-
Notifications
You must be signed in to change notification settings - Fork 333
Expand file tree
/
Copy pathEmailInjectionModuleTest.groovy
More file actions
47 lines (37 loc) · 1.19 KB
/
EmailInjectionModuleTest.groovy
File metadata and controls
47 lines (37 loc) · 1.19 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
package com.datadog.iast.sink
import com.datadog.iast.IastModuleImplTestBase
import com.datadog.iast.Reporter
import com.datadog.iast.model.Vulnerability
import com.datadog.iast.model.VulnerabilityType
import com.datadog.iast.propagation.PropagationModuleImpl
import datadog.trace.api.iast.SourceTypes
class EmailInjectionModuleTest extends IastModuleImplTestBase{
private EmailInjectionModuleImpl module
def setup() {
module = new EmailInjectionModuleImpl(dependencies)
}
@Override
protected Reporter buildReporter() {
return Mock(Reporter)
}
def "test onSendEmail with null messageContent"() {
when:
module.onSendEmail(null)
then:
noExceptionThrown()
}
def "test onSendEmail with non-null messageContent"() {
given:
def messageContent = "test message"
def propagationModule = new PropagationModuleImpl()
propagationModule.taintObject(messageContent, SourceTypes.NONE)
when:
module.onSendEmail(messageContent)
then:
1 * reporter.report(_, _) >> { args ->
def vulnerability = args[1] as Vulnerability
vulnerability.type == VulnerabilityType.EMAIL_HTML_INJECTION &&
vulnerability.evidence == messageContent
}
}
}