public void WhenGetPostData_IfSelectHasMultipleSelectedOptionDifferentSelected_ShouldAddAllOptionsValuesToPostdata() { //Arrange string html = @" <html> <form id='form1'> <div> <select name='select1'> <option value='option1value' selected>option1text</option> <option value='option2value' selected='true'>option2text</option> <option value='option3value' selected='selected'>option3text</option> </select> <input type='text' name='input1' value='value1' /> <input type='submit' name='submit1' value='submit1' /> </div> </form> </html> "; HtmlFormElement form = (HtmlFormElement)HtmlElement.Create(html).ChildElements.Find("form1"); //Act PostDataCollection postData = form.GetPostDataCollection(); // Assert MSAssert.AreEqual("input1=value1&submit1=submit1&select1=option1value&select1=option2value&select1=option3value", postData.GetPostDataString()); }
public void IfFormContainsDifferentInputElements_PostDataCollection_ShouldBeAbleToFilter() { //Arrange string html = @" <html> <body> <form id='form1' action='action' method='put'> <input type='text' name='textbox1' value='textvalue' /> <input type='password' name='password1' value='passvalue' /> <input type='checkbox' name='checkbox1' value='checkvalue' /> <input type='radio' name='radio1' value='radiovalue' /> <input type='reset' name='reset1' value='resetvalue' /> <input type='file' name='file1' value='filevalue' /> <input type='file' name='file2' value='filevalue2' /> </form> </body> </html>"; HtmlFormElement form = (HtmlFormElement)HtmlElement.Create(html).ChildElements.Find("form1"); //Act PostDataCollection postData = form.GetPostDataCollection(); // Assert MSAssert.AreEqual("textbox1=textvalue&password1=passvalue", postData.GetPostDataString(PostDataFieldType.Text)); MSAssert.AreEqual(4, postData.Count); MSAssert.AreEqual(2, postData.FindAll(e => (e.Type == PostDataFieldType.File)).Count()); }
public void WhenGetPostData_IfSelectHasSelectedOptionWithNonStdSymbols_ShouldEncodeValue() { //Arrange string html = @" <html> <form id='form1'> <div> <select name='select1'> <option selected>option1<text</option> </select> <input type='text' name='input1' value='value1' /> <input type='submit' name='submit1' value='submit1' /> </div> </form> </html> "; HtmlFormElement form = (HtmlFormElement)HtmlElement.Create(html).ChildElements.Find("form1"); //Act PostDataCollection postData = form.GetPostDataCollection(); // Assert MSAssert.AreEqual("input1=value1&submit1=submit1&select1=option1%3ctext", postData.GetPostDataString()); }
public void WhenGetPostData_IfSelectHasNoSelectedOptions_ShouldNotAddItToPostada() { //Arrange string html = @" <html> <form id='form1'> <div> <select name='select1'> <option value='option1value' /> </select> <input type='text' name='input1' value='value1' /> <input type='submit' name='submit1' value='submit1' /> </div> </form> </html> "; HtmlFormElement form = (HtmlFormElement)HtmlElement.Create(html).ChildElements.Find("form1"); //Act PostDataCollection postData = form.GetPostDataCollection(); // Assert MSAssert.AreEqual("input1=value1&submit1=submit1", postData.GetPostDataString()); }
public void WhenGetPostData_IfMultipleCheckboxesWithSameNamePresentAndCheckedWithValue_ShouldValueBeIncludItInPostdata() { //Arrange string html = @" <html> <form id='form1'> <div> <input type='text' name='input1' value='value1' /> <input type='checkbox' name='check1' value='checkvalue1' checked /> <input type='text' name='input2' value='value2' /> <input type='checkbox' name='check1' value='checkvalue2' checked /> </div> </form> </html> "; HtmlFormElement form = (HtmlFormElement)HtmlElement.Create(html).ChildElements.Find("form1"); //Act PostDataCollection postData = form.GetPostDataCollection(); // Assert MSAssert.AreEqual("input1=value1&check1=checkvalue1&input2=value2&check1=checkvalue2", postData.GetPostDataString()); MSAssert.AreEqual(4, postData.Count); }
/// <summary> /// Prepares multipart request data (postdata and files to upload) and /// outputs postdata collection to request stream. /// </summary> public static string AddMultipartRequestData(this HttpWebRequest request, PostDataCollection postData, IFileSystem fileSystem) { // get ususal postdata and files List <PostDataField> textPostData = postData.FindAll(f => f.Type != PostDataFieldType.File); List <PostDataField> filePostData = postData.FindAll(f => f.Type == PostDataFieldType.File); NameValueCollection filesToUpload = ParseFilePostData(filePostData); // set corresponding content type request.ContentType = "multipart/form-data; boundary=" + _boundary; // stream where we going to combine postdata and files to upload Stream memoryStream = new MemoryStream(); byte[] result = null; try { // add postdata foreach (PostDataField field in textPostData) { WriteFieldToMemoryStream(memoryStream, field.Name, field.Value); } // write boundary after every form element's value memoryStream.Write(_boundaryBytes, 0, _boundaryBytes.Length); // add files foreach (string key in filesToUpload) { WriteFileToMemoryStream(memoryStream, key, filesToUpload[key], fileSystem); } // now read everything from memory stream to buffer memoryStream.Position = 0; result = new byte[memoryStream.Length]; memoryStream.Read(result, 0, result.Length); // set correct content length request.ContentLength = result.Length; // write buffer to request stream Stream requestStream = request.GetRequestStream(); requestStream.Write(result, 0, result.Length); requestStream.Close(); } finally { memoryStream.Close(); } return(Encoding.UTF8.GetString(result)); }
/// <summary> /// Executes a form submit /// </summary> private BrowserInfo ExecuteFormSubmit(HtmlFormElement form, HtmlInputElement submitInputElement = null) { Uri url = new Uri(this._emulator.CurrentUri, form.CachedAttributes.Get("action", this._emulator.CurrentUri)); PostDataCollection postdataCollection = form.GetPostDataCollection(submitInputElement); // execute request return(PerformRequest(url.AbsoluteUri, // url form.CachedAttributes.Get("method", "post"), // method "application/x-www-form-urlencoded", // contentType postdataCollection)); // postData }
/// <summary> /// Performes an actual request by calling requestor's ExecuteRequest /// </summary> /// <param name="url">Url to be requested</param> /// <param name="method">Method: get/post</param> /// <param name="contentType">content type</param> /// <param name="postData">name/value collection of post data parameters</param> /// <returns>BrowserInfo returned by requestor</returns> private BrowserInfo PerformRequest(string url, string method, string contentType, PostDataCollection postData) { // do a request BrowserInfo browserInfo = this._emulator.ExecuteRequest(url, method, contentType, postData); // successfull store current page's body if (browserInfo != null) { this._currentBody = browserInfo.Data; } return(browserInfo); }
/// <summary> /// 将postData设置到postDataCollection /// </summary> public void SetPostDataCollection() { if (!string.IsNullOrWhiteSpace(PostData)) { string[] formdatas = PostData.Split('&'); if (formdatas != null && formdatas.Length > 0) { foreach (var item in formdatas) { string[] formdata = item.Split('='); if (formdata.Length == 2) { PostDataCollection.Add(formdata[0], formdata[1]); } } } } }
public void BuildPostData_IfNoInputElementsExistReturnsEmpty() { //Arrange string html = @" <html> <form id='form1'> <div> </div> </form> </html> "; HtmlFormElement form = (HtmlFormElement)HtmlElement.Create(html).ChildElements.Find("form1"); //Act PostDataCollection postData = form.GetPostDataCollection(); // Assert MSAssert.IsTrue(postData.Count == 0); MSAssert.IsTrue(string.IsNullOrEmpty(postData.GetPostDataString())); }
public void IfFormContainsUnknownElements_BuildPostData_ShouldContainOnlyKnownElements() { //Arrange string html = @" <html> <body> <form id='form1' action='action' method='put'> <input type='text' name='textbox1' value='textvalue' /> <input type='password' name='password1' value='passvalue' /> <input type='checkbox' name='checkbox1' value='checkvalue' /> <input type='radio' name='radio1' value='radiovalue' /> <input type='reset' name='reset1' value='resetvalue' /> <input type='file' name='file1' value='filevalue' /> <input type='hidden' name='hidden1' value='hiddenvalue' /> <input type='submit' name='button1' value='button1' /> <input type='search' name='search1' value='search1' /> <input type='tel' name='tel1' value='tel1' /> <input type='url' name='url1' value='url1' /> <input type='email' name='email1' value='email1' /> <input type='datetime' name='datetime1' value='datetime1' /> <input type='date' name='date1' value='10/10/1981' /> <input type='month' name='month1' value='month1' /> <input type='week' name='week1' value='week1' /> <input type='time' name='time1' value='time1' /> <input type='number' name='number1' value='11' /> </form> </body> </html>"; HtmlFormElement form = (HtmlFormElement)HtmlElement.Create(html).ChildElements.Find("form1"); //Act PostDataCollection postData = form.GetPostDataCollection(); // Assert MSAssert.AreEqual("textbox1=textvalue&password1=passvalue&file1=filevalue&hidden1=hiddenvalue&button1=button1&search1=search1&tel1=tel1&url1=url1&email1=email1&datetime1=datetime1&date1=10%2f10%2f1981&month1=month1&week1=week1&time1=time1&number1=11", postData.GetPostDataString()); MSAssert.AreEqual(15, postData.Count); }
public void WhenGetPostData_IfMultipleSubmitButtonsAndNoSubmitId_ShouldReturnBothSubmitButtonData() { //Arrange string html = @" <html> <form id='form1'> <div> <input type='text' name='input1' value='value1' /> <input type='submit' name='submit1' value='submit1' /> <input type='submit' name='submit2' value='submit2' /> </div> </form> </html> "; HtmlFormElement form = (HtmlFormElement)HtmlElement.Create(html).ChildElements.Find("form1"); //Act PostDataCollection postData = form.GetPostDataCollection(); // Assert MSAssert.AreEqual("input1=value1&submit1=submit1&submit2=submit2", postData.GetPostDataString()); }
public void BuildPostData_ReturnsNameValuePairsForInputElements() { //Arrange string html = @" <html> <form id='form1'> <div> <input type='text' name='input1' value='value1' /> <input type='text' name='input2' value='value2' /> </div> </form> </html> "; HtmlFormElement form = (HtmlFormElement)HtmlElement.Create(html).ChildElements.Find("form1"); //Act PostDataCollection postData = form.GetPostDataCollection(); // Assert MSAssert.AreEqual("input1=value1&input2=value2", postData.GetPostDataString()); MSAssert.AreEqual(2, postData.Count); }
public void WhenGetPostData_IfMultipleSubmitButtonsWithSameName_ShouldOnlyReturnTheOneThatInitiatedThePost() { //Arrange string html = @" <html> <form id='form1'> <div> <input type='text' name='input1' value='value1' /> <input type='submit' name='submitname' value='submit1' /> <input type='submit' name='submitname' value='submit2' /> </div> </form> </html> "; HtmlFormElement form = (HtmlFormElement)HtmlElement.Create(html).ChildElements.Find("form1"); //Act var inputElement = (HtmlInputElement)form.ChildElements.Find(new { value = "submit2" }); PostDataCollection postData = form.GetPostDataCollection(inputElement); // Assert MSAssert.AreEqual("input1=value1&submitname=submit2", postData.GetPostDataString()); }
public void WhenGetPostData_IfRadioPresentAndUnchecked_ShouldNotIncludeItInPostdata() { //Arrange string html = @" <html> <form id='form1'> <div> <input type='text' name='input1' value='value1' /> <input type='radio' name='check1' /> <input type='text' name='input2' value='value2' /> </div> </form> </html> "; HtmlFormElement form = (HtmlFormElement)HtmlElement.Create(html).ChildElements.Find("form1"); //Act PostDataCollection postData = form.GetPostDataCollection(); // Assert MSAssert.AreEqual("input1=value1&input2=value2", postData.GetPostDataString()); MSAssert.AreEqual(2, postData.Count); }
/// <summary> /// Fills the post data with tests. /// </summary> /// <param name="postData"> The post data hastable.</param> /// <returns> The updated post data hashtable.</returns> public PostDataCollection FillPostData(PostDataCollection postData) { // ignore pattern and send PostData from FormData return arguments.UserPostData; }
/// <summary> /// Sets the post data value to an element tag. /// </summary> /// <param name="postData"> The post data collection.</param> /// <param name="tag"> The current tag base.</param> /// <param name="index"> The index of the element.</param> private void SetTagValue(PostDataCollection postData, HtmlTagBase tag, int index) { // // Note: The input value has to UrlDecoded. // // Input Tag if (tag is HtmlInputTag) { HtmlInputTag input=(HtmlInputTag)tag; if ( postData[input.Name] != null ) { ArrayList values = postData[input.Name]; switch ( input.Type ) { case HtmlInputType.Radio: if ( input.Checked.ToLower() == "true" ) if ( values.Count == 1 ) { input.Value = EncodeDecode.UrlDecode((string)values[0]); } if ( values.Count > 1 ) { input.Value = EncodeDecode.UrlDecode((string)values[index]); } break; default: input.Value = EncodeDecode.UrlDecode((string)values[index]); break; } } } // Button Tag if (tag is HtmlButtonTag) { HtmlButtonTag button = (HtmlButtonTag)tag; if ( postData[button.Name] != null ) { ArrayList values = postData[button.Name]; button.Value = EncodeDecode.UrlDecode((string)values[index]); } } // Select Tag if (tag is HtmlSelectTag) { HtmlSelectTag select = (HtmlSelectTag)tag; if ( postData[select.Name] != null ) { ArrayList values = postData[select.Name]; select.Value = EncodeDecode.UrlDecode((string)values[index]); } } // Textarea Tag if (tag is HtmlTextAreaTag) { HtmlTextAreaTag textarea=(HtmlTextAreaTag)tag; if ( postData[textarea.Name] != null ) { ArrayList values = postData[textarea.Name]; textarea.Value = EncodeDecode.UrlDecode((string)values[index]); } } }
/// <summary> /// Converts the PostDataCollection to a post data string. /// </summary> /// <param name="data"> The post data hashtable.</param> /// <returns> A string representation of the post data.</returns> public string GetString(PostDataCollection data) { StringBuilder postdata = new StringBuilder(); for (int i = 0;i<data.Count;i++ ) { string key = data.Keys[i]; ArrayList values = data[key]; foreach ( string s in values ) { postdata.Append(key); postdata.Append("="); postdata.Append(s); postdata.Append("&"); } } return postdata.ToString(); }
/// <summary> /// Converts the post data string to a PostDataCollection. /// </summary> /// <param name="data"> The post data string.</param> /// <returns> A PostDataCollection representation of the post data.</returns> public PostDataCollection GetPostDataCollection(string data) { if ( data.EndsWith("&") ) data = data.TrimEnd('&'); // PostData PostDataCollection postData = new PostDataCollection(); string[] nameValueArray = data.Split('&'); for ( int i=0;i<nameValueArray.Length;i++ ) { string pair = nameValueArray[i]; string[] keyValuePair = pair.Split('='); string name = EncodeDecode.UrlDecode(keyValuePair[0]); if ( pair.CompareTo(name) == 0 ) { // this is not post data break; } // If last item, check \0 else add \0. if ( i == (nameValueArray.Length-1) ) { keyValuePair[1] = AddEndLine(keyValuePair[1]); } #region Add to PostDataCollection if ( postData[name] != null ) { ArrayList list = postData[name]; // The value is add 'as is' list.Add(keyValuePair[1]); // Debug System.Diagnostics.Debug.Write("ConvertPostDataString: Name= " + name + " Value= " + keyValuePair[1] + "\r\n"); } else { if ( keyValuePair.Length == 2 ) { ArrayList list = new ArrayList(); // The value is add 'as is' list.Add(keyValuePair[1]); postData.Add(name, list); // Debug System.Diagnostics.Debug.Write("ConvertPostDataString: Name= " + name + " Value= " + keyValuePair[1] + "\r\n"); } } #endregion } return postData; }
/// <summary> /// Converts the PostDataCollection to a post data ArrayList. /// </summary> /// <param name="data"> The post data collection.</param> /// <returns> An ArrayList representation of the post data.</returns> public ArrayList GetArrayList(PostDataCollection data) { ArrayList list = new ArrayList(); for (int i = 0;i<data.Count;i++ ) { string key = data.Keys[i]; ArrayList values = data[key]; foreach ( string s in data ) { list.Add(key + "=" + s); } } return list; }
/// <summary> /// Fills the post data with tests. /// </summary> /// <param name="postData"> The post data hastable.</param> /// <returns> The updated post data hashtable.</returns> public PostDataCollection FillPostData(PostDataCollection postData) { string buffer = this.SqlValue; // ArrayList keys = new ArrayList(postData.Keys); for (int i=0;i<postData.Keys.Count;i++) { ArrayList values = postData[postData.Keys[i]]; for (int j=0;j<values.Count;j++) { values[j] = buffer; } } return postData; }
/// <summary> /// Loads the post data tree. /// </summary> public void LoadPostData() { postDataEditor.Clear(); string postDataString = this.PostData; // TODO: Change to PostDataCollection method. postDataItems = formConverter.GetPostDataCollection(postDataString); // Create parent node TreeEditorNode parentNode = new TreeEditorNode(); parentNode.Text = "Post Data"; postDataEditor.Nodes.Add(parentNode); for (int j=0;j<postDataItems.Count;j++) { string name = postDataItems.Keys[j]; ArrayList values = postDataItems[name]; TreeEditorNode labelNode = new TreeEditorNode(); labelNode.Text = name; parentNode.Nodes.Add(labelNode); int i = 0; foreach ( object val in values ) { string value = (string)val; // TODO: Put format postDataEditor.AddTextBoxControl(labelNode, "Index " + i.ToString() + ":", value, 350); i++; } } postDataEditor.ExpandAll(); }
/// <summary> /// Builds a unit test for a post data ArrayList. /// </summary> /// <param name="testType"> The test type to create.</param> /// <param name="postData"> The post data values to edit.</param> /// <returns> An edited post data ArrayList with applied test.</returns> public PostDataCollection BuildUnitTestPostData(UnitTestType testType, PostDataCollection postData) { PostDataCollection ret=null; IHtmlFormUnitTest tester; // Call FillPostData switch (testType) { case UnitTestType.BufferOverflow: tester = new BufferOverflowTester((BufferOverflowTesterArgs)this.Arguments); ret = tester.FillPostData(postData); break; case UnitTestType.DataTypes: tester = new DataTypesTester((DataTypesTesterArgs)this.Arguments); ret = tester.FillPostData(postData); break; case UnitTestType.Predefined: tester = new PredefinedTester(((PredefinedTesterArgs)this.Arguments)); ret = tester.FillPostData(postData); break; case UnitTestType.SqlInjection: tester = new SqlInjectionTester((SqlInjectionTesterArgs)this.Arguments); ret = tester.FillPostData(postData); break; case UnitTestType.XSS: tester = new XssInjectionTester((XssInjectionTesterArgs)this.Arguments); ret = tester.FillPostData(postData); break; } return ret; }
/// <summary> /// Applies the test to a form. /// </summary> /// <param name="test"> The test to apply.</param> /// <param name="postData"> The post data collection.</param> /// <returns> A form with the new values.</returns> protected PostDataCollection ApplyTestToPostData(Test test, PostDataCollection postData) { UnitTester tester = new UnitTester(test.Arguments); return tester.BuildUnitTestPostData(test.TestType, postData); }
/// <summary> /// Fills the post data with tests. /// </summary> /// <param name="postData"> The post data hastable.</param> /// <returns> The updated post data hashtable.</returns> public PostDataCollection FillPostData(PostDataCollection postData) { BufferOverflowGenerator gen = new BufferOverflowGenerator(); string buffer = gen.GenerateStringBuffer(this.BufferLength); // chop extra chars buffer = buffer.Substring(0,this.BufferLength); buffer = EncodeDecode.UrlEncode(buffer); //ArrayList keys = new ArrayList(postData.Keys); for (int i=0;i<postData.Keys.Count;i++) { ArrayList values = postData[postData.Keys[i]]; for (int j=0;j<values.Count;j++) { values[j] = buffer; } } return postData; }
/// <summary> /// Save the post data changes /// </summary> private void SavePostDataChanges() { PostDataCollection values = new PostDataCollection(); foreach ( TreeEditorNode tn in postDataEditor.Nodes[0].Nodes ) { // get key string key = tn.Text; ArrayList indices = new ArrayList(tn.Nodes.Count); foreach ( TreeEditorNode valueNode in tn.Nodes ) { indices.Add(postDataEditor.GetTextBoxValue(valueNode)); } // add item values.Add(key, indices); } postDataItems = values; }
/// <summary> /// Initializes and executes request and handles response. /// </summary> internal BrowserInfo ExecuteRequest(string url, string method, string contentType, PostDataCollection postData) { BrowserInfo browserInfo = new BrowserInfo(); HttpWebRequest request = this._webRequestor.CreateRequest(url); request.Method = method.ToUpperInvariant(); // Note: cookies should be set before ContentType (request reorganize headers and cookies after that) request.AddCookies(this._currentCookies); // Note: content type (and length) should be set before data sent to the request stream if (!string.IsNullOrEmpty(contentType)) { request.ContentType = contentType; } string requestData = ""; if ((request.Method.Equals("post", StringComparison.OrdinalIgnoreCase) || request.Method.Equals("put", StringComparison.OrdinalIgnoreCase)) && postData != null) { if (postData.HasFilesToUpload) { //request.KeepAlive = true; // Note: AddMultipartRequestData sets corresponding ContentType requestData = request.AddMultipartRequestData(postData, this._fileSystem); } else { requestData = request.AddStandardRequestData(postData.GetPostDataString()); } } // fire event before request has been sent RequestSendingEventArgs args = new RequestSendingEventArgs(request, requestData); OnRequestSending(args); request = args.Request; HttpWebResponse response = null; try { // execute request response = this._webRequestor.ExecuteRequest(request); } catch (WebException e) { // We catch only WebException here. In this case there should be valid error page, // which we want to obtain from the Response. If there was different type of exception, // or we have another exception while reading response, then we let it go through. if (e.Response != null) { response = (HttpWebResponse)e.Response; } else { throw; } } // get raw body string body = GetStringFromStream(response.GetResponseStream(), Encoding.UTF8); // fire event after responce has been received OnResponseReceived(new ResponseReceivedEventArgs(response, body)); if (!string.IsNullOrEmpty(body)) { // store response body browserInfo.Data = "<BrowserEmulatorRoot>" + body + "</BrowserEmulatorRoot>"; // remember current URL this._currentUri = response.ResponseUri; return(browserInfo); } throw new InvalidOperationException("Response did not contain html markup."); }
/// <summary> /// Fills the post data with tests. /// </summary> /// <param name="postData"> The post data hastable.</param> /// <returns> The updated post data hashtable.</returns> public PostDataCollection FillPostData(PostDataCollection postData) { string buffer = String.Empty; switch ( this.SelectedDataType ) { case DataType.Character: buffer = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; break; case DataType.Numeric: buffer = "0123456789"; break; case DataType.Null: buffer = ""; break; } //ArrayList keys = new ArrayList(postData.Keys); for (int i=0;i<postData.Keys.Count;i++) { ArrayList values = postData[postData.Keys[i]]; for (int j=0;j<values.Count;j++) { values[j] = buffer; } } return postData; }