diff options
author | GuangrongFu <fu.guangrong@zte.com.cn> | 2021-06-08 13:59:18 +0800 |
---|---|---|
committer | GuangrongFu <fu.guangrong@zte.com.cn> | 2021-06-08 14:06:16 +0800 |
commit | be5ca2b68e80688677d75e5f688199511745570b (patch) | |
tree | 11715da7718c00dcf014bfe72f90e78f07b1d1a2 /holmes-actions/src/test/java | |
parent | 4242b93bdf5079fee5339a50d8126e4ea56ad9b6 (diff) |
Trying to fix the XSS problem
Change-Id: I7cb2604d886dba0c13c5c182c59f7d0991bd3ab6
Issue-ID: HOLMES-453
Signed-off-by: GuangrongFu <fu.guangrong@zte.com.cn>
Diffstat (limited to 'holmes-actions/src/test/java')
2 files changed, 46 insertions, 2 deletions
diff --git a/holmes-actions/src/test/java/org/onap/holmes/common/utils/transactionid/TransactionIdFilterTest.java b/holmes-actions/src/test/java/org/onap/holmes/common/utils/transactionid/TransactionIdFilterTest.java index 3ef092e..cfbf747 100644 --- a/holmes-actions/src/test/java/org/onap/holmes/common/utils/transactionid/TransactionIdFilterTest.java +++ b/holmes-actions/src/test/java/org/onap/holmes/common/utils/transactionid/TransactionIdFilterTest.java @@ -1,5 +1,5 @@ /** - * Copyright 2018 ZTE Corporation. + * Copyright 2018 - 2021 ZTE Corporation. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -38,11 +38,13 @@ public class TransactionIdFilterTest { responseMock = EasyMock.createMock(HttpServletResponse.class); chainMock = EasyMock.createMock(FilterChain.class); } + @Test public void callsChainDoFilter() throws Exception { filter.doFilter(requestMock, responseMock, chainMock); EasyMock.verify(); } + @Test public void requestIdExistTest() throws Exception{ String requestID = TransactionIdUtils.getUUID(); @@ -51,8 +53,15 @@ public class TransactionIdFilterTest { EasyMock.replay(requestMock); filter.doFilter(requestMock, responseMock, chainMock); EasyMock.verify(); - } + @Test + public void requestIdInvalidRerquestId() throws Exception{ + String requestID = "TransactionIdUtils.getUUID()"; + EasyMock.expect(requestMock.getHeader(TransactionIdUtils.REQUEST_ID_HEADER)).andReturn(requestID); + EasyMock.replay(requestMock); + filter.doFilter(requestMock, responseMock, chainMock); + EasyMock.verify(); + } }
\ No newline at end of file diff --git a/holmes-actions/src/test/java/org/onap/holmes/common/utils/transactionid/TransactionIdUtilsTest.java b/holmes-actions/src/test/java/org/onap/holmes/common/utils/transactionid/TransactionIdUtilsTest.java new file mode 100644 index 0000000..a9684af --- /dev/null +++ b/holmes-actions/src/test/java/org/onap/holmes/common/utils/transactionid/TransactionIdUtilsTest.java @@ -0,0 +1,35 @@ +/** + * Copyright 2021 ZTE Corporation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.holmes.common.utils.transactionid; + +import org.junit.Test; + +import static org.hamcrest.core.Is.is; +import static org.junit.Assert.assertThat; + +public class TransactionIdUtilsTest { + + @Test + public void validate_is_uuid() { + assertThat(TransactionIdUtils.validate(TransactionIdUtils.getUUID()), is(true)); + } + + @Test + public void validate_not_uuid() { + assertThat(TransactionIdUtils.validate("a-random-string"), is(false)); + } +}
\ No newline at end of file |