Fixes:
1) Crashes in runner and file_utils
2) Binary strings being read in as payloads
Updates:
1) Clarified error messages in parser
2) Confusing variable names in test cases vs issues
Adds:
1) A `syntribos root` CLI sub command to display the current syntribos root dir
Change-Id: I22edf7a1f3d39724522aee88d08b00d299b67248
1) Allows for YAML body in request templates. If a content-type
is specified for a request template, Syntribos will validate the
body against the header. This is to prevent templates from silently
failing to parse and sending unintended data to the target.
2) Added extension to support basicauth
3) Lowered confidence ratings for various tests
Change-Id: I672b0e0aa3da1aa6dd7e9a8456da73f0a15759b7
Before, a meta variable of the form "application/|type|" would
throw an error, now you can specify |type| as a metavar.
Change-Id: I0f9ba4635cdd6e2886d7f2f5e1ce2ab5b8dc2330
The i18n team has decided not to translate the logs because it
seems like it not very useful; operators prefer to have them in
English so that they can search for those strings on the internet.
Change-Id: I84b1a2397f424430ed332aa7d4d874379abd0357
Adding cross site tracing test to syntribos. This vulnerability
can be exploited only if there are existing xss vulnerabilities
in the app.
Moving "checks" that deals specificially with header data to
"header" directory.
Change-Id: I7b4b40ca54a95628e9b6d55963b5e159e6862a45
Syntribos now allows the user to specify variables in their request
templates by reading from a meta.json file. This is part 1 of 3 of
the full effort, dealing primarily with the template parser itself.
Change-Id: Id41d331f595cd3bc32f085ef49cb5d1b16779a5c
As we are moving to the next iteration of the project for Ocata,
I think it would be helpul to makesure that the codebase is
fully compatible in py27 and in py35. Also, some minor styling
changes, removing uncessary spaces etc.
Change-Id: I9aac07dc180cd3a7c7885661bdad985c183ae0a9
Adds templates for Glance images + members. Also tweaks the HTTP parser
so that it doesn't break with a PATCH body consisting of a list instead
of the more-common dict. This solution is sub-optimal because the body
is treated as a string variable (i.e. you'll get a fuzzed request like
[0x0000] instead of fuzzing the contained object attributes)
Change-Id: I0e23c8281a63018ecadb84959f3a70be1f80fa74
We were returning a new object from http parser each time,
causing init_req.fuzz_request to fail, as it is added later,
new object will not have it. This caused fuzz tests to fail,
fixing it
Change-Id: I8c2c717628bce3f14a85bacad2d4bcd654dbb835
- Make the parser more robust by validating data more thoroughly
- Add unit tests to exercise parser functionality
Change-Id: I6d55d18406e655e19633334ff4cfd0b96beef84f
Adding some basic unit tests to validate functionality in the Syntribos
runner and config files. Also preparing for py34 compatability.
Change-Id: I6a6352ccd6041f6044911803f753cdf525e0dfef
We are currently using block quotes for license comments, which means
that Sphinx pulls this into every module, which is bad. Hash-prefixed
comments for licenses seem to be the standard for OpenStack as well.
Change-Id: Iabc60228c1201a960f672e1b0c7ab3c5312c9d8e
Implements: blueprint docstring-add-to-framework
This PR adds docstrings to a number of important components of
Syntribos, and adds this documentation to our Sphinx doc structure. It
also removes copyrights from __init__.py files with no other content,
in line with OpenStack style guidelines.
Set 2: Fixed PEP8 failure.
Change-Id: Ic57b31f451ec3ecf7f5b308da4544f808c9c9a5d
Implements: blueprint docstring-add-to-framework
In method create_request of class RequestCreator in file
syntribos/clients/http/parser.py line 43, the headers variable
is missing the last HTTP header when a GET file is being processed.
The code works for POST because the POST body is separated from the
header by two newlines. For GET requests, the index value is being
adjusted to account for the fact that it does not have a body so no
empty line will be present. We just add 1 to the index in that case.
Change-Id: I91881e1882aab21c2c14a7ff351bb3f7b70727f2
Closes-Bug: #1543236
Andreas Jaeger