Security Testing behind Firewall (no internet access) - soapui.org/xss.js is not reachable?

Question

Hello, I'd like to run my soapui security tests in my office, which is behind a firewall to the internet.

So on my PC, I do not have direct access to the internet.

When I run my SoapUI Security Tests (REST, SOAP on a trial Ready!API ) on my PC, I see that on the cross site scripting test, soapui tries to access http://soapui.org/xss.js - but of course it's not reachable from my pc.

Example:

<unannounced><SCRIPT>document.write("<SCRI");</SCRIPT>PTsrc="http://soapui.org/xss.js"></SCRIPT></unannounced>

This cross site scripting test (default test) then returns OK (because the webservice returned correctly with a soap fault).

But does it make sense to run such test behind a firewall without access to the internet?

What would xss.js do when it would be called? Does soapui react on some response?

Thank you very much

Regards,

RKA

tanyayatskovska · Answer

Hi Rka,
&nbsp;
Could you please check if you observe the same behavior on Ready! API 1.4? It includes the latest SoapUI NG version.

Forum Discussion

Security Testing behind Firewall (no internet access) - soapui.org/xss.js is not reachable?

1 Reply

Recent Discussions

Test result Pass when data source times out

Run Test Case properties not populating for Data Source based items

Save Groovy output to JUnit report

Related Content

log4j security vulnerability

[Solved] SSL Handshake exception calling a secure webservice

Open file Security - Warning Popup