Have attacker rerun all requests, update xfail test

Yelp / fuzz-lightyear

A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos engineering testing and stateful, Swagger fuzzing.

Other

205 stars 25 forks source link

Have attacker rerun all requests, update xfail test #44

Closed tanx16 closed 4 years ago

tanx16 commented 4 years ago

This makes the attacker run all the requests with their own authorization. However, this has a flaw where the attacker may try to create duplicate objects, which would could cause an error to occur. I updated the existing xfail test to account for this.

tanx16 commented 4 years ago

(This semi-addresses https://github.com/Yelp/fuzz-lightyear/issues/11)

tanx16 commented 4 years ago

I ended up reverting the test that I modified, as after testing for a while I realized that it was flaky and I couldn't figure out why.