diff options
| author | David Dworken <david@daviddworken.com> | 2017-10-17 23:39:33 -0400 |
|---|---|---|
| committer | David Dworken <david@daviddworken.com> | 2017-10-17 23:39:33 -0400 |
| commit | 04a06eb6b5b5813b4ec630fc1451b1734fbb22fc (patch) | |
| tree | 26ea8ce5af6319ef5ff49b2e1cf9d2adaa05e8be /test/examples | |
| parent | d5173f3905b5ceb08276538aafbd815a62772119 (diff) | |
| download | mitmproxy-04a06eb6b5b5813b4ec630fc1451b1734fbb22fc.tar.gz mitmproxy-04a06eb6b5b5813b4ec630fc1451b1734fbb22fc.tar.bz2 mitmproxy-04a06eb6b5b5813b4ec630fc1451b1734fbb22fc.zip | |
Added scanning for CSS injection and iframe injection
Diffstat (limited to 'test/examples')
| -rw-r--r-- | test/examples/test_xss_scanner.py | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/test/examples/test_xss_scanner.py b/test/examples/test_xss_scanner.py index 14ee6902..e15d7e10 100644 --- a/test/examples/test_xss_scanner.py +++ b/test/examples/test_xss_scanner.py @@ -314,7 +314,13 @@ class TestXSSScanner(): assert logger.args == [] xss.find_unclaimed_URLs("<html><script src=\"http://unclaimedDomainName.com\"></script></html>", "https://example.com") - assert logger.args[0] == 'XSS found in https://example.com due to unclaimed URL "http://unclaimedDomainName.com" in script tag.' + assert logger.args[0] == 'XSS found in https://example.com due to unclaimed URL "http://unclaimedDomainName.com".' + xss.find_unclaimed_URLs("<html><iframe src=\"http://unclaimedDomainName.com\"></iframe></html>", + "https://example.com") + assert logger.args[0] == 'XSS found in https://example.com due to unclaimed URL "http://unclaimedDomainName.com".' + xss.find_unclaimed_URLs("<html><link rel=\"stylesheet\" href=\"http://unclaimedDomainName.com\"></html>", + "https://example.com") + assert logger.args[0] == 'XSS found in https://example.com due to unclaimed URL "http://unclaimedDomainName.com".' def test_log_XSS_data(self, monkeypatch, logger): logger.args = [] |