I'm trying to write a test to make sure that my application isn't
vulnerable to this
exploit<http://www.phenoelit.org/blog/archives/2013/02/05/mysql_madness_and_rails/>.
It can demonstrate it using curl, but I can't figure out how to get an
rspec test running that will demonstrate it.
I found a few resources that suggested setting request.env['RAW_POST_DATA']
and setting the content-type header would work, but I haven't been able to
get any parameters recognized by Rails that way:
it "should not be vulnerable to integer token values"
request.env['RAW_POST_DATA'] = { token: 0 }.to_json
request.env['CONTENT_TYPE'] = "application/json"
post :reset_password
end
When I try this, token does not end up in my params hash. I know that since
the Rails vulnerabilities were discovered, parameter parsing was changed,
and I assume that this code was affected by that, but is there any way I
can get around that? Maybe use Rack::Test::Methods directly or something
like that?
Any help would be appreciated.
--
You received this message because you are subscribed to the Google Groups
"rspec" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msg/rspec/-/sdoGY58oJEIJ.
For more options, visit https://groups.google.com/groups/opt_out.
