Input validation testing on key endpoints#15
Conversation
AdamLeonSmith
requested review from
Ferrumofomega,
ShivanKaul,
altoplano,
bschoenfield,
diarmidmackenzie and
lmartensson
Ferrumofomega
left a comment
Ferrumofomega
left a comment
There was a problem hiding this comment.
This looks good to me @AdamLeonSmith.
I might encourage a bit of a higher-level description of this JSON fuzzing work.
AdamLeonSmith
changed the title
There was a problem hiding this comment.
A couple of requests.
-
This comment appears a few too many times: # insert the SQL injection at a random location in the payload
In many cases, what it is commenting is not random, but specific - can we update the comments to accurately reflect the code (or just remove them)? -
Slight concern about resilience of these tests in the event that someone were to update the synthetic JSON data with different lat/long/timestamps. Not sure of the best way to address this risk? Perhaps an assert that the modified payload is different from the input? (or maybe simpler to just assert that the string being replaced is present in the paylod before you modify it)
3 participants
No description provided.