Contributions
Re: I can't work out how to run secure with proper JSON parameters
Hi Mfagerlind, thanks for the reply :) yeah I was told after contacting smartbear directly that it was an issue from <1.9.0 which has been fixed in the latest release which is definitely what I wanted! I think it was ticket API-1341 if i remember correctly, I was checking everyday for an update and when 1.9.0 came out I was shamelessly happy :)8 years agoPlace ReadyAPI QuestionsReadyAPI Questions1.5KViews1like1CommentRe: Secure: How to prevent test fail if the response is an error?
ok, and will this assertion work separately to the immediate response assertion? the logic i need is something like fail IF cross site script is in response AND 'Error' is NOT in response but there's no documentation on the relationship between assertions or the overarching logic (if response doesn't contain the cross site scripting string then we don't want to assert that error is always there)8 years agoPlace ReadyAPI QuestionsReadyAPI Questions1.1KViews0likes0CommentsRe: Secure: How to prevent test fail if the response is an error?
Hi Amber, thanks for the reply. I've looked in there, The assertion is "Cross Site Scripting Detection", but the only modifiable field in there is to make a separate call to a different URL for results, nothing that I can see would change the logic of the assertion itself, am I missing something I can do?8 years agoPlace ReadyAPI QuestionsReadyAPI Questions1.1KViews0likes2CommentsSecure: How to prevent test fail if the response is an error?
For a lot of mysecurity tests the requests are being rejected by the API, but because the XSS string is contained in an error message it counts as a failed test in the response comparison Is there a simple way of preventing a failed test if the word "Error" is present in the response?8 years agoPlace ReadyAPI QuestionsReadyAPI Questions1.1KViews0likes4CommentsRe: Secure pro report file issue
yeah I was worried about the reports in the trial license period and thought I'd have to write something to parse them, but when I got the full license they're really nicely presented and full of information :)8 years agoPlace ReadyAPI QuestionsReadyAPI Questions748Views0likes0CommentsRe: Secure pro tool alarming
that's what you want isn't it? if there are 100 payloads and 20 cause alarm, then you've successfully protected against 80, but every one of those 20 is a possible vector the payloads do the same thing but use different methods, it's not a binary test8 years agoPlace ReadyAPI QuestionsReadyAPI Questions780Views0likes0CommentsRe: Secure pro issues regarding parameter fuzzing
I've had the same problem for a while now (not only with fuzzing, NO security tests work with json POSTs!!!!!), I've been told it's been ticketted asAPI-1341 for a fix it's a bit ridiculous8 years agoPlace ReadyAPI QuestionsReadyAPI Questions845Views0likes0CommentsRe: How to generate a random numbers prepended with a name?
I have my random number as a projectproperty i call 'rand' with the value ${=(int)(Math.random()*1000000)} then reference it in the request like this: newuser_${#Project#rand} if that's any help?8 years agoPlace ReadyAPI QuestionsReadyAPI Questions2.2KViews0likes0Comments