def get_fuzzable_request(self, discover_fuzzable_headers=False, discover_fuzzable_url_parts=False): """ Creates a fuzzable request by querying different parts of the spec parameters, operation, etc. :param discover_fuzzable_headers: If it's set to true, then all fuzzable headers will be added to the fuzzable request. :param discover_fuzzable_url_parts: If it's set to true, then all fuzzable url parts will be added to the fuzzable request. :return: A fuzzable request. """ method = self.get_method() uri = self.get_uri() headers = self.get_headers() data_container = self.get_data_container(headers) fuzzable_request = FuzzableRequest(uri, headers=headers, post_data=data_container, method=method) if discover_fuzzable_headers: fuzzable_request.set_force_fuzzing_headers( self._get_parameter_headers()) if discover_fuzzable_url_parts: fuzzable_request.set_force_fuzzing_url_parts(self._get_url_parts()) return fuzzable_request
def test_force_fuzzing_headers(self): fr = FuzzableRequest(URL('http://www.w3af.com/'), headers=Headers([('Host', 'www.w3af.com')])) self.assertEquals(fr.get_force_fuzzing_headers(), []) with self.assertRaises(TypeError): fr.set_force_fuzzing_headers(None) with self.assertRaises(TypeError): fr.set_force_fuzzing_headers(1) fr.set_force_fuzzing_headers([ 'X-Foo-Header', 'X-Bar-Header', 'X-Awesome-Header', 'X-Bar-Header' ]) force_fuzzing_headers = fr.get_force_fuzzing_headers() self.assertEquals(len(force_fuzzing_headers), 3) self.assertIn('X-Foo-Header', force_fuzzing_headers) self.assertIn('X-Bar-Header', force_fuzzing_headers) self.assertIn('X-Awesome-Header', force_fuzzing_headers) modified_force_fuzzing_headers = fr.get_force_fuzzing_headers() modified_force_fuzzing_headers.append('X-Another-Header') force_fuzzing_headers = fr.get_force_fuzzing_headers() self.assertEquals(len(force_fuzzing_headers), 3) self.assertNotIn('X-Another-Header', force_fuzzing_headers) fr.set_force_fuzzing_headers(tuple()) self.assertEquals(fr.get_force_fuzzing_headers(), [])
def get_fuzzable_request(self, discover_fuzzable_headers=False): """ Creates a fuzzable request by querying different parts of the spec parameters, operation, etc. :param discover_fuzzable_headers: If it's set to true, then all fuzzable headers will be added to the fuzzable request. :return: A fuzzable request. """ method = self.get_method() uri = self.get_uri() headers = self.get_headers() data_container = self.get_data_container(headers) fuzzable_request = FuzzableRequest(uri, headers=headers, post_data=data_container, method=method) if discover_fuzzable_headers: fuzzable_request.set_force_fuzzing_headers(self._get_parameter_headers()) return fuzzable_request