SoapUI disable replacing

Question

Hello&nbsp;I'm currently using SoapUI for manual security testing. I have problem with replacing by payloads in client side.For example entities&nbsp; in my request are replaced on client side. This behaviour makes impossible for me to test some security cases like&nbsp;billion laughs attack.Is there option to disable that replacement?

karelhusa · Answer

Hi&nbsp;skyr00zx&nbsp;,there is no standard option to disable text evaluation in functional tests, as far as I know.&nbsp;But for security testing (billion laughs etc.) you can use Security tests and use the prepared messages or define your own, see the picture bellow. The entities aren't evaluated there.&nbsp;More about security testing in SoapUI at:&nbsp;https://www.soapui.org/docs/security-testing/getting-started/&nbsp;.&nbsp;Best regards,Karel&nbsp;

Forum Discussion

SoapUI disable replacing

1 Reply

Related Content

Performing a JsonPath replacement in groovy

scrollIntoView replacement

TestComplete Name Mapping Merge/Replace

Browser component is disabled

Replacing + character with %2B when sending

Recent Discussions

SOAP Request works in SoapUI, but not in C# code

How to configure Swagger in Paas to use it in Oracle APEX instance.

log4j1.x vulnerability

Soapui 5.7.1 dependency : thoughtworks:xstream:jar:1.4.20

SoapUI OSS apidocs are outdated in April 2024