wangzixiang
/
EnglishPal
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

删除test_login.py中添加的代码,添加test_login_security_fix.py用来检验bug是否修复

Lanhui-add-articles
张小飞 2021-06-11 15:16:28 +08:00
parent d21dfc8da3
commit d6e64e3465
2 changed files with 35 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
app/test/test_login.py
View File

@ -60,21 +60,5 @@ def test_login():
driver.save_screenshot('./app/test/test_login_pic4.png') driver.save_screenshot('./app/test/test_login_pic4.png')
assert 'EnglishPal Study Room for ' + uname in driver.title assert 'EnglishPal Study Room for ' + uname in driver.title
#logout
driver.get(HOME_PAGE + 'logout')
# 测试bug是否修复
driver.get(HOME_PAGE)
elem = driver.find_element_by_link_text('登录')
elem.click()
uname = 'lanhui'
elem = driver.find_element_by_name('username')
elem.send_keys(uname)
elem = driver.find_element_by_name('password')
elem.send_keys("' or 'a'='a'or'a'='a")
elem = driver.find_element_by_xpath('//form[1]/p[3]/input[1]') # 找到登录按钮
elem.click()
driver.save_screenshot('./app/test/test_login_pic5.png')
assert '无法通过验证。' in driver.page_source
finally: finally:
driver.quit() driver.quit()

35
app/test/test_login_security_fix.py Normal file
View File

@ -0,0 +1,35 @@
# -*- coding: utf-8 -*-
# Run the docker image using the following command:
# docker run -d -p 4444:4444 selenium/standalone-chrome
from selenium import webdriver
from selenium.webdriver.common.desired_capabilities import DesiredCapabilities
import random, string
driver = webdriver.Remote('http://localhost:4444/wd/hub', DesiredCapabilities.CHROME)
driver.implicitly_wait(10)
HOME_PAGE = 'http://121.4.94.30:91/'
def test_login_security_fix():
try:
driver.get(HOME_PAGE)
elem = driver.find_element_by_link_text('登录')
elem.click()
uname = 'lanhui'
elem = driver.find_element_by_name('username')
elem.send_keys(uname)
elem = driver.find_element_by_name('password')
# 使用原有漏洞密码登录
elem.send_keys("' or 'a'='a'or'a'='a")
elem = driver.find_element_by_xpath('//form[1]/p[3]/input[1]') # 找到登录按钮
elem.click()
driver.save_screenshot('./app/test/test_login_security_fix0.png')
assert '无法通过验证。' in driver.page_source
finally:
driver.quit()