Search in sources :

Example 91 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class AbstractPluginUnitTest method shouldRaiseAlertWith13ParamsBingoDefaultingToMessageUriWhenGivenUriIsEmpty.

@Test
@SuppressWarnings("deprecation")
void shouldRaiseAlertWith13ParamsBingoDefaultingToMessageUriWhenGivenUriIsEmpty() {
    // Given
    AbstractPlugin plugin = createDefaultPlugin();
    HostProcess hostProcess = mock(HostProcess.class);
    plugin.init(mock(HttpMessage.class), hostProcess);
    String uri = "";
    String messageUri = "http://example.com/";
    HttpMessage alertMessage = createAlertMessage(messageUri);
    // When
    plugin.bingo(Alert.RISK_LOW, Alert.CONFIDENCE_HIGH, "", "", uri, "", "", "", "", "", 0, 0, alertMessage);
    // Then
    Alert alert = getRaisedAlert(hostProcess);
    assertThat(alert.getUri(), is(equalTo(messageUri)));
}
Also used : HttpMessage(org.parosproxy.paros.network.HttpMessage) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 92 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class ProxyThreadUnitTest method createMessage.

private static HttpMessage createMessage(HttpResponseHeader header, HttpResponseBody body) {
    HttpMessage message = mock(HttpMessage.class);
    given(message.getResponseHeader()).willReturn(header);
    given(message.getResponseBody()).willReturn(body);
    return message;
}
Also used : HttpMessage(org.parosproxy.paros.network.HttpMessage)

Example 93 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class ProxyThreadUnitTest method shouldNotDecodeResponseIfNoContentEncodings.

@Test
void shouldNotDecodeResponseIfNoContentEncodings() {
    // Given
    HttpResponseHeader responseHeader = mock(HttpResponseHeader.class);
    given(responseHeader.getHeader(HttpHeader.CONTENT_LENGTH)).willReturn("1");
    HttpResponseBody responseBody = mock(HttpResponseBody.class);
    given(responseBody.getContentEncodings()).willReturn(Collections.emptyList());
    byte[] content = "ABC".getBytes(StandardCharsets.ISO_8859_1);
    given(responseBody.getContent()).willReturn(content);
    given(responseBody.length()).willReturn(content.length);
    HttpMessage message = createMessage(responseHeader, responseBody);
    // When
    ProxyThread.decodeResponseIfNeeded(message);
    // Then
    verify(responseBody, times(0)).setBody(content);
    verify(responseBody, times(0)).setContentEncodings(Collections.emptyList());
    verify(responseHeader, times(0)).setHeader(HttpHeader.CONTENT_ENCODING, null);
    verify(responseHeader, times(0)).setContentLength(content.length);
}
Also used : HttpResponseHeader(org.parosproxy.paros.network.HttpResponseHeader) HttpResponseBody(org.zaproxy.zap.network.HttpResponseBody) HttpMessage(org.parosproxy.paros.network.HttpMessage) Test(org.junit.jupiter.api.Test)

Example 94 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class VariantAbstractQueryUnitTest method shouldNotCallGetEscapedValueForInjectedValueIfEscapedWhenSettingParameter.

@Test
void shouldNotCallGetEscapedValueForInjectedValueIfEscapedWhenSettingParameter() {
    // Given
    List<String> values = new ArrayList<>();
    VariantAbstractQuery variantAbstractQuery = new VariantAbstractQueryImpl() {

        @Override
        protected String getEscapedValue(HttpMessage msg, String value) {
            values.add(value);
            return value;
        }
    };
    List<org.zaproxy.zap.model.NameValuePair> parameters = parameters(parameter("a", "b"), parameter("c", "d"), parameter("e", "f"));
    variantAbstractQuery.setParameters(NAME_VALUE_PAIR_TYPE, parameters);
    HttpMessage message = createMessage();
    // When
    variantAbstractQuery.setEscapedParameter(message, param("a", "b", 0), "y", "escaped");
    // Then
    assertThat(values, contains("d", "f"));
}
Also used : ArrayList(java.util.ArrayList) HttpMessage(org.parosproxy.paros.network.HttpMessage) Test(org.junit.jupiter.api.Test)

Example 95 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class VariantAbstractQueryUnitTest method shouldCallGetEscapedNameForEachNameWhenSettingParameter.

@Test
void shouldCallGetEscapedNameForEachNameWhenSettingParameter() {
    // Given
    List<String> names = new ArrayList<>();
    VariantAbstractQuery variantAbstractQuery = new VariantAbstractQueryImpl() {

        @Override
        protected String getEscapedName(HttpMessage msg, String name) {
            names.add(name);
            return name;
        }
    };
    List<org.zaproxy.zap.model.NameValuePair> parameters = parameters(parameter("a", "b"), parameter("c", "d"), parameter("e", "f"));
    variantAbstractQuery.setParameters(NAME_VALUE_PAIR_TYPE, parameters);
    HttpMessage message = createMessage();
    // When
    variantAbstractQuery.setParameter(message, param("a", "b", 0), "y", "z");
    // Then
    assertThat(names, contains("y", "c", "e"));
}
Also used : ArrayList(java.util.ArrayList) HttpMessage(org.parosproxy.paros.network.HttpMessage) Test(org.junit.jupiter.api.Test)

Aggregations

HttpMessage (org.parosproxy.paros.network.HttpMessage)460 Test (org.junit.jupiter.api.Test)360 Source (net.htmlparser.jericho.Source)86 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)86 WithConfigsTest (org.zaproxy.zap.WithConfigsTest)57 CustomPage (org.zaproxy.zap.extension.custompages.CustomPage)48 SpiderParam (org.zaproxy.zap.spider.SpiderParam)36 URI (org.apache.commons.httpclient.URI)34 HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)32 IOException (java.io.IOException)26 DatabaseException (org.parosproxy.paros.db.DatabaseException)26 ArrayList (java.util.ArrayList)24 HashMap (java.util.HashMap)17 FilterResult (org.zaproxy.zap.spider.filters.ParseFilter.FilterResult)17 HistoryReference (org.parosproxy.paros.model.HistoryReference)14 HttpRequestHeader (org.parosproxy.paros.network.HttpRequestHeader)14 AuthenticationState (org.zaproxy.zap.users.AuthenticationState)14 URIException (org.apache.commons.httpclient.URIException)13 User (org.zaproxy.zap.users.User)13 IHTTPSession (fi.iki.elonen.NanoHTTPD.IHTTPSession)11