Commit 7dc67452 authored by Kathy Lowry's avatar Kathy Lowry Committed by Jinelle Foley-Barnes

Behat Test: inject into search users box

Added a: I press the key "key" step
Currently works for 'enter' key and char keys, eg 'B'

Change-Id: I1d2cea37ef7bf1e0ae74974733abeae27106cb29
parent 6f81244f
......@@ -314,6 +314,24 @@ class BehatGeneral extends BehatBase {
$node->click();
}
/**
* Press the key.
*
* @When /^I press the key "(?P<key>(?:[^"]|\\")*)" in the "(?P<element_container_string>(?:[^"]|\\")*)" field$/
* @param string $key_press want to simulate pressing
* @param string $nodeelement Element we focus on
*/
public function i_key_press($key_press, $nodeelement) {
if (strtolower($key_press) == 'enter' || strtolower($key_press) == 'return') {
$key_press = 13;
}
$node = $this->get_selected_node('field', $nodeelement);
$node->keyPress($key_press);
}
/**
* Click on the link or button which is located inside the second element.
*
......
@javascript @core @core_administration
Feature: Check search is free from sql vulnerability
In order to check the main search field is secure
As an admin I want to inject sql into the search field
So I can check the field doesn't error
Scenario: sql injection attempt on search field
Given I log in as "admin" with password "Password1"
And I wait "1" seconds
When I set the following fields to these values:
| Search users | 'or 1=1;-- |
And I press the key "Enter" in the "Search users" field
Then I should see "No search results found"
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment