Examples of com.denimgroup.threadfix.framework.engine.full.EndpointQuery

Package com.denimgroup.threadfix.framework.engine.full

Examples of com.denimgroup.threadfix.framework.engine.full.EndpointQuery

com.denimgroup.threadfix.framework.engine.full.EndpointQuery

        "<input type=\"hidden\" id=\"user\" name=\"<%=username%>\" value=\"\"/>")
    );
  
  @Test
  public void testBasicNoSourceParsing() {
    EndpointQuery query = EndpointQueryBuilder.start().setCodePoints(basicModelElements).generateQuery();
    
    String result = noSourceParser.parse(query);
    assertTrue("Parameter was " + result + " instead of username", "username".equals(result));
  }

View Full Code Here

    assertTrue("Parameter was " + result + " instead of username", "username".equals(result));
  }
  
  @Test
  public void testBasicWithSourceParsing() {
    EndpointQuery query = EndpointQueryBuilder.start().setCodePoints(basicModelElements).generateQuery();
    
    String result = fullSourceParser.parse(query);
    assertTrue("Parameter was " + result + " instead of username", "username".equals(result));
  }

View Full Code Here

        factoryParser.parse(null);
    }
  
  @Test
  public void testNullInput() {
    EndpointQuery emptyDataFlowFinding = EndpointQueryBuilder.start().setCodePoints(new ArrayList<CodePoint>()).generateQuery();
    EndpointQuery nonEmptyDataFlowFinding = EndpointQueryBuilder.start().setCodePoints(basicModelElements).generateQuery();
    
    for (ParameterParser parser : new ParameterParser[] {
        factoryParser, fullSourceParser, noSourceParser
        }) {
      assertTrue("Parameter was not null and should have been.", parser.parse(EndpointQueryBuilder.start().generateQuery()) == null);

View Full Code Here

    "search.jsp",
  };
  
  @Nonnull
    private String getStaticPath(@Nonnull EndpointDatabase db, String dynamicPath) {
    EndpointQuery query = EndpointQueryBuilder.start()
        .setInformationSourceType(InformationSourceType.DYNAMIC)
        .setDynamicPath(dynamicPath)
        .generateQuery();
    
    Endpoint endpoint = db.findBestMatch(query);

View Full Code Here

        EndpointDatabase database = EndpointDatabaseFactory.getDatabase(
                generator, FrameworkType.DOT_NET_MVC, new DotNetPathCleaner());


        assert database != null;


        EndpointQuery query = EndpointQueryBuilder.start().setDynamicPath("/Instructor/Details/6").generateQuery();


        Set<Endpoint> allMatches = database.findAllMatches(query);


        assert allMatches.size() == 1 : "Size was " + allMatches.size() + " instead of 1.";

View Full Code Here

    public void testEndpointDatabase() {
        EndpointDatabase database = EndpointDatabaseFactory.getDatabase(new File(folderName));


        assert database != null : "Unable to generate a database for " + folderName + ", check the filesystem.";


        EndpointQuery endpointQuery = EndpointQueryBuilder.start()
                .setHttpMethod("POST")
                .setDynamicPath("/Account/Login")
                .setParameter("UserName")
                .setInformationSourceType(InformationSourceType.DYNAMIC)
                .generateQuery();

View Full Code Here

    public void testBindIncludeParameters() {
        EndpointDatabase database = EndpointDatabaseFactory.getDatabase(getContosoLocation());


        assert database != null : "Unable to generate a database for " + folderName + ", check the filesystem.";


        EndpointQuery endpointQuery = EndpointQueryBuilder.start()
                .setHttpMethod("POST")
                .setDynamicPath("/Student/Create")
                .setParameter("LastName")
                .setInformationSourceType(InformationSourceType.DYNAMIC)
                .generateQuery();

View Full Code Here


    @Test
    public void testBasicDataFlow() {
        ParameterParser webFormsParser = new WebFormsParameterParser();


        EndpointQuery query = generateCodePoints(
                "string sql = @\"SELECT * FROM [User] WHERE Username = '\" + txtUsername.Text + @\"'\";",
                "sql",
                "sql",
                "SqlCommand"
        );

View Full Code Here


    @Test
    public void testOnlyOnLeftSideOfEquals() {
        ParameterParser webFormsParser = new WebFormsParameterParser();


        EndpointQuery query = generateCodePoints(
                "retVal = cmd.ExecuteReader();",
                "retVal",
                "ExecuteDataReader",
                "lblStateLocalTaxes.Text = String.Format(\"{0:c}\", (decimal)reader[\"StateLocalTaxes\"]);"
        );

View Full Code Here


    @Test
    public void testOnBothSidesOfEquals() {
        ParameterParser webFormsParser = new WebFormsParameterParser();


        EndpointQuery query = generateCodePoints(
                "lblMessage.Text = \"Message sent to \" + Request[\"email\"] + \" with subject \" + txtSubject.Text + \" and content \" + txtMessage.Text;",
                "lblMessage.Text = \"Message sent to \" + Request[\"email\"] + \" with subject \" + txtSubject.Text + \" and content \" + txtMessage.Text;"
        );


        String param = webFormsParser.parse(query);

View Full Code Here

0 1 2

TOP

Related Classes of com.denimgroup.threadfix.framework.engine.full.EndpointQuery

com.denimgroup.threadfix.framework.impl.dotNet.DotNetModelBindingTests

com.denimgroup.threadfix.framework.impl.dotNet.DotNetPathMatchingTests

com.denimgroup.threadfix.framework.impl.dotNetWebForm.AutoGeneratedParameterNameTests

com.denimgroup.threadfix.framework.impl.dotNetWebForm.WebFormsParameterParserTests

com.denimgroup.threadfix.framework.impl.jsp.JspEndpointDatabaseTests

com.denimgroup.threadfix.framework.impl.jsp.JSPParameterParserTests

com.denimgroup.threadfix.framework.impl.spring.PetClinicEndpointDatabaseTests

com.denimgroup.threadfix.framework.impl.spring.SpringParameterParsingTests

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.