Search in sources :

Example 6 with XMLConfig

use of org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.XMLConfig in project carbon-apimgt by wso2.

the class XMLAnalyzerTestCase method testMaxAttributeLength.

@Test(expectedExceptions = APIMThreatAnalyzerException.class)
public void testMaxAttributeLength() throws Exception {
    init();
    String xmlString = "<root attribute1111111111='someValue111111111' attribute2='1'></root>";
    XMLAnalyzer analyzer = new XMLAnalyzer();
    xmlConfig.setMaxAttributeLength(1);
    xmlConfig.setMaxAttributeCount(1);
    analyzer.configure(xmlConfig);
    analyzer.analyze(xmlString, "/foo");
}
Also used : XMLAnalyzer(org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.XMLAnalyzer) BeforeTest(org.testng.annotations.BeforeTest) Test(org.testng.annotations.Test)

Example 7 with XMLConfig

use of org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.XMLConfig in project carbon-apimgt by wso2.

the class JSONAnalyzerTestCase method testConfigureAnalyzerException.

@Test(expectedExceptions = UnsupportedOperationException.class)
public void testConfigureAnalyzerException() throws Exception {
    JSONAnalyzer analyzer = new JSONAnalyzer();
    XMLConfig config = new XMLConfig();
    analyzer.configure(config);
}
Also used : JSONAnalyzer(org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.JSONAnalyzer) XMLConfig(org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.XMLConfig) Test(org.testng.annotations.Test)

Example 8 with XMLConfig

use of org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.XMLConfig in project carbon-apimgt by wso2.

the class XMLAnalyzerTestCase method testAnalyzerDTDDisabled.

@Test(expectedExceptions = APIMThreatAnalyzerException.class)
public void testAnalyzerDTDDisabled() throws Exception {
    init();
    XMLAnalyzer analyzer = new XMLAnalyzer();
    analyzer.configure(xmlConfig);
    String xmlString = "<?xml version=\"1.0\"?>\n" + "<!DOCTYPE lolz [\n" + " <!ENTITY lol \"lol\">\n" + " <!ELEMENT lolz (#PCDATA)>\n" + " <!ENTITY lol1 \"&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;\">\n" + " <!ENTITY lol2 \"&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;\">\n" + " <!ENTITY lol3 \"&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;\">\n" + " <!ENTITY lol4 \"&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;\">\n" + " <!ENTITY lol5 \"&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;\">\n" + " <!ENTITY lol6 \"&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;\">\n" + " <!ENTITY lol7 \"&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;\">\n" + " <!ENTITY lol8 \"&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;\">\n" + " <!ENTITY lol9 \"&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;\">\n" + "]>\n" + "<lolz>&lol9;</lolz>";
    analyzer.analyze(xmlString, "/foo");
}
Also used : XMLAnalyzer(org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.XMLAnalyzer) BeforeTest(org.testng.annotations.BeforeTest) Test(org.testng.annotations.Test)

Example 9 with XMLConfig

use of org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.XMLConfig in project carbon-apimgt by wso2.

the class XMLAnalyzerTestCase method testConfigureAnalyzer.

@Test
public void testConfigureAnalyzer() throws Exception {
    init();
    XMLAnalyzer analyzer = new XMLAnalyzer();
    analyzer.configure(xmlConfig);
}
Also used : XMLAnalyzer(org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.XMLAnalyzer) BeforeTest(org.testng.annotations.BeforeTest) Test(org.testng.annotations.Test)

Example 10 with XMLConfig

use of org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.XMLConfig in project carbon-apimgt by wso2.

the class XMLAnalyzerTestCase method testMaxChildrenPerElement.

@Test(expectedExceptions = APIMThreatAnalyzerException.class)
public void testMaxChildrenPerElement() throws Exception {
    init();
    xmlConfig.setMaxChildrenPerElement(2);
    XMLAnalyzer analyzer = new XMLAnalyzer();
    analyzer.configure(xmlConfig);
    String xmlString = "<root><c1></c1><c2></c2><c3></c3></root>";
    analyzer.analyze(xmlString, "/foo");
}
Also used : XMLAnalyzer(org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.XMLAnalyzer) BeforeTest(org.testng.annotations.BeforeTest) Test(org.testng.annotations.Test)

Aggregations

BeforeTest (org.testng.annotations.BeforeTest)7 Test (org.testng.annotations.Test)7 XMLAnalyzer (org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.XMLAnalyzer)6 XMLConfig (org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.XMLConfig)4 BBoolean (org.ballerinalang.model.values.BBoolean)1 BStruct (org.ballerinalang.model.values.BStruct)1 APIMThreatAnalyzer (org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.APIMThreatAnalyzer)1 JSONAnalyzer (org.wso2.carbon.apimgt.ballerina.threatprotection.analyzer.JSONAnalyzer)1 JSONConfig (org.wso2.carbon.apimgt.ballerina.threatprotection.configurations.JSONConfig)1