Closed domanchi closed 5 years ago
We need to handle expected direct object reference gracefully, and provide developers the tools to able to whitelist such endpoints.
We should expose this functionality through a similar declarative style like fuzz_lightyear.register_factory. Maybe something like:
fuzz_lightyear.register_factory
import fuzz_lightyear @fuzz_lightyear.register_excluded_endpoints def whitelist(): return [ 'store.getOrderById', ]
Summary
We need to handle expected direct object reference gracefully, and provide developers the tools to able to whitelist such endpoints.
Action Steps
We should expose this functionality through a similar declarative style like
fuzz_lightyear.register_factory
. Maybe something like: