forked from mrlan/EnglishPal
删除test_login.py中添加的代码,添加test_login_security_fix.py用来检验bug是否修复
张小飞
parent
d21dfc8da3
commit
d6e64e3465
|
|
@ -60,21 +60,5 @@ def test_login():
|
||||||
driver.save_screenshot('./app/test/test_login_pic4.png')
|
driver.save_screenshot('./app/test/test_login_pic4.png')
|
||||||
assert 'EnglishPal Study Room for ' + uname in driver.title
|
assert 'EnglishPal Study Room for ' + uname in driver.title
|
||||||
|
|
||||||
#logout
|
|
||||||
driver.get(HOME_PAGE + 'logout')
|
|
||||||
|
|
||||||
# 测试bug是否修复
|
|
||||||
driver.get(HOME_PAGE)
|
|
||||||
elem = driver.find_element_by_link_text('登录')
|
|
||||||
elem.click()
|
|
||||||
uname = 'lanhui'
|
|
||||||
elem = driver.find_element_by_name('username')
|
|
||||||
elem.send_keys(uname)
|
|
||||||
elem = driver.find_element_by_name('password')
|
|
||||||
elem.send_keys("' or 'a'='a'or'a'='a")
|
|
||||||
elem = driver.find_element_by_xpath('//form[1]/p[3]/input[1]') # 找到登录按钮
|
|
||||||
elem.click()
|
|
||||||
driver.save_screenshot('./app/test/test_login_pic5.png')
|
|
||||||
assert '无法通过验证。' in driver.page_source
|
|
||||||
finally:
|
finally:
|
||||||
driver.quit()
|
driver.quit()
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,35 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# Run the docker image using the following command:
|
||||||
|
# docker run -d -p 4444:4444 selenium/standalone-chrome
|
||||||
|
from selenium import webdriver
|
||||||
|
from selenium.webdriver.common.desired_capabilities import DesiredCapabilities
|
||||||
|
|
||||||
|
import random, string
|
||||||
|
|
||||||
|
driver = webdriver.Remote('http://localhost:4444/wd/hub', DesiredCapabilities.CHROME)
|
||||||
|
driver.implicitly_wait(10)
|
||||||
|
|
||||||
|
HOME_PAGE = 'http://121.4.94.30:91/'
|
||||||
|
|
||||||
|
def test_login_security_fix():
|
||||||
|
try:
|
||||||
|
driver.get(HOME_PAGE)
|
||||||
|
|
||||||
|
elem = driver.find_element_by_link_text('登录')
|
||||||
|
elem.click()
|
||||||
|
|
||||||
|
uname = 'lanhui'
|
||||||
|
elem = driver.find_element_by_name('username')
|
||||||
|
elem.send_keys(uname)
|
||||||
|
|
||||||
|
elem = driver.find_element_by_name('password')
|
||||||
|
# 使用原有漏洞密码登录
|
||||||
|
elem.send_keys("' or 'a'='a'or'a'='a")
|
||||||
|
|
||||||
|
elem = driver.find_element_by_xpath('//form[1]/p[3]/input[1]') # 找到登录按钮
|
||||||
|
elem.click()
|
||||||
|
|
||||||
|
driver.save_screenshot('./app/test/test_login_security_fix0.png')
|
||||||
|
assert '无法通过验证。' in driver.page_source
|
||||||
|
finally:
|
||||||
|
driver.quit()
|
||||||
Loading…
Reference in New Issue