Sha256: 6645055580028c3f43c301436ef46dc30bb416efa0522c8707dec35c8d9e039e
Contents?: true
Size: 921 Bytes
Versions: 2
Compression:
Stored size: 921 Bytes
Contents
require 'spec_helper'
describe 'WAVSEP false-positive SQL injection' do
include_examples 'wavsep'
def self.methods
['GET']
end
def self.test_cases( http_method )
{
'SQL Injection' => {
url: "SInjection-FalsePositives-#{http_method}/",
modules: 'sqli*',
# I maintain that these should be logged **but** be flagged as
# untrusted.
vulnerable: [
'Case07-FalsePositiveInjectionInLogin-PsAndIv-500ErrorOnUnrelatedSyntaxError.jsp',
'Case08-FalsePositiveInjectionInLogin-PsAndIv-200ErrorOnUnrelatedSyntaxError.jsp'
]
}
}
end
easy_test do
@framework.modules.issues.each do |issue|
issue.trusted?.should be_false
issue.remarks.should include :auditor
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| arachni-0.4.7 | spec/external/wavsep/false_positives/sqli_spec.rb |
| arachni-0.4.6 | spec/external/wavsep/false_positives/sqli_spec.rb |