-
-
Notifications
You must be signed in to change notification settings - Fork 426
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pushing test for Persistent XSS in HTML #455
Conversation
|
||
@Test | ||
public void testGetVulnerablePayloadLevel7() { | ||
Map<String, String> queryParams = new HashMap<>(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i think we can use collections.singletonMap
|
||
ResponseEntity<String> response = vulnerability.getVulnerablePayloadLevel1(queryParams); | ||
|
||
verify(postRepository, times(1)).save(any()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
shall we also assert on the arguments passed to the postRepository?
} | ||
|
||
@Test | ||
public void testGetVulnerablePayloadLevel6() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think adding a few tests would help here like input having NullByte and its impact on level 6 and level 5.
|
||
ResponseEntity<String> response = vulnerability.getVulnerablePayloadLevel4(queryParams); | ||
|
||
verify(postRepository, times(1)).save(any()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we need to add a few more granular level of assertions then just verifying the call to postRepository.
Can you check ? Is it good like this ? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Thanks a lot for the PR.
@SeheX Thanks a lot for the PR !!! |
No description provided.