Documentation ¶
Index ¶
- Variables
- func L() (loc string)
- type Request
- func (r Request) Do(server string) ([]byte, error)
- func (r Request) ExtraParameter(server, key, value string) error
- func (r Request) FuzzPath(server string, fuzz []string) (int, error)
- func (r Request) FuzzQuery(server string, fuzz []string) (int, error)
- func (r Request) MethodNotAllowed(server string, allowed []string) (int, error)
- type Requests
Constants ¶
This section is empty.
Variables ¶
var FuzzValues = []string{}/* 440 elements not displayed */
FuzzValues for use with Fuzz* methods. From https://github.com/xmendez/wfuzz/blob/master/wordlist/Injections/All_attack.txt
Functions ¶
Types ¶
type Request ¶
type Request struct { ID string // An identifier for the request. Used in error messages. Method string // Method for the request e.g., "PUT". Defaults to "GET". PostBody []byte // Request body. Accept string // Accept header for the request. Defaults to */* URL string // The URL to be tested e.g., /path/to/test. The server can be added at test time. User, Password string // Credentials for basic auth if required. Status int // The expected HTTP status code for the request. Defaults to http.StatusOK (200). Content string // The expected content type. Not tested if zero. A zero Content-Type in the response is an error. Surrogate string // The expected Surrogate-Control. Not tested if zero. }
Request is for making requests to the server being tested. It describes the Request parameters and elements of the expected response.
func (Request) Do ¶
Do runs the Request and returns a non nil error for responses that do not match the Request (and other error conditions). server is prepended to r.URL if it starts with "/". Also returns the body from the response.
func (Request) ExtraParameter ¶
ExtraParameter adds key and value to r.URL and checks that this causes an http.StatusBadRequest. r.Surrogate and r.Content should be set for an http.StatusBadRequest response before calling.
func (Request) FuzzPath ¶
FuzzPath tests r if there is a path only (no query parameters) using fuzz. The fuzzed path can return a http.StatusNotFound or a http.StatusBadRequest. r.Surrogate and r.Content should be unset before calling (unless they are the same for http.StatusNotFound and http.StatusBadRequest). Some fuzzed URL paths may not parse as a valid URL and these are skipped.
func (Request) FuzzQuery ¶
FuzzQuery tests the URL query parameter (if there are any) using fuzz and checks that this returns http.StatusBadRequest. Query parameters are changes one at a time for all values in fuzz. r.Surrogate and r.Content should be set for an http.StatusBadRequest response before calling.
func (Request) MethodNotAllowed ¶
MethodNotAllowed tests r that all HTTP methods that are not in allowed return an http.StatusMethodNotAllowed. r.Surrogate and r.Content should be set for an http.StatusMethodNotAllowed response before calling.