SpotlessApply

SasanLabs · Nov 29, 2023 · 07a0cf8 · 07a0cf8
1 parent ff020c6
commit 07a0cf8
Showing 1 changed file with 56 additions and 44 deletions.
diff --git a/...asanlabs/service/vulnerability/xss/reflected/PersistentXSSInHTMLTagVulnerabilityTest.java b/...asanlabs/service/vulnerability/xss/reflected/PersistentXSSInHTMLTagVulnerabilityTest.java
@@ -1,28 +1,24 @@
 package org.sasanlabs.service.vulnerability.xss.reflected;
 
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.mockito.Mockito.*;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.Map;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.mockito.ArgumentCaptor;
 import org.mockito.Mock;
 import org.mockito.MockitoAnnotations;
-
 import org.sasanlabs.service.vulnerability.xss.persistent.PersistentXSSInHTMLTagVulnerability;
 import org.sasanlabs.service.vulnerability.xss.persistent.Post;
 import org.sasanlabs.service.vulnerability.xss.persistent.PostRepository;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
-
-import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.mockito.Mockito.*;
-
-public class PersistentXSSInHTMLTagVulnerabilityTest{
-    @Mock
-    private PostRepository postRepository;
+public class PersistentXSSInHTMLTagVulnerabilityTest {
+    @Mock private PostRepository postRepository;
 
     private PersistentXSSInHTMLTagVulnerability vulnerability;
 
@@ -33,9 +29,10 @@ public void setup() {
     }
 
     @Test
-    public void testGetVulnerablePayloadLevel1(){
+    public void testGetVulnerablePayloadLevel1() {
         // Prepare test data
-        Map<String, String> queryParams = Collections.singletonMap("comment", "<script>alert('XSS')</script>");
+        Map<String, String> queryParams =
+                Collections.singletonMap("comment", "<script>alert('XSS')</script>");
 
         // Perform the test
         ResponseEntity<String> response = vulnerability.getVulnerablePayloadLevel1(queryParams);
@@ -55,9 +52,10 @@ public void testGetVulnerablePayloadLevel1(){
     }
 
     @Test
-    public void testGetVulnerablePayloadLevel1WithXSSInAttributeValue(){
+    public void testGetVulnerablePayloadLevel1WithXSSInAttributeValue() {
         // Prepare test data
-        Map<String, String> queryParams = Collections.singletonMap("comment", "<a href='javascript:alert(1)'>Click me</a>");
+        Map<String, String> queryParams =
+                Collections.singletonMap("comment", "<a href='javascript:alert(1)'>Click me</a>");
 
         // Perform the test
         ResponseEntity<String> response = vulnerability.getVulnerablePayloadLevel1(queryParams);
@@ -70,16 +68,18 @@ public void testGetVulnerablePayloadLevel1WithXSSInAttributeValue(){
         verify(postRepository).save(postCaptor.capture());
 
         // Assert on the content of the post being saved
-        assertEquals("<a href='javascript:alert(1)'>Click me</a>", postCaptor.getValue().getContent());
+        assertEquals(
+                "<a href='javascript:alert(1)'>Click me</a>", postCaptor.getValue().getContent());
 
         // Assert on the HTTP response status code
         assertEquals(200, response.getStatusCodeValue());
     }
 
     @Test
-    public void testGetVulnerablePayloadLevel2(){
+    public void testGetVulnerablePayloadLevel2() {
         // Prepare test data
-        Map<String, String> queryParams = Collections.singletonMap("comment", "<img src='x' onerror='alert(1)'>");
+        Map<String, String> queryParams =
+                Collections.singletonMap("comment", "<img src='x' onerror='alert(1)'>");
 
         // Perform the test
         ResponseEntity<String> response = vulnerability.getVulnerablePayloadLevel2(queryParams);
@@ -99,9 +99,10 @@ public void testGetVulnerablePayloadLevel2(){
     }
 
     @Test
-    public void testGetVulnerablePayloadLevel3(){
+    public void testGetVulnerablePayloadLevel3() {
         // Prepare test data
-        Map<String, String> queryParams = Collections.singletonMap("comment", "<script>alert('XSS')</script>");
+        Map<String, String> queryParams =
+                Collections.singletonMap("comment", "<script>alert('XSS')</script>");
 
         // Perform the test
         ResponseEntity<String> response = vulnerability.getVulnerablePayloadLevel3(queryParams);
@@ -120,11 +121,11 @@ public void testGetVulnerablePayloadLevel3(){
         assertEquals(200, response.getStatusCodeValue());
     }
 
-
     @Test
-    public void testGetVulnerablePayloadLevel4(){
+    public void testGetVulnerablePayloadLevel4() {
         // Prepare test data
-        Map<String, String> queryParams = Collections.singletonMap("comment", "<img src='x' onerror='alert(1)'>");
+        Map<String, String> queryParams =
+                Collections.singletonMap("comment", "<img src='x' onerror='alert(1)'>");
 
         // Perform the test
         ResponseEntity<String> response = vulnerability.getVulnerablePayloadLevel4(queryParams);
@@ -144,9 +145,10 @@ public void testGetVulnerablePayloadLevel4(){
     }
 
     @Test
-    public void testGetVulnerablePayloadLevel5(){
+    public void testGetVulnerablePayloadLevel5() {
         // Prepare test data
-        Map<String, String> queryParams = Collections.singletonMap("comment", "<script>alert('XSS')</script>");
+        Map<String, String> queryParams =
+                Collections.singletonMap("comment", "<script>alert('XSS')</script>");
 
         // Perform the test
         ResponseEntity<String> response = vulnerability.getVulnerablePayloadLevel5(queryParams);
@@ -166,9 +168,10 @@ public void testGetVulnerablePayloadLevel5(){
     }
 
     @Test
-    public void testGetVulnerablePayloadLevel6(){
+    public void testGetVulnerablePayloadLevel6() {
         // Prepare test data
-        Map<String, String> queryParams = Collections.singletonMap("comment", "<img src='x' onerror='alert(1)'>");
+        Map<String, String> queryParams =
+                Collections.singletonMap("comment", "<img src='x' onerror='alert(1)'>");
 
         // Perform the test
         ResponseEntity<String> response = vulnerability.getVulnerablePayloadLevel6(queryParams);
@@ -188,9 +191,10 @@ public void testGetVulnerablePayloadLevel6(){
     }
 
     @Test
-    public void testGetVulnerablePayloadLevel7(){
+    public void testGetVulnerablePayloadLevel7() {
         // Prepare test data
-        Map<String, String> queryParams = Collections.singletonMap("comment", "<script>alert('XSS')</script>");
+        Map<String, String> queryParams =
+                Collections.singletonMap("comment", "<script>alert('XSS')</script>");
 
         // Perform the test
         ResponseEntity<String> response = vulnerability.getVulnerablePayloadLevel7(queryParams);
@@ -210,9 +214,10 @@ public void testGetVulnerablePayloadLevel7(){
     }
 
     @Test
-    public void testGetVulnerablePayloadLevel5WithNullByte(){
+    public void testGetVulnerablePayloadLevel5WithNullByte() {
         // Prepare test data with NullByte
-        Map<String, String> queryParams = Collections.singletonMap("comment", "<script>\u0000alert('XSS')</script>");
+        Map<String, String> queryParams =
+                Collections.singletonMap("comment", "<script>\u0000alert('XSS')</script>");
 
         // Perform the test
         ResponseEntity<String> response = vulnerability.getVulnerablePayloadLevel5(queryParams);
@@ -232,9 +237,10 @@ public void testGetVulnerablePayloadLevel5WithNullByte(){
     }
 
     @Test
-    public void testGetVulnerablePayloadLevel6WithNullByte(){
+    public void testGetVulnerablePayloadLevel6WithNullByte() {
         // Prepare test data with NullByte
-        Map<String, String> queryParams = Collections.singletonMap("comment", "<img src='x' onerror='alert(1)'>\u0000");
+        Map<String, String> queryParams =
+                Collections.singletonMap("comment", "<img src='x' onerror='alert(1)'>\u0000");
 
         // Perform the test
         ResponseEntity<String> response = vulnerability.getVulnerablePayloadLevel6(queryParams);
@@ -254,9 +260,10 @@ public void testGetVulnerablePayloadLevel6WithNullByte(){
     }
 
     @Test
-    public void testGetVulnerablePayloadLevel4WithResponseStatusAssertions(){
+    public void testGetVulnerablePayloadLevel4WithResponseStatusAssertions() {
         // Prepare test data
-        Map<String, String> queryParams = Collections.singletonMap("comment", "<img src='x' onerror='alert(1)'>");
+        Map<String, String> queryParams =
+                Collections.singletonMap("comment", "<img src='x' onerror='alert(1)'>");
 
         // Perform the test
         ResponseEntity<String> response = vulnerability.getVulnerablePayloadLevel4(queryParams);
@@ -276,14 +283,15 @@ public void testGetVulnerablePayloadLevel4WithResponseStatusAssertions(){
     }
 
     @Test
-    public void testGetVulnerablePayloadLevel6WithHtmlEscaping(){
+    public void testGetVulnerablePayloadLevel6WithHtmlEscaping() {
         Post post = new Post();
         post.setContent("<img src='x' onerror='alert(1)'>");
 
         when(postRepository.findByLevelIdentifier("LEVEL_6")).thenReturn(Arrays.asList(post));
 
         // Prepare test data
-        Map<String, String> queryParams = Collections.singletonMap("comment", "<img src='x' onerror='alert(1)'>");
+        Map<String, String> queryParams =
+                Collections.singletonMap("comment", "<img src='x' onerror='alert(1)'>");
 
         // Perform the test
         ResponseEntity<String> response = vulnerability.getVulnerablePayloadLevel6(queryParams);
@@ -299,21 +307,24 @@ public void testGetVulnerablePayloadLevel6WithHtmlEscaping(){
         assertEquals("<img src='x' onerror='alert(1)'>", postCaptor.getValue().getContent());
 
         // Assert on the modified content of the post being saved (HTML escaped)
-        assertEquals("<div id=\"comments\">&lt;img src='x' onerror='alert(1)'&gt;</div>", response.getBody());
+        assertEquals(
+                "<div id=\"comments\">&lt;img src='x' onerror='alert(1)'&gt;</div>",
+                response.getBody());
 
         // Assert on the HTTP response status code
         assertEquals(HttpStatus.OK, response.getStatusCode());
     }
 
     @Test
-    public void testGetVulnerablePayloadLevel2_WithPatternReplacement(){
+    public void testGetVulnerablePayloadLevel2_WithPatternReplacement() {
         Post post = new Post();
         post.setContent("<img src='x' onerror='alert(1)'>");
 
         when(postRepository.findByLevelIdentifier("LEVEL_2")).thenReturn(Arrays.asList(post));
 
         // Prepare test data
-        Map<String, String> queryParams = Collections.singletonMap("comment", "<img src='x' onerror='alert(1)'>");
+        Map<String, String> queryParams =
+                Collections.singletonMap("comment", "<img src='x' onerror='alert(1)'>");
 
         // Perform the test
         ResponseEntity<String> response = vulnerability.getVulnerablePayloadLevel2(queryParams);
@@ -336,14 +347,15 @@ public void testGetVulnerablePayloadLevel2_WithPatternReplacement(){
     }
 
     @Test
-    public void testGetVulnerablePayloadLevel3_WithResponseContentAssertions(){
+    public void testGetVulnerablePayloadLevel3_WithResponseContentAssertions() {
         Post post = new Post();
         post.setContent("<script>alert('XSS')</script>");
 
         when(postRepository.findByLevelIdentifier("LEVEL_3")).thenReturn(Arrays.asList(post));
 
         // Prepare test data
-        Map<String, String> queryParams = Collections.singletonMap("comment", "<script>alert('XSS')</script>");
+        Map<String, String> queryParams =
+                Collections.singletonMap("comment", "<script>alert('XSS')</script>");
 
         // Perform the test
         ResponseEntity<String> response = vulnerability.getVulnerablePayloadLevel3(queryParams);
@@ -364,4 +376,4 @@ public void testGetVulnerablePayloadLevel3_WithResponseContentAssertions(){
         // Assert on the HTTP response status code
         assertEquals(HttpStatus.OK, response.getStatusCode());
     }
-}
+}