fix(测试跟踪): 修复自定义插件功能引起的安全漏洞及用例模块匹配问题

This commit is contained in:
song-tianyang 2022-01-06 11:24:22 +08:00 committed by song-tianyang
parent 0ceee1430c
commit 399bd4acff
2 changed files with 5 additions and 12 deletions

View File

@ -410,13 +410,11 @@ public class MsHTTPSamplerProxy extends MsTestElement {
this.useEnvironment = config.getConfig().get(this.getProjectId()).getApiEnvironmentid(); this.useEnvironment = config.getConfig().get(this.getProjectId()).getApiEnvironmentid();
} }
String url = httpConfig.getProtocol() + "://" + httpConfig.getSocket(); String url = httpConfig.getProtocol() + "://" + httpConfig.getSocket();
if (isUrl()) {
// 补充如果是完整URL 则用自身URL // 补充如果是完整URL 则用自身URL
if (StringUtils.isNotEmpty(this.getUrl()) && ElementUtil.isURL(this.getUrl())) { if (StringUtils.isNotEmpty(this.getUrl()) && ElementUtil.isURL(this.getUrl())) {
url = this.getUrl(); url = this.getUrl();
} }
if (isUrl()) {
if (this.isCustomizeReq()) { if (this.isCustomizeReq()) {
url = this.getUrl(); url = this.getUrl();
sampler.setProperty("HTTPSampler.path", url); sampler.setProperty("HTTPSampler.path", url);
@ -633,9 +631,6 @@ public class MsHTTPSamplerProxy extends MsTestElement {
} }
return true; return true;
} }
if (StringUtils.isNotEmpty(this.getUrl()) && ElementUtil.isURL(this.getUrl())) {
return true;
}
return false; return false;
} }
@ -811,6 +806,7 @@ public class MsHTTPSamplerProxy extends MsTestElement {
} else { } else {
TestPlanApiCaseService testPlanApiCaseService = CommonBeanFactory.getBean(TestPlanApiCaseService.class); TestPlanApiCaseService testPlanApiCaseService = CommonBeanFactory.getBean(TestPlanApiCaseService.class);
TestPlanApiCase testPlanApiCase = testPlanApiCaseService.getById(this.getId()); TestPlanApiCase testPlanApiCase = testPlanApiCaseService.getById(this.getId());
testPlanApiCase = testPlanApiCase == null ? testPlanApiCaseService.getById(this.getName()) : testPlanApiCase;
if (testPlanApiCase != null) { if (testPlanApiCase != null) {
ApiTestCaseWithBLOBs caseWithBLOBs = apiTestCaseService.get(testPlanApiCase.getApiCaseId()); ApiTestCaseWithBLOBs caseWithBLOBs = apiTestCaseService.get(testPlanApiCase.getApiCaseId());
if (caseWithBLOBs != null) { if (caseWithBLOBs != null) {

View File

@ -69,9 +69,6 @@ public class ShiroUtils {
//mock接口 //mock接口
filterChainDefinitionMap.put("/mock/**", "anon"); filterChainDefinitionMap.put("/mock/**", "anon");
filterChainDefinitionMap.put("/ws/**", "anon"); filterChainDefinitionMap.put("/ws/**", "anon");
filterChainDefinitionMap.put("/plugin/**", "anon");
} }
public static void ignoreCsrfFilter(Map<String, String> filterChainDefinitionMap) { public static void ignoreCsrfFilter(Map<String, String> filterChainDefinitionMap) {