From e5a2246f60d91e4a880129984aefef7756009dc3 Mon Sep 17 00:00:00 2001 From: Omur Sahin Date: Sat, 29 Nov 2025 10:50:04 +0300 Subject: [PATCH] xss option --- .../v3/security/xss/reflected/html/XSSReflectedEMTest.kt | 1 + .../security/xss/reflected/json/XSSReflectedJSONEMTest.kt | 1 + .../v3/security/xss/stored/html/XSSStoredEMTest.kt | 1 + .../v3/security/xss/stored/json/XSSStoredJSONEMTest.kt | 1 + core/src/main/kotlin/org/evomaster/core/EMConfig.kt | 8 ++++++++ .../evomaster/core/problem/rest/service/SecurityRest.kt | 2 +- .../problem/rest/service/fitness/AbstractRestFitness.kt | 2 +- docs/options.md | 1 + 8 files changed, 15 insertions(+), 2 deletions(-) diff --git a/core-tests/e2e-tests/spring/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/reflected/html/XSSReflectedEMTest.kt b/core-tests/e2e-tests/spring/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/reflected/html/XSSReflectedEMTest.kt index 4bb978760b..124b2f4cf9 100644 --- a/core-tests/e2e-tests/spring/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/reflected/html/XSSReflectedEMTest.kt +++ b/core-tests/e2e-tests/spring/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/reflected/html/XSSReflectedEMTest.kt @@ -29,6 +29,7 @@ class XSSReflectedEMTest : SpringTestBase() { ) { args: MutableList -> setOption(args, "security", "true") + setOption(args, "xss", "true") val solution = initAndRun(args) diff --git a/core-tests/e2e-tests/spring/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/reflected/json/XSSReflectedJSONEMTest.kt b/core-tests/e2e-tests/spring/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/reflected/json/XSSReflectedJSONEMTest.kt index e4cf9a9dc4..2e59463297 100644 --- a/core-tests/e2e-tests/spring/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/reflected/json/XSSReflectedJSONEMTest.kt +++ b/core-tests/e2e-tests/spring/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/reflected/json/XSSReflectedJSONEMTest.kt @@ -29,6 +29,7 @@ class XSSReflectedJSONEMTest : SpringTestBase() { ) { args: MutableList -> setOption(args, "security", "true") + setOption(args, "xss", "true") val solution = initAndRun(args) diff --git a/core-tests/e2e-tests/spring/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/stored/html/XSSStoredEMTest.kt b/core-tests/e2e-tests/spring/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/stored/html/XSSStoredEMTest.kt index c0227bc83a..1e4b4fdc00 100644 --- a/core-tests/e2e-tests/spring/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/stored/html/XSSStoredEMTest.kt +++ b/core-tests/e2e-tests/spring/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/stored/html/XSSStoredEMTest.kt @@ -29,6 +29,7 @@ class XSSStoredEMTest : SpringTestBase() { ) { args: MutableList -> setOption(args, "security", "true") + setOption(args, "xss", "true") val solution = initAndRun(args) diff --git a/core-tests/e2e-tests/spring/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/stored/json/XSSStoredJSONEMTest.kt b/core-tests/e2e-tests/spring/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/stored/json/XSSStoredJSONEMTest.kt index c02daf694a..1916edbf4d 100644 --- a/core-tests/e2e-tests/spring/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/stored/json/XSSStoredJSONEMTest.kt +++ b/core-tests/e2e-tests/spring/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/stored/json/XSSStoredJSONEMTest.kt @@ -29,6 +29,7 @@ class XSSStoredJSONEMTest : SpringTestBase() { ) { args: MutableList -> setOption(args, "security", "true") + setOption(args, "xss", "true") val solution = initAndRun(args) diff --git a/core/src/main/kotlin/org/evomaster/core/EMConfig.kt b/core/src/main/kotlin/org/evomaster/core/EMConfig.kt index cee0c78136..03d11140e3 100644 --- a/core/src/main/kotlin/org/evomaster/core/EMConfig.kt +++ b/core/src/main/kotlin/org/evomaster/core/EMConfig.kt @@ -598,6 +598,10 @@ class EMConfig { throw ConfigProblemException("The use of 'ssrf' requires 'security'") } + if(!security && xss) { + throw ConfigProblemException("The use of 'xss' requires 'security'") + } + if (ssrf && vulnerableInputClassificationStrategy == VulnerableInputClassificationStrategy.LLM && !languageModelConnector) { @@ -2597,6 +2601,10 @@ class EMConfig { @Cfg("To apply SSRF detection as part of security testing.") var ssrf = false + @Experimental + @Cfg("To apply XSS detection as part of security testing.") + var xss = false + @Regex(faultCodeRegex) @Cfg("Disable oracles. Provide a comma-separated list of codes to disable. " + "By default, all oracles are enabled." diff --git a/core/src/main/kotlin/org/evomaster/core/problem/rest/service/SecurityRest.kt b/core/src/main/kotlin/org/evomaster/core/problem/rest/service/SecurityRest.kt index a83718abcc..13cdacbbc4 100644 --- a/core/src/main/kotlin/org/evomaster/core/problem/rest/service/SecurityRest.kt +++ b/core/src/main/kotlin/org/evomaster/core/problem/rest/service/SecurityRest.kt @@ -285,7 +285,7 @@ class SecurityRest { handleNotRecognizedAuthenticated() } - if (!config.isEnabledFaultCategory(DefinedFaultCategory.XSS)) { + if (!config.xss || !config.isEnabledFaultCategory(DefinedFaultCategory.XSS)) { LoggingUtil.uniqueUserInfo("Skipping security test for XSS as disabled in configuration") } else { handleXSSCheck() diff --git a/core/src/main/kotlin/org/evomaster/core/problem/rest/service/fitness/AbstractRestFitness.kt b/core/src/main/kotlin/org/evomaster/core/problem/rest/service/fitness/AbstractRestFitness.kt index b2a39cc9ac..4648bc81f3 100644 --- a/core/src/main/kotlin/org/evomaster/core/problem/rest/service/fitness/AbstractRestFitness.kt +++ b/core/src/main/kotlin/org/evomaster/core/problem/rest/service/fitness/AbstractRestFitness.kt @@ -1345,7 +1345,7 @@ abstract class AbstractRestFitness : HttpWsFitness() { actionResults: List, fv: FitnessValue ) { - if (!config.isEnabledFaultCategory(DefinedFaultCategory.XSS)) { + if(!config.xss || !config.isEnabledFaultCategory(DefinedFaultCategory.XSS)){ return } diff --git a/docs/options.md b/docs/options.md index 7ee15b4929..9980693f46 100644 --- a/docs/options.md +++ b/docs/options.md @@ -323,3 +323,4 @@ There are 3 types of options: |`vulnerableInputClassificationStrategy`| __Enum__. Strategy to classify inputs for potential vulnerability classes related to an REST endpoint. *Valid values*: `MANUAL, LLM`. *Default value*: `MANUAL`.| |`wbProbabilityUseDataPool`| __Double__. Specify the probability of using the data pool when sampling test cases. This is for white-box (wb) mode. *Constraints*: `probability 0.0-1.0`. *Default value*: `0.2`.| |`writeSnapshotTestsIntervalInSeconds`| __Int__. The size (in seconds) of the interval that the snapshots will be printed, if enabled. *Default value*: `3600`.| +|`xss`| __Boolean__. To apply XSS detection as part of security testing. *Default value*: `false`.|