You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have some test API with endpoint GET /testStatusCode. In the OAS is defined, that this endpoint will return 200 or 400 status code. Instead, I implemented my API to always return 403. Other fuzzers can detect this difference between real status code and specified status code as bug. What about RESTler? Is this possible?
Thanks for your great work so far :)
The text was updated successfully, but these errors were encountered:
I believe there's no looking for difference between OAS and real answers (since I don't see any reference to response codes in compilation results), but you can detect specified codes with "custom_bug_codes" in user settings file. At least that's what I do in my project detecting both 200 and 5** codes.
Description
I have some test API with endpoint GET
/testStatusCode
. In the OAS is defined, that this endpoint will return 200 or 400 status code. Instead, I implemented my API to always return 403. Other fuzzers can detect this difference between real status code and specified status code as bug. What about RESTler? Is this possible?Thanks for your great work so far :)
The text was updated successfully, but these errors were encountered: