Example 1 with InputVectorBuilder
use of org.zaproxy.zap.core.scanner.InputVectorBuilder in project zaproxy by zaproxy.
the class VariantMultipartFormParametersUnitTest method shouldInjectParamValueMultipleTimesModificationInFileNameParam.
@Test
void shouldInjectParamValueMultipleTimesModificationInFileNameParam() {
// Given
VariantMultipartFormParameters variant = new VariantMultipartFormParameters();
HttpMessage message = createMessage();
String paramName = "somefile";
String newValue = "somefile9";
variant.setMessage(message);
// When
InputVectorBuilder inputVectorBuilder = new InputVectorBuilder();
for (int i = 0; i < 10; i++) {
inputVectorBuilder.setNameAndValue(new NameValuePair(NameValuePair.TYPE_MULTIPART_DATA_FILE_NAME, paramName, DEFAULT_FILE_NAME, 2), paramName, PayloadFormat.ALREADY_ESCAPED, newValue, PayloadFormat.ALREADY_ESCAPED);
}
variant.setParameters(message, inputVectorBuilder.build());
HttpMessage newMsg = createMessage(DEFAULT_PARAM_CONTENT, newValue, DEFAULT_CONTENT_TYPE, DEFAULT_FILE_PARAM_CONTENT);
// Then
assertThat(message.getRequestBody().toString(), equalTo(newMsg.getRequestBody().toString()));
}
Also used :
HttpMessage(org.parosproxy.paros.network.HttpMessage)
InputVectorBuilder(org.zaproxy.zap.core.scanner.InputVectorBuilder)
Test(org.junit.jupiter.api.Test)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
Example 2 with InputVectorBuilder
use of org.zaproxy.zap.core.scanner.InputVectorBuilder in project zaproxy by zaproxy.
the class VariantMultipartFormParametersUnitTest method shouldInjectParamValueMultipleTimesModifications.
@ParameterizedTest
@MethodSource("getArgumentsForMultipleModifications")
void shouldInjectParamValueMultipleTimesModifications(String newValue, String newContent, String origContent) {
// Given
VariantMultipartFormParameters variant = new VariantMultipartFormParameters();
HttpMessage message = createMessage();
String paramName = "somefile";
variant.setMessage(message);
// When
InputVectorBuilder inputVectorBuilder = new InputVectorBuilder();
inputVectorBuilder.setNameAndValue(new NameValuePair(NameValuePair.TYPE_MULTIPART_DATA_PARAM, "person", DEFAULT_PARAM_CONTENT, 1), paramName, PayloadFormat.ALREADY_ESCAPED, newValue, PayloadFormat.ALREADY_ESCAPED);
inputVectorBuilder.setNameAndValue(new NameValuePair(NameValuePair.TYPE_MULTIPART_DATA_FILE_PARAM, paramName, origContent, 4), paramName, PayloadFormat.ALREADY_ESCAPED, newContent, PayloadFormat.ALREADY_ESCAPED);
inputVectorBuilder.setNameAndValue(new NameValuePair(NameValuePair.TYPE_MULTIPART_DATA_FILE_NAME, paramName, DEFAULT_FILE_NAME, 2), paramName, PayloadFormat.ALREADY_ESCAPED, newValue, PayloadFormat.ALREADY_ESCAPED);
inputVectorBuilder.setNameAndValue(new NameValuePair(NameValuePair.TYPE_MULTIPART_DATA_FILE_CONTENTTYPE, paramName, DEFAULT_CONTENT_TYPE, 3), paramName, PayloadFormat.ALREADY_ESCAPED, newValue, PayloadFormat.ALREADY_ESCAPED);
variant.setParameters(message, inputVectorBuilder.build());
HttpMessage newMsg = createMessage(newValue, newValue, newValue, newContent);
// Then
assertThat(message.getRequestBody().toString(), equalTo(newMsg.getRequestBody().toString()));
}
Also used :
HttpMessage(org.parosproxy.paros.network.HttpMessage)
InputVectorBuilder(org.zaproxy.zap.core.scanner.InputVectorBuilder)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
MethodSource(org.junit.jupiter.params.provider.MethodSource)
Aggregations
ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)2
HttpMessage (org.parosproxy.paros.network.HttpMessage)2
InputVectorBuilder (org.zaproxy.zap.core.scanner.InputVectorBuilder)2
Test (org.junit.jupiter.api.Test)1
MethodSource (org.junit.jupiter.params.provider.MethodSource)1
