asriz7777
commented
5 years ago Project : FXABAC TEST
Template : ApiV1DataSetsPutDatasetuserbDisallowHijack1
Run Id : 8a808011699a990101699ab3901a2277
Job : Default
Env : Default
Category : Hijack_Level1
Tags : [FX Top 10 - API Vulnerability, Data_Access_Control]
Severity : Major
Region : FXLabs/US_WEST_1
Result : fail
Status Code : 400
Headers : {X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NjI0ZTE5MzYtNDg2MS00MzMwLThmYTItNDVkOTg2OTg3YzQ4; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:47 GMT]}
Endpoint : http://13.56.210.25/api/v1/data-sets
Request :
{
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "BrH8TbrX",
"project" : "",
"props" : null,
"version" : ""
}
Response :
{
"timestamp" : "2019-03-20T10:44:48.505+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])",
"path" : "/api/v1/data-sets"
}
Logs :
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/orgs]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : Request [{
"billingEmail" : "JLl2tYSO",
"company" : "Mohr Group",
"createdBy" : "",
"createdDate" : "",
"description" : "JLl2tYSO",
"id" : "",
"inactive" : false,
"location" : "JLl2tYSO",
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "JLl2tYSO",
"orgPlan" : "TEAM",
"orgType" : "ENTERPRISE",
"version" : ""
}]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:42.099+0000",
"status" : 403,
"error" : "Forbidden",
"message" : "Forbidden",
"path" : "/api/v1/orgs"
}]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjM4NmE3YzEtYTA4Ni00MTMwLTg2NzMtMjBmNWFmM2RjOTU1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:41 GMT]}]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : StatusCode [403]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : Time [758]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : Size [121]
2019-03-20 10:44:42 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [403 == 200 OR 403 == 201] result [Failed]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjM4NmE3YzEtYTA4Ni00MTMwLTg2NzMtMjBmNWFmM2RjOTU1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:41 GMT]}]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjM4NmE3YzEtYTA4Ni00MTMwLTg2NzMtMjBmNWFmM2RjOTU1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:41 GMT]}]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjM4NmE3YzEtYTA4Ni00MTMwLTg2NzMtMjBmNWFmM2RjOTU1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:41 GMT]}]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjM4NmE3YzEtYTA4Ni00MTMwLTg2NzMtMjBmNWFmM2RjOTU1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:41 GMT]}]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/accounts]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : Request [{
"accessKey" : "LHbX84qC",
"accountType" : "GitLab",
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "LHbX84qC",
"org" : "",
"prop1" : "LHbX84qC",
"prop2" : "LHbX84qC",
"prop3" : "LHbX84qC",
"region" : "LHbX84qC",
"secretKey" : "LHbX84qC",
"version" : ""
}]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:42.994+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 11, column: 11] (through reference chain: com.fxlabs.fxt.dto.clusters.Account[\"org\"])",
"path" : "/api/v1/accounts"
}]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODExMzkwYjItYzhjNC00MjZlLWIxZWItYzA3MjRkOWE2ZjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:42 GMT]}]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : Time [894]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : Size [722]
2019-03-20 10:44:43 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODExMzkwYjItYzhjNC00MjZlLWIxZWItYzA3MjRkOWE2ZjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:42 GMT]}]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODExMzkwYjItYzhjNC00MjZlLWIxZWItYzA3MjRkOWE2ZjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:42 GMT]}]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODExMzkwYjItYzhjNC00MjZlLWIxZWItYzA3MjRkOWE2ZjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:42 GMT]}]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODExMzkwYjItYzhjNC00MjZlLWIxZWItYzA3MjRkOWE2ZjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:42 GMT]}]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/skills]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : Request [{
"accessKey" : "0wVXLQhe",
"createdBy" : "",
"createdDate" : "",
"description" : "0wVXLQhe",
"host" : "0wVXLQhe",
"id" : "",
"inactive" : false,
"key" : "0wVXLQhe",
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "0wVXLQhe",
"org" : "",
"prop1" : "0wVXLQhe",
"prop2" : "0wVXLQhe",
"prop3" : "0wVXLQhe",
"prop4" : "0wVXLQhe",
"prop5" : "0wVXLQhe",
"secretKey" : "0wVXLQhe",
"skillType" : "BOT_DEPLOYMENT",
"version" : ""
}]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:43.773+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 13, column: 11] (through reference chain: com.fxlabs.fxt.dto.skills.Skill[\"org\"])",
"path" : "/api/v1/skills"
}]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTc1MTY4NTUtNzQ4OS00MTE3LTg5YzctMDg5Y2IyNDBlZmJk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:43 GMT]}]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : Time [777]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : Size [716]
2019-03-20 10:44:43 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTc1MTY4NTUtNzQ4OS00MTE3LTg5YzctMDg5Y2IyNDBlZmJk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:43 GMT]}]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTc1MTY4NTUtNzQ4OS00MTE3LTg5YzctMDg5Y2IyNDBlZmJk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:43 GMT]}]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTc1MTY4NTUtNzQ4OS00MTE3LTg5YzctMDg5Y2IyNDBlZmJk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:43 GMT]}]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTc1MTY4NTUtNzQ4OS00MTE3LTg5YzctMDg5Y2IyNDBlZmJk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:43 GMT]}]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/issue-trackers/issue-tracker-bot]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : Request [{
"account" : "",
"createdBy" : "",
"createdDate" : "",
"description" : "wGpUm1MA",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "wGpUm1MA",
"org" : "",
"prop1" : "wGpUm1MA",
"prop2" : "wGpUm1MA",
"prop3" : "wGpUm1MA",
"prop4" : "wGpUm1MA",
"prop5" : "wGpUm1MA",
"skill" : "",
"state" : "INACTIVE",
"version" : "",
"visibility" : "ORG_PUBLIC"
}]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:44.520+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.it.IssueTracker[\"account\"])",
"path" : "/api/v1/issue-trackers/issue-tracker-bot"
}]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTBmMTI1ZGEtNWZjNC00MzBlLTliMzItN2FkYTM1ZjkwMTcz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : Time [757]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : Size [768]
2019-03-20 10:44:44 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTBmMTI1ZGEtNWZjNC00MzBlLTliMzItN2FkYTM1ZjkwMTcz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTBmMTI1ZGEtNWZjNC00MzBlLTliMzItN2FkYTM1ZjkwMTcz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTBmMTI1ZGEtNWZjNC00MzBlLTliMzItN2FkYTM1ZjkwMTcz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTBmMTI1ZGEtNWZjNC00MzBlLTliMzItN2FkYTM1ZjkwMTcz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/projects]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : Request [{
"account" : "",
"autoGenSuites" : "1208576592",
"branch" : "K69Jvp59",
"bugsOpen" : "1208576592",
"createdBy" : "",
"createdDate" : "",
"description" : "K69Jvp59",
"genPolicy" : "Create",
"id" : "",
"inactive" : false,
"isFileLoad" : "K69Jvp59",
"issueTracker" : "",
"lastCommit" : "K69Jvp59",
"lastSync" : null,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "K69Jvp59",
"openAPISpec" : "K69Jvp59",
"openText" : "K69Jvp59",
"org" : "",
"props" : null,
"url" : "K69Jvp59",
"version" : ""
}]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:45.408+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.Project[\"account\"])",
"path" : "/api/v1/projects"
}]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZGJjMTg0NjUtYjZkZC00OWFmLTk2Y2MtMjBjMTg2ZmUyMjJl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : Time [875]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : Size [744]
2019-03-20 10:44:45 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZGJjMTg0NjUtYjZkZC00OWFmLTk2Y2MtMjBjMTg2ZmUyMjJl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZGJjMTg0NjUtYjZkZC00OWFmLTk2Y2MtMjBjMTg2ZmUyMjJl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZGJjMTg0NjUtYjZkZC00OWFmLTk2Y2MtMjBjMTg2ZmUyMjJl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZGJjMTg0NjUtYjZkZC00OWFmLTk2Y2MtMjBjMTg2ZmUyMjJl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/data-sets]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : Request [{
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "2IpFk5BS",
"project" : "",
"props" : null,
"version" : ""
}]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:46.412+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])",
"path" : "/api/v1/data-sets"
}]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODZmYTRhMTItODRjOS00YzQxLTg2NjctNWI5ZDY2ZDIyMWJj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:45 GMT]}]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : Time [1002]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : Size [745]
2019-03-20 10:44:46 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODZmYTRhMTItODRjOS00YzQxLTg2NjctNWI5ZDY2ZDIyMWJj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:45 GMT]}]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODZmYTRhMTItODRjOS00YzQxLTg2NjctNWI5ZDY2ZDIyMWJj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:45 GMT]}]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODZmYTRhMTItODRjOS00YzQxLTg2NjctNWI5ZDY2ZDIyMWJj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:45 GMT]}]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODZmYTRhMTItODRjOS00YzQxLTg2NjctNWI5ZDY2ZDIyMWJj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:45 GMT]}]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : URL [http://13.56.210.25/api/v1/projects]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : Method [POST]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : Request [{
"account" : "",
"autoGenSuites" : "1207797453",
"branch" : "Z0yBXanW",
"bugsOpen" : "1207797453",
"createdBy" : "",
"createdDate" : "",
"description" : "Z0yBXanW",
"genPolicy" : "Create",
"id" : "",
"inactive" : false,
"isFileLoad" : "Z0yBXanW",
"issueTracker" : "",
"lastCommit" : "Z0yBXanW",
"lastSync" : null,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "Z0yBXanW",
"openAPISpec" : "Z0yBXanW",
"openText" : "Z0yBXanW",
"org" : "",
"props" : null,
"url" : "Z0yBXanW",
"version" : ""
}]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:47.438+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.Project[\"account\"])",
"path" : "/api/v1/projects"
}]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YjZlZmMxNWYtZjUwMi00ZjBlLWEyZTMtOGQ0YTQ1ZDUwYzM0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:46 GMT]}]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : StatusCode [400]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : Time [1024]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : Size [744]
2019-03-20 10:44:47 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YjZlZmMxNWYtZjUwMi00ZjBlLWEyZTMtOGQ0YTQ1ZDUwYzM0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:46 GMT]}]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YjZlZmMxNWYtZjUwMi00ZjBlLWEyZTMtOGQ0YTQ1ZDUwYzM0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:46 GMT]}]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YjZlZmMxNWYtZjUwMi00ZjBlLWEyZTMtOGQ0YTQ1ZDUwYzM0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:46 GMT]}]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YjZlZmMxNWYtZjUwMi00ZjBlLWEyZTMtOGQ0YTQ1ZDUwYzM0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:46 GMT]}]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : URL [http://13.56.210.25/api/v1/data-sets]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Method [PUT]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Request [{
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "BrH8TbrX",
"project" : "",
"props" : null,
"version" : ""
}]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:48.505+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto (although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])",
"path" : "/api/v1/data-sets"
}]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NjI0ZTE5MzYtNDg2MS00MzMwLThmYTItNDVkOTg2OTg3YzQ4; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:47 GMT]}]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : StatusCode [400]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Time [1069]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Size [745]
2019-03-20 10:44:48 ERROR [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [400 == 401 OR 400 == 403] result [Failed]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : URL [http://13.56.210.25/api/v1/data-sets/]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Method [DELETE]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Request [null]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Response [{
"timestamp" : "2019-03-20T10:44:49.542+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/data-sets/"
}]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Response-Headers [{Allow=[GET, PUT, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YjA3NzVjZGYtY2E1Ny00ODBkLTg5MzQtZGYyYjM3YTVkNWEx; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:48 GMT]}]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : StatusCode [405]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Time [1032]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Size [164]
2019-03-20 10:44:49 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : URL [http://13.56.210.25/api/v1/projects/]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Method [DELETE]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Request [null]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Response [{
"timestamp" : "2019-03-20T10:44:50.496+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/projects/"
}]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Response-Headers [{Allow=[GET, POST, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NDQxOGQ0NmQtYzA4Zi00YWQ1LWFiMzgtNDAyZjgxYWU2OWRh; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:49 GMT]}]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : StatusCode [405]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Time [1046]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Size [163]
2019-03-20 10:44:50 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : URL [http://13.56.210.25/api/v1/issue-trackers/issue-tracker-bot/]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Method [DELETE]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Request [null]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Response [{
"timestamp" : "2019-03-20T10:44:51.673+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/issue-trackers/issue-tracker-bot/"
}]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Response-Headers [{Allow=[POST, GET, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MTZmYjYwMjctZWIyZi00YzQ2LWFjNWMtZjliNDQ1N2FkYmY5; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:51 GMT]}]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : StatusCode [405]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Time [1079]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Size [187]
2019-03-20 10:44:51 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : URL [http://13.56.210.25/api/v1/skills/]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Method [DELETE]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Request [null]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Response [{
"timestamp" : "2019-03-20T10:44:52.359+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/skills/"
}]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Response-Headers [{Allow=[GET, POST, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGJiNmY0ZjQtMGMxZi00MTliLThiZDItMDIyOGRiMDA2MDE2; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:51 GMT]}]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : StatusCode [405]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Time [684]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Size [161]
2019-03-20 10:44:52 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : URL [http://13.56.210.25/api/v1/accounts/]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Method [DELETE]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request [null]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response [{
"timestamp" : "2019-03-20T10:44:53.535+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/accounts/"
}]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzJlNWY1OTktNjM2Yi00ZTYxLWExYzEtYjIyNzQ5ZmY3Zjdk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:52 GMT]}]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : StatusCode [405]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Time [1175]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Size [163]
2019-03-20 10:44:53 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : URL [http://13.56.210.25/api/v1/orgs/]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Method [DELETE]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request [null]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response [{
"timestamp" : "2019-03-20T10:44:54.885+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/orgs/"
}]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGFkNGM4YTItOTQ2Mi00ODE1LWExZGItOWFlMDY1OGYwZTkw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:54 GMT]}]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : StatusCode [405]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Time [1349]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Size [159]
2019-03-20 10:44:54 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
--- FX Bot ---
Project : FXABAC TEST
Template : ApiV1DataSetsPutDatasetuserbDisallowHijack1
Run Id : 8a808011699a990101699ab0f9761b20
Job : Default
Env : Default
Category : Hijack_Level1
Tags : [FX Top 10 - API Vulnerability, Data_Access_Control]
Severity : Major
Region : FXLabs/US_WEST_1
Result : fail
Status Code : 400
Headers : {X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjFlMzQxNGEtOGQ2ZS00Nzk4LWEwMWMtMDNhODVjOGY1ZWYw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:52 GMT]}
Endpoint : http://13.56.210.25/api/v1/data-sets
Request :
{ "createdBy" : "", "createdDate" : "", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "name" : "AlxfLTHV", "project" : "", "props" : null, "version" : "" }
Response :
{ "timestamp" : "2019-03-20T10:41:52.252+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance of
com.fxlabs.fxt.dto.base.ProjectMinimalDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.ProjectMinimalDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])", "path" : "/api/v1/data-sets" }Logs :
2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/orgs] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : Request [{ "billingEmail" : "bLyXI0Kj", "company" : "Mayert LLC", "createdBy" : "", "createdDate" : "", "description" : "bLyXI0Kj", "id" : "", "inactive" : false, "location" : "bLyXI0Kj", "modifiedBy" : "", "modifiedDate" : "", "name" : "bLyXI0Kj", "orgPlan" : "TEAM", "orgType" : "ENTERPRISE", "version" : "" }] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:48.816+0000", "status" : 403, "error" : "Forbidden", "message" : "Forbidden", "path" : "/api/v1/orgs" }] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzVlYjYyYWQtM2UxMC00NGUxLWEyNTItYTg0ZmE3MmM3MjNk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:47 GMT]}] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : StatusCode [403] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : Time [449] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : Size [121] 2019-03-20 10:41:48 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [403 == 200 OR 403 == 201] result [Failed] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzVlYjYyYWQtM2UxMC00NGUxLWEyNTItYTg0ZmE3MmM3MjNk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:47 GMT]}] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzVlYjYyYWQtM2UxMC00NGUxLWEyNTItYTg0ZmE3MmM3MjNk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:47 GMT]}] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzVlYjYyYWQtM2UxMC00NGUxLWEyNTItYTg0ZmE3MmM3MjNk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:47 GMT]}] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzVlYjYyYWQtM2UxMC00NGUxLWEyNTItYTg0ZmE3MmM3MjNk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:47 GMT]}] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/accounts] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : Request [{ "accessKey" : "OVAfBCBf", "accountType" : "GitLab", "createdBy" : "", "createdDate" : "", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "name" : "OVAfBCBf", "org" : "", "prop1" : "OVAfBCBf", "prop2" : "OVAfBCBf", "prop3" : "OVAfBCBf", "region" : "OVAfBCBf", "secretKey" : "OVAfBCBf", "version" : "" }] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:49.349+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance of
com.fxlabs.fxt.dto.base.NameDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.NameDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 11, column: 11] (through reference chain: com.fxlabs.fxt.dto.clusters.Account[\"org\"])", "path" : "/api/v1/accounts" }] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZWViNjVjOTAtOGFkYy00MDExLTk5NmEtOTIwMjFiM2QzM2Ji; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : StatusCode [400] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : Time [532] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : Size [722] 2019-03-20 10:41:49 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZWViNjVjOTAtOGFkYy00MDExLTk5NmEtOTIwMjFiM2QzM2Ji; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZWViNjVjOTAtOGFkYy00MDExLTk5NmEtOTIwMjFiM2QzM2Ji; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZWViNjVjOTAtOGFkYy00MDExLTk5NmEtOTIwMjFiM2QzM2Ji; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZWViNjVjOTAtOGFkYy00MDExLTk5NmEtOTIwMjFiM2QzM2Ji; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/skills] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : Request [{ "accessKey" : "aPJpJEJV", "createdBy" : "", "createdDate" : "", "description" : "aPJpJEJV", "host" : "aPJpJEJV", "id" : "", "inactive" : false, "key" : "aPJpJEJV", "modifiedBy" : "", "modifiedDate" : "", "name" : "aPJpJEJV", "org" : "", "prop1" : "aPJpJEJV", "prop2" : "aPJpJEJV", "prop3" : "aPJpJEJV", "prop4" : "aPJpJEJV", "prop5" : "aPJpJEJV", "secretKey" : "aPJpJEJV", "skillType" : "BOT_DEPLOYMENT", "version" : "" }] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:49.737+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance ofcom.fxlabs.fxt.dto.base.NameDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.NameDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 13, column: 11] (through reference chain: com.fxlabs.fxt.dto.skills.Skill[\"org\"])", "path" : "/api/v1/skills" }] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGI0NTA4OTctMTAwNi00MWFlLTk3NjctNGFkOTY1OTY2NjYz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : StatusCode [400] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : Time [386] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : Size [716] 2019-03-20 10:41:49 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGI0NTA4OTctMTAwNi00MWFlLTk3NjctNGFkOTY1OTY2NjYz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGI0NTA4OTctMTAwNi00MWFlLTk3NjctNGFkOTY1OTY2NjYz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGI0NTA4OTctMTAwNi00MWFlLTk3NjctNGFkOTY1OTY2NjYz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGI0NTA4OTctMTAwNi00MWFlLTk3NjctNGFkOTY1OTY2NjYz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/issue-trackers/issue-tracker-bot] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : Request [{ "account" : "", "createdBy" : "", "createdDate" : "", "description" : "ePe3W9sd", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "name" : "ePe3W9sd", "org" : "", "prop1" : "ePe3W9sd", "prop2" : "ePe3W9sd", "prop3" : "ePe3W9sd", "prop4" : "ePe3W9sd", "prop5" : "ePe3W9sd", "skill" : "", "state" : "INACTIVE", "version" : "", "visibility" : "ORG_PUBLIC" }] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:50.234+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance ofcom.fxlabs.fxt.dto.base.AccountMinimalDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.AccountMinimalDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.it.IssueTracker[\"account\"])", "path" : "/api/v1/issue-trackers/issue-tracker-bot" }] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGM5NDVlMTYtMGMxOS00NjQ4LTk4ODMtZjlkNWZmMzU3ZGQ1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : StatusCode [400] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : Time [519] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : Size [768] 2019-03-20 10:41:50 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGM5NDVlMTYtMGMxOS00NjQ4LTk4ODMtZjlkNWZmMzU3ZGQ1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGM5NDVlMTYtMGMxOS00NjQ4LTk4ODMtZjlkNWZmMzU3ZGQ1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGM5NDVlMTYtMGMxOS00NjQ4LTk4ODMtZjlkNWZmMzU3ZGQ1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGM5NDVlMTYtMGMxOS00NjQ4LTk4ODMtZjlkNWZmMzU3ZGQ1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/projects] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : Request [{ "account" : "", "autoGenSuites" : "273967066", "branch" : "5loPPrJE", "bugsOpen" : "273967066", "createdBy" : "", "createdDate" : "", "description" : "5loPPrJE", "genPolicy" : "Create", "id" : "", "inactive" : false, "isFileLoad" : "5loPPrJE", "issueTracker" : "", "lastCommit" : "5loPPrJE", "lastSync" : null, "modifiedBy" : "", "modifiedDate" : "", "name" : "5loPPrJE", "openAPISpec" : "5loPPrJE", "openText" : "5loPPrJE", "org" : "", "props" : null, "url" : "5loPPrJE", "version" : "" }] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:50.681+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance ofcom.fxlabs.fxt.dto.base.AccountMinimalDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.AccountMinimalDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.Project[\"account\"])", "path" : "/api/v1/projects" }] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzdmMWIxMjMtZjUxNC00ZjAwLTg2ZDctMGM3OGY3MGZjZmYw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : StatusCode [400] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : Time [418] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : Size [744] 2019-03-20 10:41:50 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzdmMWIxMjMtZjUxNC00ZjAwLTg2ZDctMGM3OGY3MGZjZmYw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzdmMWIxMjMtZjUxNC00ZjAwLTg2ZDctMGM3OGY3MGZjZmYw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzdmMWIxMjMtZjUxNC00ZjAwLTg2ZDctMGM3OGY3MGZjZmYw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzdmMWIxMjMtZjUxNC00ZjAwLTg2ZDctMGM3OGY3MGZjZmYw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/data-sets] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : Request [{ "createdBy" : "", "createdDate" : "", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "name" : "FyuI2aQD", "project" : "", "props" : null, "version" : "" }] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:51.165+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance ofcom.fxlabs.fxt.dto.base.ProjectMinimalDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.ProjectMinimalDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])", "path" : "/api/v1/data-sets" }] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZTVlNTdkMzgtMWRiNy00ZDE2LWFkZDMtOTIxM2Q0YjYxNjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : StatusCode [400] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : Time [479] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : Size [745] 2019-03-20 10:41:51 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZTVlNTdkMzgtMWRiNy00ZDE2LWFkZDMtOTIxM2Q0YjYxNjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZTVlNTdkMzgtMWRiNy00ZDE2LWFkZDMtOTIxM2Q0YjYxNjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZTVlNTdkMzgtMWRiNy00ZDE2LWFkZDMtOTIxM2Q0YjYxNjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZTVlNTdkMzgtMWRiNy00ZDE2LWFkZDMtOTIxM2Q0YjYxNjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : URL [http://13.56.210.25/api/v1/projects] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : Method [POST] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : Request [{ "account" : "", "autoGenSuites" : "1001545831", "branch" : "Ngfw8jlS", "bugsOpen" : "1001545831", "createdBy" : "", "createdDate" : "", "description" : "Ngfw8jlS", "genPolicy" : "Create", "id" : "", "inactive" : false, "isFileLoad" : "Ngfw8jlS", "issueTracker" : "", "lastCommit" : "Ngfw8jlS", "lastSync" : null, "modifiedBy" : "", "modifiedDate" : "", "name" : "Ngfw8jlS", "openAPISpec" : "Ngfw8jlS", "openText" : "Ngfw8jlS", "org" : "", "props" : null, "url" : "Ngfw8jlS", "version" : "" }] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:51.584+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance ofcom.fxlabs.fxt.dto.base.AccountMinimalDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.AccountMinimalDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.Project[\"account\"])", "path" : "/api/v1/projects" }] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MGQ2NDNjM2YtMWIyYy00YzQ1LWFkMDYtYWY2NDM3NDYxNTQy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : StatusCode [400] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : Time [415] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : Size [744] 2019-03-20 10:41:51 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MGQ2NDNjM2YtMWIyYy00YzQ1LWFkMDYtYWY2NDM3NDYxNTQy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MGQ2NDNjM2YtMWIyYy00YzQ1LWFkMDYtYWY2NDM3NDYxNTQy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MGQ2NDNjM2YtMWIyYy00YzQ1LWFkMDYtYWY2NDM3NDYxNTQy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MGQ2NDNjM2YtMWIyYy00YzQ1LWFkMDYtYWY2NDM3NDYxNTQy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : URL [http://13.56.210.25/api/v1/data-sets] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Method [PUT] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Request [{ "createdBy" : "", "createdDate" : "", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "name" : "AlxfLTHV", "project" : "", "props" : null, "version" : "" }] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:52.252+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance ofcom.fxlabs.fxt.dto.base.ProjectMinimalDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.ProjectMinimalDto(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])", "path" : "/api/v1/data-sets" }] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjFlMzQxNGEtOGQ2ZS00Nzk4LWEwMWMtMDNhODVjOGY1ZWYw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:52 GMT]}] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : StatusCode [400] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Time [667] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Size [745] 2019-03-20 10:41:52 ERROR [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [400 == 401 OR 400 == 403] result [Failed] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : URL [http://13.56.210.25/api/v1/data-sets/] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Method [DELETE] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Request [null] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Response [{ "timestamp" : "2019-03-20T10:41:52.860+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/data-sets/" }] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Response-Headers [{Allow=[GET, PUT, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MmQ3OWMwMTUtNWVjNi00ODdiLWFlNWMtMDFhN2RkNjBmMjY0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:52 GMT]}] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : StatusCode [405] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Time [607] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Size [164] 2019-03-20 10:41:52 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : URL [http://13.56.210.25/api/v1/projects/] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Method [DELETE] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Request [null] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Response [{ "timestamp" : "2019-03-20T10:41:53.580+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/projects/" }] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Response-Headers [{Allow=[GET, POST, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2QxNjZlYzQtYzYzZS00OGI4LTgwNmEtOTg3MDZjZjJhZDdj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:53 GMT]}] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : StatusCode [405] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Time [719] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Size [163] 2019-03-20 10:41:53 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : URL [http://13.56.210.25/api/v1/issue-trackers/issue-tracker-bot/] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Method [DELETE] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Request [null] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Response [{ "timestamp" : "2019-03-20T10:41:54.243+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/issue-trackers/issue-tracker-bot/" }] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Response-Headers [{Allow=[POST, GET, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTViM2JiMzMtNDE0YS00YTNmLTgzZTktMGJkYjg4YjExMDA2; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:53 GMT]}] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : StatusCode [405] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Time [662] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Size [187] 2019-03-20 10:41:54 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : URL [http://13.56.210.25/api/v1/skills/] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Method [DELETE] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Request [null] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Response [{ "timestamp" : "2019-03-20T10:41:54.699+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/skills/" }] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Response-Headers [{Allow=[GET, POST, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjU5YmJkMTAtZTBkNi00NTRmLWFmM2ItNTk5M2Y1NmFmYmEw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:54 GMT]}] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : StatusCode [405] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Time [455] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Size [161] 2019-03-20 10:41:54 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : URL [http://13.56.210.25/api/v1/accounts/] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Method [DELETE] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request [null] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response [{ "timestamp" : "2019-03-20T10:41:55.250+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/accounts/" }] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YTlkYjUyYWItMWM3Ny00NzdmLTllOGUtMTg2ODUyY2VmOWRm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:54 GMT]}] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : StatusCode [405] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Time [550] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Size [163] 2019-03-20 10:41:55 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : URL [http://13.56.210.25/api/v1/orgs/] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Method [DELETE] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request [null] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response [{ "timestamp" : "2019-03-20T10:41:55.773+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MWQ1NzllYTgtYTZkMC00MDY2LWFlNzgtZTY3ODA2NWIwZjA5; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:55 GMT]}] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : StatusCode [405] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Time [523] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Size [159] 2019-03-20 10:41:55 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]--- FX Bot ---