Reports are missing request and base64-encoded

[lobax]

Reports are missing data about the request that cause the issue, and many fields are base64-encoded.

For instance, a report can look like this:

{
  "status": "ZmFpbGVk",
  "name": "dGFyZ2V0",
  "sub_reports": [],
  "test_number": 94,
  "state": "Q09NUExFVEVE",
  "reason": "dGFyZ2V0"
}

[KissPeter]

base64 encoding is a standard function because this way no need to take care on escaping. Could you please share further information about the api request which generated this report? This is not enough to start any investigation in the code.

Thanks

[lobax]

The report was generated by running APIFuzzer against the test server: python3 fuzzer.py -s test/test_swagger_definition.json -u http://127.0.0.1:5000/ -r /tmp/reports/ --log debug

Maybe the format for the reports should be added to the docs? I can do a PR once I feel I understand how it works.

[KissPeter]

Good point, I will extend the documentation

[lobax]

BTW, How do I get the request that triggered the report? Ideally, it should be a part of the report

[KissPeter]

Ideally the request, response and the response code are part of the report. Since often nasty chars are used, saving the report is not successful all the time. I'm working on it, but not an obvious issue. Please note that report is generated if the fuzzer was unable to identify the http response code or it is not on the following list: list(range(200, 300)) + list(range(400, 500))

It is a good idea during fuzzing to analyse the application log e.g grep -v -e DEBUG -e INFO -e NOTICE -e WARNING /log/file gives you the interesting log records :-)

[KissPeter]

it is fixed now