From 5d9c9688d3f6c2293025c816af44a51dbf4603e1 Mon Sep 17 00:00:00 2001 From: cwshugg Date: Tue, 22 Mar 2022 16:47:19 -0400 Subject: [PATCH] added variation in the combination and order of cookies used in test_auth_wrong_cookie2 --- tests/server_unit_test_pserv.py | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/tests/server_unit_test_pserv.py b/tests/server_unit_test_pserv.py index 15ac859..10c91de 100755 --- a/tests/server_unit_test_pserv.py +++ b/tests/server_unit_test_pserv.py @@ -877,11 +877,23 @@ class Single_Conn_Malicious_Case(Doc_Print_Test_Case): ["session", ".eJwlzsFKw0AQgOFXKXuuZXczm93psV4qFBEs2GAkzM7OJEVNIaG2IL67hV7_e_L9mk4nmQezVvqaZWm6YzFrQ947cJoLRslQAaDW3hlSql2JZKUUT5m9S1LFCEKRMaqVKFqSg0hellofmStWUATRANYGmzmRdRA4E6KU2musEFXZ5aBY2hiyoGRukPMs013z3hq-zMO571uzXLTm8TSOp2xxei8fq2ZowkO_2h6uQ3i7fu_plvnpdtsX2u_Gw_Nnc3zyf_8CpUfl.Yjo3NQ.m-n22sd9bMNXyvtXpIS6dZ85Cv4"] ] + # now, come up with various combinations of cookies to try + cookie_combos = [] + for c1 in cookies: + combo = [] + combo.append(c1) + cookie_combos.append([c1]) + for c2 in cookies: + if c1 != c2: + combo.append(c2) + cookie_combos.append(combo) + # loop through each of the cookies - for cookie in cookies: - # clear the session cookies and set a new cookie + for combo in cookie_combos: + # clear the session cookies and set cookies self.session.cookies.clear() - self.session.cookies.set(cookie[0], cookie[1]) + for cookie in combo: + self.session.cookies.set(cookie[0], cookie[1]) # try making a GET /api/login request response = None