summaryrefslogtreecommitdiffstats
path: root/ecomp-portal-BE-os/src/test/java/org
diff options
context:
space:
mode:
Diffstat (limited to 'ecomp-portal-BE-os/src/test/java/org')
-rw-r--r--ecomp-portal-BE-os/src/test/java/org/onap/portalapp/portal/controller/AppsOSControllerTest.java11
1 files changed, 11 insertions, 0 deletions
diff --git a/ecomp-portal-BE-os/src/test/java/org/onap/portalapp/portal/controller/AppsOSControllerTest.java b/ecomp-portal-BE-os/src/test/java/org/onap/portalapp/portal/controller/AppsOSControllerTest.java
index 0596e749..15fe1dd9 100644
--- a/ecomp-portal-BE-os/src/test/java/org/onap/portalapp/portal/controller/AppsOSControllerTest.java
+++ b/ecomp-portal-BE-os/src/test/java/org/onap/portalapp/portal/controller/AppsOSControllerTest.java
@@ -176,6 +176,17 @@ public class AppsOSControllerTest {
}
@Test
+ public void getCurrentUserProfileXSSTest() {
+ String loginId = "<iframe/src=\"data:text/html,<svg &#111;&#110;load=alert(1)>\">";
+ EPUser user = mockUser.mockEPUser();
+ List<EPUser> expectedList = new ArrayList<>();
+ expectedList.add(user);
+ Mockito.when(userService.getUserByUserId(loginId)).thenReturn(expectedList);
+ String expectedString = appsOSController.getCurrentUserProfile(mockedRequest, loginId);
+ assertEquals("loginId is not valid", expectedString);
+ }
+
+ @Test
public void getCurrentUserProfileExceptionTest() {
String loginId = "guestT";
EPUser user = mockUser.mockEPUser();