Skip to content

Commit

Permalink
test(vulnerable-code): Improve the test by verifying URI creation
Browse files Browse the repository at this point in the history
Also ensure that the strings can actually be parsed as URIs.

Signed-off-by: Sebastian Schuberth <sebastian@doubleopen.org>
  • Loading branch information
sschuberth committed Dec 15, 2023
1 parent 979847b commit e1803f0
Showing 1 changed file with 7 additions and 4 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -279,12 +279,15 @@ class VulnerableCodeTest : WordSpec({

"fixupUrlEscaping()" should {
"fixup a wrongly escaped ampersand" {
"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true" +
val brokenUrl = "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true" +
"&query=cpe:2.3:a:oracle:retail_category_management_planning_" +
"\\\\&_optimization:16.0.3:*:*:*:*:*:*:*".fixupUrlEscaping() shouldBe
"\\\\&_optimization:16.0.3:*:*:*:*:*:*:*"

URI.create(brokenUrl.fixupUrlEscaping()) shouldBe URI(
"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true" +
"&query=cpe:2.3:a:oracle:retail_category_management_planning_" +
"%26_optimization:16.0.3:*:*:*:*:*:*:*"
"&query=cpe:2.3:a:oracle:retail_category_management_planning_" +
"%26_optimization:16.0.3:*:*:*:*:*:*:*"
)
}
}
})
Expand Down

0 comments on commit e1803f0

Please sign in to comment.