rahulsri
8 years agoOccasional Contributor
Not able to generate alerts count while running security test cases from cammand line.
Hi team i am trying to run security test cases from cammand lin eusing security runner , but whule running with this cammand i am not able to generate the alerts while i am getting error log while for the same test cases when i am running the cases from gui i am getting alerts for the same scans .
one of the logs for this is as follows:
13:01:44,122 ERROR [SoapUI] An error occurred [Illegal character in path at index 97: https://myapp.com/url/api/v1/name/%3CHEAD%3E%3CMETA HTTP-EQUIV=%22CONTENT-TYPE%22 CONTENT=%22text/html; charset=UTF-7%22%3E %3C/HEAD%3E+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4-], see error log for details 13:01:44,123 ERROR [errorlog] java.net.URISyntaxException: Illegal character in path at index 97: https://myapp.com/url/api/v1/name/%3CHEAD%3E%3CMETA HTTP-EQUIV=%22CONTENT-TYPE%22 CONTENT=%22text/html; charset=UTF-7%22%3E %3C/HEAD%3E+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4- java.net.URISyntaxException: Illegal character in path at index 97: https://myapp.com/url/api/v1/name/%3CHEAD%3E%3CMETA HTTP-EQUIV=%22CONTENT-TYPE%22 CONTENT=%22text/html; charset=UTF-7%22%3E %3C/HEAD%3E+ADw-SCRIPT+AD4-alert('XSS');+ADw-/SCRIPT+AD4- at java.net.URI$Parser.fail(Unknown Source) at java.net.URI$Parser.checkChars(Unknown Source) at java.net.URI$Parser.parseHierarchical(Unknown Source) at java.net.URI$Parser.parse(Unknown Source) at java.net.URI.<init>(Unknown Source) at org.apache.http.client.utils.URIUtils.createURI(URIUtils.java:112) at com.eviware.soapui.impl.wsdl.submit.filters.HttpRequestFilter.filterHttpRequest(HttpRequestFilter.java:239) at com.eviware.soapui.impl.wsdl.submit.filters.RestRequestFilter.filterRestRequest(RestRequestFilter.java:31) at com.eviware.soapui.impl.wsdl.submit.filters.AbstractRequestFilter.filterAbstractHttpRequest(AbstractRequestFilter.java:42) at com.eviware.soapui.impl.wsdl.submit.filters.AbstractRequestFilter.filterRequest(AbstractRequestFilter.java:34) at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.filterRequest(HttpClientRequestTransport.java:396) at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.sendRequest(HttpClientRequestTransport.java:192) at com.eviware.soapui.impl.wsdl.WsdlSubmit.run(WsdlSubmit.java:120) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source)
for the same error i am getting alert while running this from gui but not getting any alert through cammand line i am running following cammand:
securitytestrunner.bat -r -a -f"C:\jenkinsworkspace\workspace\SecurityTest\report" -R"SecurityTest Report" -F"PDF,XML,CSV" -H"Authorization=Bearer NmQ2YjYzZGItYTA1ZC00YWFiLWExOTQtY2U0ODA5N2I1NTYxZDk1ZTUxNjEtMWQx" -s"TestSuite 1" -c"Name" -n"SecurityTest 1" -E"Default environment" "C:\Users\admin\soapui-project.xml"