Testing Server side validator for security example

This page is the test for Server side validator example. In this testing, you detect the correct error is thrown when the invalid access occurs.

In order to understand what test, please take a look at Server side validator example before reading this page.

About test cases

This test case is to make invalid access and check the server side program can detect it. If the server side program can detect it, it shows error page.

The evidense screen shot is stored at location below.

/[Project]/screenshots/server-side-validator

Server side validator example screenshot

Those screenshots a taken by Selenium program using taking screenshot technique.

Location of the source code

The source code to test this is in "org.alinous.test.html5.basic" package. The test is in the "ServerSideValidatorTest" class.

location of  the java class

Initialize WebDriver of the Selenium

At the first of the JUnit Test class, we initialize and connect the WebDriver, and make the download folder empty.

Make Invalid Access

This test case is to make invalid access. The normal access is to this web page.

web site form

This page has a web form. On usual case, users access this page, input value into the form input, and submit the from. But hackers access the url to submit the form directly by using program.

Then the parameter is wrong, the security problem occur, so we have to deny the spam access by checking the from parameters in the server side.

If server side program detect the wrong access, next page appears.

invalid access

Source code

The source code of this test case is below.

In this program, accessing the url "/samples/server-side-validator/index.html" with parameter "cmd". On the correct case, the "name" parameter is necessary, but invalid access is without it.

After making invalid access and the page appear, it get the text of the "alinousInternalErrorForm" form in the browser by calling WebElement#getText().

And checking the correct Exception is thrown, by checking the string "org.alinous.expections.ServerValidationException" is included in the text.



Go to Top