Propagated content-type header to Issues for reporting
Change-Id: Id842e091519acae80e28709a6d6cdde36b347c0a
This commit is contained in:
parent
679cfd5d2f
commit
58688be8d8
@ -45,6 +45,11 @@ class JSONFormatter(object):
|
||||
method = issue.impacted_parameter.method
|
||||
loc = issue.impacted_parameter.location
|
||||
name = issue.impacted_parameter.name
|
||||
content_type = issue.content_type
|
||||
if loc == "data":
|
||||
param = "{0} - {1}:{2}|{3}".format(method, loc,
|
||||
content_type, name)
|
||||
else:
|
||||
param = "{0} - {1}|{2}".format(method, loc, name)
|
||||
defect_type = issue.defect_type
|
||||
|
||||
|
@ -34,6 +34,7 @@ class Issue(object):
|
||||
:ivar test_type: The type of vulnerability that is being tested for. This
|
||||
is not necessarily the same as the Defect Type, which may be something
|
||||
like 500 error or DoS.
|
||||
:ivar content_type: The content-type of the unmodified request
|
||||
:ivar impacted_parameter: For fuzz tests only, a
|
||||
:class:`syntribos.tests.fuzz.base_fuzz.ImpactedParameter` that holds
|
||||
data about what part of the request was affected by the fuzz test.
|
||||
|
@ -185,6 +185,7 @@ class BaseFuzzTestCase(base.BaseTestCase):
|
||||
file_content, os.environ.get("SYNTRIBOS_ENDPOINT"))
|
||||
prepared_copy = request_obj.get_prepared_copy()
|
||||
cls.init_response = cls.client.send_request(prepared_copy)
|
||||
cls.init_request = cls.init_response.request
|
||||
# end block
|
||||
|
||||
prefix_name = "{filename}_{test_name}_{fuzz_file}_".format(
|
||||
@ -218,6 +219,10 @@ class BaseFuzzTestCase(base.BaseTestCase):
|
||||
url_components = urlparse(self.init_response.url)
|
||||
issue.target = url_components.netloc
|
||||
issue.path = url_components.path
|
||||
if 'content-type' in self.init_request.headers:
|
||||
issue.content_type = self.init_request.headers['content-type']
|
||||
else:
|
||||
issue.content_type = None
|
||||
|
||||
issue.impacted_parameter = ImpactedParameter(method=req.method,
|
||||
location=self.test_type,
|
||||
|
Loading…
Reference in New Issue
Block a user