Forum Discussion

Alick's avatar
Alick
Occasional Contributor
8 years ago

Secure: How to prevent test fail if the response is an error?

For a lot of my security tests the requests are being rejected by the API, but because the XSS string is contained in an error message it counts as a failed test in the response comparison

 

Is there a simple way of preventing a failed test if the word "Error" is present in the response?

4 Replies

    • Alick's avatar
      Alick
      Occasional Contributor

      Hi Amber, thanks for the reply.

       

      I've looked in there, The assertion is "Cross Site Scripting Detection", but the only modifiable field in there is to make a separate call to a different URL for results, nothing that I can see would change the logic of the assertion itself, am I missing something I can do?

      • SmartBearAmber's avatar
        SmartBearAmber
        SmartBear Alumni (Retired)

        You can add additional assertions from the Assertions menu.