删除test_login.py中添加的代码，添加test_login_security_fix.py用来检验bug是否修复

2021-06-11 15:16:28 +08:00 · 2021-06-11 15:16:28 +08:00 · d6e64e3465
parent d21dfc8da3
commit d6e64e3465
2 changed files with 35 additions and 16 deletions
--- a/app/test/test_login.py
+++ b/app/test/test_login.py
@ -60,21 +60,5 @@ def test_login():
        driver.save_screenshot('./app/test/test_login_pic4.png')    
        assert 'EnglishPal Study Room for ' + uname in  driver.title

-        #logout
-        driver.get(HOME_PAGE + 'logout')
-
-        # 测试bug是否修复
-        driver.get(HOME_PAGE)
-        elem = driver.find_element_by_link_text('登录')
-        elem.click()
-        uname = 'lanhui'
-        elem = driver.find_element_by_name('username')
-        elem.send_keys(uname)
-        elem = driver.find_element_by_name('password')
-        elem.send_keys("' or 'a'='a'or'a'='a")
-        elem = driver.find_element_by_xpath('//form[1]/p[3]/input[1]') # 找到登录按钮
-        elem.click()
-        driver.save_screenshot('./app/test/test_login_pic5.png')
-        assert '无法通过验证。' in driver.page_source
    finally:
        driver.quit()
--- a/app/test/test_login_security_fix.py
+++ b/app/test/test_login_security_fix.py
@ -0,0 +1,35 @@
+# -*- coding: utf-8 -*-
+# Run the docker image using the following command:
+# docker run -d -p 4444:4444 selenium/standalone-chrome
+from selenium import webdriver
+from selenium.webdriver.common.desired_capabilities import DesiredCapabilities
+
+import random, string
+
+driver = webdriver.Remote('http://localhost:4444/wd/hub', DesiredCapabilities.CHROME)
+driver.implicitly_wait(10)
+
+HOME_PAGE = 'http://121.4.94.30:91/'
+
+def test_login_security_fix():
+    try:
+        driver.get(HOME_PAGE)
+        
+        elem = driver.find_element_by_link_text('登录')
+        elem.click()
+        
+        uname = 'lanhui'
+        elem = driver.find_element_by_name('username')
+        elem.send_keys(uname)
+        
+        elem = driver.find_element_by_name('password')
+        # 使用原有漏洞密码登录
+        elem.send_keys("' or 'a'='a'or'a'='a")
+        
+        elem = driver.find_element_by_xpath('//form[1]/p[3]/input[1]') # 找到登录按钮
+        elem.click()
+        
+        driver.save_screenshot('./app/test/test_login_security_fix0.png')
+        assert '无法通过验证。' in driver.page_source
+    finally:
+        driver.quit()