Set the 'type' param so that future calls will know its type

OWASP / OFFAT

The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.

http://owasp.org/OFFAT/

MIT License

407 stars 59 forks source link

Set the 'type' param so that future calls will know its type #99

Closed nrathaus closed 1 month ago

nrathaus commented 2 months ago

Scanning the end point of https://brokencrystals.com/swagger-json disclosed some false negatives caused by not setting the type field, making payload values to not get set to their new value

nrathaus commented 1 month ago

Can you please merge this? it is making OFFAT not find anything as the payload isn't modified after the first iteration

nrathaus commented 1 month ago

@dmdhrumilmistry

dmdhrumilmistry commented 1 month ago

Can you please merge this? it is making OFFAT not find anything as the payload isn't modified after the first iteration

Hi @nrathaus, apologies for the delayed response. I was bit occupied this week. I've tested it manually and changes made in this PR seems to be working fine.