Testing Server side validator for security example
This page is the test for Server side validator example. In this testing, you detect the correct error is thrown when the invalid access occurs.
In order to understand what test, please take a look at Server side validator example before reading this page.
- About test cases
- Location of the source code
- Initialize WebDriver of the Selenium
- Make Invalid Access
This test case is to make invalid access and check the server side program can detect it. If the server side program can detect it, it shows error page.
The evidense screen shot is stored at location below.
Those screenshots a taken by Selenium program using taking screenshot technique.
The source code to test this is in "org.alinous.test.html5.basic" package. The test is in the "ServerSideValidatorTest" class.
At the first of the JUnit Test class, we initialize and connect the WebDriver, and make the download folder empty.
This test case is to make invalid access. The normal access is to this web page.
This page has a web form. On usual case, users access this page, input value into the form input, and submit the from. But hackers access the url to submit the form directly by using program.
Then the parameter is wrong, the security problem occur, so we have to deny the spam access by checking the from parameters in the server side.
If server side program detect the wrong access, next page appears.
The source code of this test case is below.
In this program, accessing the url "/samples/server-side-validator/index.html" with parameter "cmd". On the correct case, the "name" parameter is necessary, but invalid access is without it.
After making invalid access and the page appear, it get the text of the "
alinousInternalErrorForm" form in the browser by calling WebElement#
And checking the correct Exception is thrown, by checking the string "org.alinous.expections.ServerValidationException" is included in the text.