Then
    assertThat(result, is(equalTo(false)));
    verify(parent).isCustomPage(message, CustomPage.Type.OK_200);
    verify(parent).isCustomPage(message, CustomPage.Type.ERROR_500);
}

Example 87 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class AbstractPluginUnitTest method isSuccessShouldReturnFalseIfCustomPage500Matches.

@Test
void isSuccessShouldReturnFalseIfCustomPage500Matches() {
    // Given
    CustomPage.Type type = CustomPage.Type.NOTFOUND_404;
    HttpMessage message = new HttpMessage();
    message.getResponseHeader().setStatusCode(200);
    given(parent.isCustomPage(message, type)).willReturn(false);
    given(parent.isCustomPage(message, CustomPage.Type.ERROR_500)).willReturn(true);
    given(parent.getAnalyser()).willReturn(analyser);
    given(parent.getAnalyser().isFileExist(message)).willReturn(true);
    plugin.init(message, parent);
    // When
    boolean result = plugin.isSuccess(message);
    // Then
    assertThat(result, is(equalTo(false)));
    verify(parent).isCustomPage(message, CustomPage.Type.NOTFOUND_404);
    verify(parent).isCustomPage(message, CustomPage.Type.ERROR_500);
}

Example 88 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class AbstractPluginUnitTest method shouldRaiseAlertWith13ParamsBingo.

@Test
@SuppressWarnings("deprecation")
void shouldRaiseAlertWith13ParamsBingo() {
    // Given
    AbstractPlugin plugin = createDefaultPlugin();
    HostProcess hostProcess = mock(HostProcess.class);
    plugin.init(mock(HttpMessage.class), hostProcess);
    int risk = Alert.RISK_LOW;
    int confidence = Alert.CONFIDENCE_HIGH;
    String name = "name";
    String description = "description";
    String uri = "uri";
    String param = "param";
    String attack = "attack";
    String evidence = "evidence";
    String otherInfo = "otherInfo";
    String solution = "solution";
    int cweId = 111;
    int wascId = 222;
    HttpMessage alertMessage = createAlertMessage();
    // When
    plugin.bingo(risk, confidence, name, description, uri, param, attack, otherInfo, solution, evidence, cweId, wascId, alertMessage);
    // Then
    Alert alert = getRaisedAlert(hostProcess);
    assertThat(alert.getPluginId(), is(equalTo(plugin.getId())));
    assertThat(alert.getName(), is(equalTo(name)));
    assertThat(alert.getRisk(), is(equalTo(risk)));
    assertThat(alert.getConfidence(), is(equalTo(confidence)));
    assertThat(alert.getDescription(), is(equalTo(description)));
    assertThat(alert.getUri(), is(equalTo(uri)));
    assertThat(alert.getParam(), is(equalTo(param)));
    assertThat(alert.getAttack(), is(equalTo(attack)));
    assertThat(alert.getEvidence(), is(equalTo(evidence)));
    assertThat(alert.getOtherInfo(), is(equalTo(otherInfo)));
    assertThat(alert.getSolution(), is(equalTo(solution)));
    assertThat(alert.getReference(), is(equalTo(plugin.getReference())));
    assertThat(alert.getCweId(), is(equalTo(cweId)));
    assertThat(alert.getWascId(), is(equalTo(wascId)));
    assertThat(alert.getMessage(), is(sameInstance(alertMessage)));
}

Example 89 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class AbstractPluginUnitTest method shouldRaiseAlertWith11ParamsBingoDefaultingToMessageUriWhenGivenUriIsNull.

@Test
@SuppressWarnings("deprecation")
void shouldRaiseAlertWith11ParamsBingoDefaultingToMessageUriWhenGivenUriIsNull() {
    // Given
    AbstractPlugin plugin = createDefaultPlugin();
    HostProcess hostProcess = mock(HostProcess.class);
    plugin.init(mock(HttpMessage.class), hostProcess);
    String uri = null;
    String messageUri = "http://example.com/";
    HttpMessage alertMessage = createAlertMessage(messageUri);
    // When
    plugin.bingo(Alert.RISK_LOW, Alert.CONFIDENCE_HIGH, "", "", uri, "", "", "", "", "", alertMessage);
    // Then
    Alert alert = getRaisedAlert(hostProcess);
    assertThat(alert.getUri(), is(equalTo(messageUri)));
}

Example 90 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class AbstractPluginUnitTest method shouldSendMessageWithoutScanRuleIdHeaderIfDisabled.

@Test
void shouldSendMessageWithoutScanRuleIdHeaderIfDisabled() throws IOException {
    // Given
    AbstractPlugin plugin = createDefaultPlugin();
    ScannerParam scannerParam = mock(ScannerParam.class);
    given(scannerParam.isInjectPluginIdInHeader()).willReturn(false);
    given(parent.getScannerParam()).willReturn(scannerParam);
    HttpSender httpSender = mock(HttpSender.class);
    given(parent.getHttpSender()).willReturn(httpSender);
    plugin.init(message, parent);
    HttpMessage message = new HttpMessage(new URI("http://example.com/", true));
    // When
    plugin.sendAndReceive(message, true, true);
    // Then
    assertThat(message.getRequestHeader().getHeader(HttpHeader.X_ZAP_SCAN_ID), is(nullValue()));
}