70 lines
2.2 KiB
Python
70 lines
2.2 KiB
Python
from fastapi.testclient import TestClient
|
|
|
|
from main import app
|
|
|
|
client = TestClient(app)
|
|
|
|
def test_detect_input_get_normal():
|
|
response = client.get("/detect/normaldata")
|
|
assert response.status_code == 200
|
|
assert response.json() == {"prediction": "['normal']"}
|
|
|
|
def test_detect_input_post_normal():
|
|
response = client.post(
|
|
"/detect/",
|
|
json={"value": "normaldata"},
|
|
)
|
|
assert response.status_code == 200
|
|
print(response.json())
|
|
assert response.json() == {
|
|
"prediction": "['normal']"
|
|
}
|
|
|
|
def test_detect_input_get_sqli():
|
|
response = client.get("/detect/admin') or '1'='1'--")
|
|
assert response.status_code == 200
|
|
assert response.json() == {"prediction": "['sql-injection']"}
|
|
|
|
def test_detect_input_post_sqli():
|
|
response = client.post(
|
|
"/detect/",
|
|
json={"value": "admin') or '1'='1'--"},
|
|
)
|
|
assert response.status_code == 200
|
|
print(response.json())
|
|
assert response.json() == {
|
|
"prediction": "['sql-injection']"
|
|
}
|
|
|
|
def test_detect_input_get_osi():
|
|
response = client.get("/detect/%22%7C%20%5B%205%20-ne%20%24%28echo%20BLTNIK%20%7C%20tr%20-d%20%27%5Cn%27%20%7C%20wc%20-c%29%20%5D%20%7C%7C%20sleep%201%20%2522")
|
|
assert response.status_code == 200
|
|
assert response.json() == {"prediction": "['os-command-injection']"}
|
|
|
|
def test_detect_input_post_osi():
|
|
response = client.post(
|
|
"/detect/",
|
|
json={"value": "%22%7C%20%5B%205%20-ne%20%24%28echo%20BLTNIK%20%7C%20tr%20-d%20%27%5Cn%27%20%7C%20wc%20-c%29%20%5D%20%7C%7C%20sleep%201%20%2522"},
|
|
)
|
|
assert response.status_code == 200
|
|
print(response.json())
|
|
assert response.json() == {
|
|
"prediction": "['os-command-injection']"
|
|
}
|
|
|
|
def test_detect_input_get_xss():
|
|
response = client.get("/detect/<div style=xss:expressio\6e(alert(1))>")
|
|
assert response.status_code == 200
|
|
assert response.json() == {"prediction": "['xss']"}
|
|
|
|
def test_detect_input_post_xss():
|
|
response = client.post(
|
|
"/detect/",
|
|
json={"value": "<div style=xss:expressio\6e(alert(1))>"},
|
|
)
|
|
assert response.status_code == 200
|
|
print(response.json())
|
|
assert response.json() == {
|
|
"prediction": "['xss']"
|
|
}
|