The fix simply mocks the two network requests that happen from the SSRFVulnerabilityTest test. I tried to keep the changes to a minimum, especially to the SSRFVulnerability class. Here I simply moved the network call out to a new getResponseForURLConnection() call, mostly unchanged. This is the method that is mocked from the test.
I ran into some strange Mockito spy behavior which forced the creation of the interim ssrfSpy variable.
Re issue #445.
The fix simply mocks the two network requests that happen from the SSRFVulnerabilityTest test. I tried to keep the changes to a minimum, especially to the SSRFVulnerability class. Here I simply moved the network call out to a new getResponseForURLConnection() call, mostly unchanged. This is the method that is mocked from the test.
I ran into some strange Mockito spy behavior which forced the creation of the interim ssrfSpy variable.
Thanks!