diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-03-18 23:02:30 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-03-18 23:02:30 +0300 |
commit | 41fe97390ceddf945f3d967b8fdb3de4c66b7dea (patch) | |
tree | 9c8d89a8624828992f06d892cd2f43818ff5dcc8 /spec/fixtures/security_reports | |
parent | 0804d2dc31052fb45a1efecedc8e06ce9bc32862 (diff) |
Add latest changes from gitlab-org/gitlab@14-9-stable-eev14.9.0-rc42
Diffstat (limited to 'spec/fixtures/security_reports')
-rw-r--r-- | spec/fixtures/security_reports/master/gl-common-scanning-report.json | 140 |
1 files changed, 140 insertions, 0 deletions
diff --git a/spec/fixtures/security_reports/master/gl-common-scanning-report.json b/spec/fixtures/security_reports/master/gl-common-scanning-report.json index cf4c5239b57..1fb00b2ff3a 100644 --- a/spec/fixtures/security_reports/master/gl-common-scanning-report.json +++ b/spec/fixtures/security_reports/master/gl-common-scanning-report.json @@ -12,6 +12,76 @@ "id": "gemnasium", "name": "Gemnasium" }, + "evidence": { + "source": { + "id": "assert:CORS - Bad 'Origin' value", + "name": "CORS - Bad 'Origin' value" + }, + "summary": "The Origin header was changed to an invalid value of http://peachapisecurity.com and the response contained an Access-Control-Allow-Origin header which included this invalid Origin, indicating that the CORS configuration on the server is overly permissive.\n\n\n", + "request": { + "headers": [ + { + "name": "Host", + "value": "127.0.0.1:7777" + } + ], + "method": "GET", + "url": "http://127.0.0.1:7777/api/users", + "body": "" + }, + "response": { + "headers": [ + { + "name": "Server", + "value": "TwistedWeb/20.3.0" + } + ], + "reason_phrase": "OK", + "status_code": 200, + "body": "[{\"user_id\":1,\"user\":\"admin\",\"first\":\"Joe\",\"last\":\"Smith\",\"password\":\"Password!\"}]" + }, + "supporting_messages": [ + { + "name": "Origional", + "request": { + "headers": [ + { + "name": "Host", + "value": "127.0.0.1:7777" + } + ], + "method": "GET", + "url": "http://127.0.0.1:7777/api/users", + "body": "" + } + }, + { + "name": "Recorded", + "request": { + "headers": [ + { + "name": "Host", + "value": "127.0.0.1:7777" + } + ], + "method": "GET", + "url": "http://127.0.0.1:7777/api/users", + "body": "" + }, + "response": { + "headers": [ + { + "name": "Server", + "value": "TwistedWeb/20.3.0" + } + ], + "reason_phrase": "OK", + "status_code": 200, + "body": "[{\"user_id\":1,\"user\":\"admin\",\"first\":\"Joe\",\"last\":\"Smith\",\"password\":\"Password!\"}]" + } + } + ] + }, "location": {}, "identifiers": [ { @@ -57,6 +127,76 @@ "id": "gemnasium", "name": "Gemnasium" }, + "evidence": { + "source": { + "id": "assert:CORS - Bad 'Origin' value", + "name": "CORS - Bad 'Origin' value" + }, + "summary": "The Origin header was changed to an invalid value of http://peachapisecurity.com and the response contained an Access-Control-Allow-Origin header which included this invalid Origin, indicating that the CORS configuration on the server is overly permissive.\n\n\n", + "request": { + "headers": [ + { + "name": "Host", + "value": "127.0.0.1:7777" + } + ], + "method": "GET", + "url": "http://127.0.0.1:7777/api/users", + "body": "" + }, + "response": { + "headers": [ + { + "name": "Server", + "value": "TwistedWeb/20.3.0" + } + ], + "reason_phrase": "OK", + "status_code": 200, + "body": "[{\"user_id\":1,\"user\":\"admin\",\"first\":\"Joe\",\"last\":\"Smith\",\"password\":\"Password!\"}]" + }, + "supporting_messages": [ + { + "name": "Origional", + "request": { + "headers": [ + { + "name": "Host", + "value": "127.0.0.1:7777" + } + ], + "method": "GET", + "url": "http://127.0.0.1:7777/api/users", + "body": "" + } + }, + { + "name": "Recorded", + "request": { + "headers": [ + { + "name": "Host", + "value": "127.0.0.1:7777" + } + ], + "method": "GET", + "url": "http://127.0.0.1:7777/api/users", + "body": "" + }, + "response": { + "headers": [ + { + "name": "Server", + "value": "TwistedWeb/20.3.0" + } + ], + "reason_phrase": "OK", + "status_code": 200, + "body": "[{\"user_id\":1,\"user\":\"admin\",\"first\":\"Joe\",\"last\":\"Smith\",\"password\":\"Password!\"}]" + } + } + ] + }, "location": {}, "identifiers": [ { |