From far, this is one of the best extension I've seen to test authorization controls on web apps :) There is two features I'd like to see implemented in this extension, let me know your thoughts:
Ability to remove headers for testing unauthenticated roles. The documentation shows a good example that empties the session_id cookie but I haven't found a way to remove the entire header.
Ability to generate random strings to put in some fields. Some actions on APIs requires you to put some new data for each request. Would that make sense to have a Transformer that will generate a unique string ?
I can help making those changes if needed, just let me know !
Hello !
From far, this is one of the best extension I've seen to test authorization controls on web apps :) There is two features I'd like to see implemented in this extension, let me know your thoughts:
session_idcookie but I haven't found a way to remove the entire header.I can help making those changes if needed, just let me know !