dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: cleanup IT tests (#2040)

Browse Source
This commit is contained in:
Nanne Baars
2025-02-28 18:39:23 +01:00
committed by GitHub
parent b5af30c819
commit 55bd0a49db
24 changed files with 233 additions and 297 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/it/java/org/owasp/webgoat/integration/XXEIntegrationTest.java
View File

@ -61,7 +61,7 @@ public class XXEIntegrationTest extends IntegrationTest {
*/
private String getSecret() {
String secretFile = webGoatHomeDirectory.concat("/XXE/" + getUser() + "/secret.txt");
String webWolfCallback = new WebWolfUrlBuilder().path("landing").attackMode().build();
String webWolfCallback = webWolfUrlConfig.url("landing");
String dtd7String = dtd7.replace("WEBWOLFURL", webWolfCallback).replace("SECRET", secretFile);
// upload DTD
@ -70,7 +70,7 @@ public class XXEIntegrationTest extends IntegrationTest {
.relaxedHTTPSValidation()
.cookie("WEBWOLFSESSION", getWebWolfCookie())
.multiPart("file", "blind.dtd", dtd7String.getBytes())
.post(new WebWolfUrlBuilder().path("fileupload").build())
.post(webWolfUrlConfig.url("fileupload"))
.then()
.extract()
.response()
@ -79,9 +79,9 @@ public class XXEIntegrationTest extends IntegrationTest {
// upload attack
String xxe7String =
xxe7.replace("WEBWOLFURL", new WebWolfUrlBuilder().attackMode().path("files").build())
xxe7.replace("WEBWOLFURL", webWolfUrlConfig.url("files"))
.replace("USERNAME", this.getUser());
checkAssignment(url("xxe/blind"), ContentType.XML, xxe7String, false);
checkAssignment(webGoatUrlConfig.url("xxe/blind"), ContentType.XML, xxe7String, false);
// read results from WebWolf
String result =
@ -89,7 +89,7 @@ public class XXEIntegrationTest extends IntegrationTest {
.when()
.relaxedHTTPSValidation()
.cookie("WEBWOLFSESSION", getWebWolfCookie())
.get(new WebWolfUrlBuilder().path("requests").build())
.get(webWolfUrlConfig.url("requests"))
.then()
.extract()
.response()
@ -109,10 +109,10 @@ public class XXEIntegrationTest extends IntegrationTest {
public void runTests() throws IOException {
startLesson("XXE", true);
webGoatHomeDirectory = webGoatServerDirectory();
checkAssignment(url("xxe/simple"), ContentType.XML, xxe3, true);
checkAssignment(url("xxe/content-type"), ContentType.XML, xxe4, true);
checkAssignment(
url("xxe/blind"),
checkAssignment(webGoatUrlConfig.url("xxe/simple"), ContentType.XML, xxe3, true);
checkAssignment(webGoatUrlConfig.url("xxe/content-type"), ContentType.XML, xxe4, true);
checkAssignment(
webGoatUrlConfig.url("xxe/blind"),
ContentType.XML,
"<comment><text>" + getSecret() + "</text></comment>",
true);