Forum Discussion

rahulsri's avatar
rahulsri
Occasional Contributor
8 years ago

Not able to generate alerts count while running security test cases from cammand line.

Hi team i am trying to run security test cases from cammand lin eusing security runner , but whule running with this cammand i am not able to generate the alerts while i am getting error log while for the same test cases when i am running the cases from gui i am getting alerts for the same scans .

 

one of the logs for this is as follows:

13:01:44,122 ERROR [SoapUI] An error occurred [Illegal character in path at index 97: https://myapp.com/url/api/v1/name/%3CHEAD%3E%3CMETA HTTP-EQUIV=%22CONTENT-TYPE%22 CONTENT=%22text/html; charset=UTF-7%22%3E %3C/HEAD%3E+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-], see error log for details
13:01:44,123 ERROR [errorlog] java.net.URISyntaxException: Illegal character in path at index 97: https://myapp.com/url/api/v1/name/%3CHEAD%3E%3CMETA HTTP-EQUIV=%22CONTENT-TYPE%22 CONTENT=%22text/html; charset=UTF-7%22%3E %3C/HEAD%3E+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-
java.net.URISyntaxException: Illegal character in path at index 97: https://myapp.com/url/api/v1/name/%3CHEAD%3E%3CMETA HTTP-EQUIV=%22CONTENT-TYPE%22 CONTENT=%22text/html; charset=UTF-7%22%3E %3C/HEAD%3E+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-
	at java.net.URI$Parser.fail(Unknown Source)
	at java.net.URI$Parser.checkChars(Unknown Source)
	at java.net.URI$Parser.parseHierarchical(Unknown Source)
	at java.net.URI$Parser.parse(Unknown Source)
	at java.net.URI.<init>(Unknown Source)
	at org.apache.http.client.utils.URIUtils.createURI(URIUtils.java:112)
	at com.eviware.soapui.impl.wsdl.submit.filters.HttpRequestFilter.filterHttpRequest(HttpRequestFilter.java:239)
	at com.eviware.soapui.impl.wsdl.submit.filters.RestRequestFilter.filterRestRequest(RestRequestFilter.java:31)
	at com.eviware.soapui.impl.wsdl.submit.filters.AbstractRequestFilter.filterAbstractHttpRequest(AbstractRequestFilter.java:42)
	at com.eviware.soapui.impl.wsdl.submit.filters.AbstractRequestFilter.filterRequest(AbstractRequestFilter.java:34)
	at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.filterRequest(HttpClientRequestTransport.java:396)
	at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.sendRequest(HttpClientRequestTransport.java:192)
	at com.eviware.soapui.impl.wsdl.WsdlSubmit.run(WsdlSubmit.java:120)
	at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
	at java.util.concurrent.FutureTask.run(Unknown Source)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
	at java.lang.Thread.run(Unknown Source)

for the same error i am getting alert while running this from gui but not getting any alert through cammand line i am running following cammand:

securitytestrunner.bat -r -a -f"C:\jenkinsworkspace\workspace\SecurityTest\report" -R"SecurityTest Report" -F"PDF,XML,CSV" -H"Authorization=Bearer NmQ2YjYzZGItYTA1ZC00YWFiLWExOTQtY2U0ODA5N2I1NTYxZDk1ZTUxNjEtMWQx" -s"TestSuite 1" -c"Name" -n"SecurityTest 1" -E"Default environment" "C:\Users\admin\soapui-project.xml"

 

2 Replies

    • rahulsri's avatar
      rahulsri
      Occasional Contributor

      yes i have done that , prblm here is that the alert which i am getting is comming as error while running through cmd.

      As i have send the log earlier it is an alert but not comming in the report ,

      and the second part as all the threee report are generated there is no issue in that.