use of org.zaproxy.zap.model.DefaultValueGenerator in project zaproxy by zaproxy.
the class SpiderHtmlFormParserUnitTest method shouldFailToCreateParserWithUndefinedSpiderOptions.
@Test
void shouldFailToCreateParserWithUndefinedSpiderOptions() {
// Given
SpiderParam undefinedSpiderOptions = null;
// When / Then
assertThrows(IllegalArgumentException.class, () -> new SpiderHtmlFormParser(undefinedSpiderOptions, new DefaultValueGenerator()));
}
use of org.zaproxy.zap.model.DefaultValueGenerator in project zaproxy by zaproxy.
the class SpiderHtmlFormParserUnitTest method shouldParseNonPostFormIfPostFormProcessingIsDisabled.
@Test
void shouldParseNonPostFormIfPostFormProcessingIsDisabled() {
// Given
SpiderParam spiderOptions = createSpiderParamWithConfig();
spiderOptions.setProcessForm(true);
spiderOptions.setPostForm(false);
SpiderHtmlFormParser htmlParser = new SpiderHtmlFormParser(spiderOptions, new DefaultValueGenerator());
TestSpiderParserListener listener = createTestSpiderParserListener();
htmlParser.addSpiderParserListener(listener);
HttpMessage messageHtmlResponse = createMessageWith("GET", "Form.html");
Source source = createSource(messageHtmlResponse);
// When
boolean completelyParsed = htmlParser.parseResource(messageHtmlResponse, source, BASE_DEPTH);
// Then
assertThat(completelyParsed, is(equalTo(false)));
assertThat(listener.getNumberOfUrlsFound(), is(equalTo(1)));
assertThat(listener.getUrlsFound(), contains("http://example.org/?field1=Text+1&field2=Text+2&submit=Submit"));
}
use of org.zaproxy.zap.model.DefaultValueGenerator in project zaproxy by zaproxy.
the class SpiderHtmlFormParserUnitTest method shouldNotParseMessageIfFormProcessingIsDisabled.
@Test
void shouldNotParseMessageIfFormProcessingIsDisabled() {
// Given
SpiderParam spiderOptions = createSpiderParamWithConfig();
spiderOptions.setProcessForm(false);
SpiderHtmlFormParser htmlParser = new SpiderHtmlFormParser(spiderOptions, new DefaultValueGenerator());
TestSpiderParserListener listener = createTestSpiderParserListener();
htmlParser.addSpiderParserListener(listener);
HttpMessage messageHtmlResponse = createMessageWith("PostGetForms.html");
Source source = createSource(messageHtmlResponse);
// When
boolean completelyParsed = htmlParser.parseResource(messageHtmlResponse, source, BASE_DEPTH);
// Then
assertThat(completelyParsed, is(equalTo(false)));
assertThat(listener.getNumberOfUrlsFound(), is(equalTo(0)));
}
use of org.zaproxy.zap.model.DefaultValueGenerator in project zaproxy by zaproxy.
the class SpiderHtmlFormParserUnitTest method shouldSetValuesToFieldsWithNoValueWhenParsingPostForm.
@Test
void shouldSetValuesToFieldsWithNoValueWhenParsingPostForm() {
// Given
DefaultValueGenerator valueGenerator = new DefaultValueGenerator();
SpiderHtmlFormParser htmlParser = createSpiderHtmlFormParser(valueGenerator);
TestSpiderParserListener listener = createTestSpiderParserListener();
htmlParser.addSpiderParserListener(listener);
Date date = new Date(1474370354555L);
valueGenerator.setDefaultDate(date);
HttpMessage msg = createMessageWith("POST", "FormNoDefaultValues.html");
Source source = createSource(msg);
// When
boolean completelyParsed = htmlParser.parseResource(msg, source, BASE_DEPTH);
// Then
assertThat(completelyParsed, is(equalTo(false)));
assertThat(listener.getNumberOfResourcesFound(), is(equalTo(8)));
assertThat(listener.getResourcesFound(), contains(postResource(msg, 1, "http://example.org/", "_hidden=&_no-type=ZAP&_text=ZAP&_password=ZAP&_file=test_file.txt&submit=Submit"), postResource(msg, 1, "http://example.org/html5/number", "_number=1&_number-min=1&_number-max=2&submit=Submit"), postResource(msg, 1, "http://example.org/html5/range", "_range=1&_range-min=3&_range-max=4&submit=Submit"), postResource(msg, 1, "http://example.org/html5/misc", "_url=http%3A%2F%2Fwww.example.com&_email=foo-bar%40example.com&_color=%23ffffff&_tel=9999999999&submit=Submit"), postResource(msg, 1, "http://example.org/unknown", "_unknown=&submit=Submit"), postResource(msg, 1, "http://example.org/selects", "_select-one-option=first-option&_select-two-options=last-option&_select-selected-option=selected-option&submit=Submit"), postResource(msg, 1, "http://example.org/checkbox", "_checkbox=first-checkbox&submit=Submit"), postResource(msg, 1, "http://example.org/html5/date-time", params(param("_datetime", formattedDate("yyyy-MM-dd'T'HH:mm:ss'Z'", date)), param("_datetime-local", formattedDate("yyyy-MM-dd'T'HH:mm:ss", date)), param("_date", formattedDate("yyyy-MM-dd", date)), param("_time", formattedDate("HH:mm:ss", date)), param("_month", formattedDate("yyyy-MM", date)), param("_week", formattedDate("yyyy-'W'ww", date)), param("submit", "Submit")))));
}
use of org.zaproxy.zap.model.DefaultValueGenerator in project zaproxy by zaproxy.
the class SpiderHtmlFormParserUnitTest method shouldParseFormAsGetIfFormHasNoMethodEvenIfPostFormProcessingIsDisabled.
@Test
void shouldParseFormAsGetIfFormHasNoMethodEvenIfPostFormProcessingIsDisabled() {
// Given
SpiderParam spiderOptions = createSpiderParamWithConfig();
spiderOptions.setProcessForm(true);
spiderOptions.setPostForm(false);
SpiderHtmlFormParser htmlParser = new SpiderHtmlFormParser(spiderOptions, new DefaultValueGenerator());
TestSpiderParserListener listener = createTestSpiderParserListener();
htmlParser.addSpiderParserListener(listener);
HttpMessage messageHtmlResponse = createMessageWith("NoMethodForm.html");
Source source = createSource(messageHtmlResponse);
// When
boolean completelyParsed = htmlParser.parseResource(messageHtmlResponse, source, BASE_DEPTH);
// Then
assertThat(completelyParsed, is(equalTo(false)));
assertThat(listener.getNumberOfUrlsFound(), is(equalTo(1)));
assertThat(listener.getUrlsFound(), contains("http://example.org/?field1=Text+1&field2=Text+2&submit=Submit"));
}
Aggregations