Open asriz7777 opened 5 years ago
Project : FXABAC TEST
Template : ApiV1DataSetsPutDatasetuserbDisallowHijack1
Run Id : 8a808011699a990101699ab3901a2277
Job : Default
Env : Default
Category : Hijack_Level1
Tags : [FX Top 10 - API Vulnerability, Data_Access_Control]
Severity : Major
Region : FXLabs/US_WEST_1
Result : fail
Status Code : 400
Headers : {X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NjI0ZTE5MzYtNDg2MS00MzMwLThmYTItNDVkOTg2OTg3YzQ4; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:47 GMT]}
Endpoint : http://13.56.210.25/api/v1/data-sets
Request :
{
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "BrH8TbrX",
"project" : "",
"props" : null,
"version" : ""
}
Response :
{
"timestamp" : "2019-03-20T10:44:48.505+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])",
"path" : "/api/v1/data-sets"
}
Logs :
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/orgs]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : Request [{
"billingEmail" : "JLl2tYSO",
"company" : "Mohr Group",
"createdBy" : "",
"createdDate" : "",
"description" : "JLl2tYSO",
"id" : "",
"inactive" : false,
"location" : "JLl2tYSO",
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "JLl2tYSO",
"orgPlan" : "TEAM",
"orgType" : "ENTERPRISE",
"version" : ""
}]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:42.099+0000",
"status" : 403,
"error" : "Forbidden",
"message" : "Forbidden",
"path" : "/api/v1/orgs"
}]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjM4NmE3YzEtYTA4Ni00MTMwLTg2NzMtMjBmNWFmM2RjOTU1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:41 GMT]}]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : StatusCode [403]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : Time [758]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1] : Size [121]
2019-03-20 10:44:42 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [403 == 200 OR 403 == 201] result [Failed]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjM4NmE3YzEtYTA4Ni00MTMwLTg2NzMtMjBmNWFmM2RjOTU1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:41 GMT]}]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjM4NmE3YzEtYTA4Ni00MTMwLTg2NzMtMjBmNWFmM2RjOTU1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:41 GMT]}]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjM4NmE3YzEtYTA4Ni00MTMwLTg2NzMtMjBmNWFmM2RjOTU1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:41 GMT]}]
2019-03-20 10:44:42 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjM4NmE3YzEtYTA4Ni00MTMwLTg2NzMtMjBmNWFmM2RjOTU1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:41 GMT]}]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/accounts]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : Request [{
"accessKey" : "LHbX84qC",
"accountType" : "GitLab",
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "LHbX84qC",
"org" : "",
"prop1" : "LHbX84qC",
"prop2" : "LHbX84qC",
"prop3" : "LHbX84qC",
"region" : "LHbX84qC",
"secretKey" : "LHbX84qC",
"version" : ""
}]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:42.994+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 11, column: 11] (through reference chain: com.fxlabs.fxt.dto.clusters.Account[\"org\"])",
"path" : "/api/v1/accounts"
}]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODExMzkwYjItYzhjNC00MjZlLWIxZWItYzA3MjRkOWE2ZjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:42 GMT]}]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : Time [894]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1] : Size [722]
2019-03-20 10:44:43 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODExMzkwYjItYzhjNC00MjZlLWIxZWItYzA3MjRkOWE2ZjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:42 GMT]}]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODExMzkwYjItYzhjNC00MjZlLWIxZWItYzA3MjRkOWE2ZjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:42 GMT]}]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODExMzkwYjItYzhjNC00MjZlLWIxZWItYzA3MjRkOWE2ZjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:42 GMT]}]
2019-03-20 10:44:43 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODExMzkwYjItYzhjNC00MjZlLWIxZWItYzA3MjRkOWE2ZjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:42 GMT]}]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/skills]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : Request [{
"accessKey" : "0wVXLQhe",
"createdBy" : "",
"createdDate" : "",
"description" : "0wVXLQhe",
"host" : "0wVXLQhe",
"id" : "",
"inactive" : false,
"key" : "0wVXLQhe",
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "0wVXLQhe",
"org" : "",
"prop1" : "0wVXLQhe",
"prop2" : "0wVXLQhe",
"prop3" : "0wVXLQhe",
"prop4" : "0wVXLQhe",
"prop5" : "0wVXLQhe",
"secretKey" : "0wVXLQhe",
"skillType" : "BOT_DEPLOYMENT",
"version" : ""
}]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:43.773+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 13, column: 11] (through reference chain: com.fxlabs.fxt.dto.skills.Skill[\"org\"])",
"path" : "/api/v1/skills"
}]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTc1MTY4NTUtNzQ4OS00MTE3LTg5YzctMDg5Y2IyNDBlZmJk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:43 GMT]}]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : Time [777]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1] : Size [716]
2019-03-20 10:44:43 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTc1MTY4NTUtNzQ4OS00MTE3LTg5YzctMDg5Y2IyNDBlZmJk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:43 GMT]}]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTc1MTY4NTUtNzQ4OS00MTE3LTg5YzctMDg5Y2IyNDBlZmJk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:43 GMT]}]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTc1MTY4NTUtNzQ4OS00MTE3LTg5YzctMDg5Y2IyNDBlZmJk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:43 GMT]}]
2019-03-20 10:44:43 DEBUG [SkillCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTc1MTY4NTUtNzQ4OS00MTE3LTg5YzctMDg5Y2IyNDBlZmJk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:43 GMT]}]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/issue-trackers/issue-tracker-bot]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : Request [{
"account" : "",
"createdBy" : "",
"createdDate" : "",
"description" : "wGpUm1MA",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "wGpUm1MA",
"org" : "",
"prop1" : "wGpUm1MA",
"prop2" : "wGpUm1MA",
"prop3" : "wGpUm1MA",
"prop4" : "wGpUm1MA",
"prop5" : "wGpUm1MA",
"skill" : "",
"state" : "INACTIVE",
"version" : "",
"visibility" : "ORG_PUBLIC"
}]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:44.520+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.it.IssueTracker[\"account\"])",
"path" : "/api/v1/issue-trackers/issue-tracker-bot"
}]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTBmMTI1ZGEtNWZjNC00MzBlLTliMzItN2FkYTM1ZjkwMTcz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : Time [757]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1] : Size [768]
2019-03-20 10:44:44 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTBmMTI1ZGEtNWZjNC00MzBlLTliMzItN2FkYTM1ZjkwMTcz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTBmMTI1ZGEtNWZjNC00MzBlLTliMzItN2FkYTM1ZjkwMTcz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTBmMTI1ZGEtNWZjNC00MzBlLTliMzItN2FkYTM1ZjkwMTcz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:44 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTBmMTI1ZGEtNWZjNC00MzBlLTliMzItN2FkYTM1ZjkwMTcz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/projects]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : Request [{
"account" : "",
"autoGenSuites" : "1208576592",
"branch" : "K69Jvp59",
"bugsOpen" : "1208576592",
"createdBy" : "",
"createdDate" : "",
"description" : "K69Jvp59",
"genPolicy" : "Create",
"id" : "",
"inactive" : false,
"isFileLoad" : "K69Jvp59",
"issueTracker" : "",
"lastCommit" : "K69Jvp59",
"lastSync" : null,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "K69Jvp59",
"openAPISpec" : "K69Jvp59",
"openText" : "K69Jvp59",
"org" : "",
"props" : null,
"url" : "K69Jvp59",
"version" : ""
}]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:45.408+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.Project[\"account\"])",
"path" : "/api/v1/projects"
}]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZGJjMTg0NjUtYjZkZC00OWFmLTk2Y2MtMjBjMTg2ZmUyMjJl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : Time [875]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1] : Size [744]
2019-03-20 10:44:45 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZGJjMTg0NjUtYjZkZC00OWFmLTk2Y2MtMjBjMTg2ZmUyMjJl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZGJjMTg0NjUtYjZkZC00OWFmLTk2Y2MtMjBjMTg2ZmUyMjJl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZGJjMTg0NjUtYjZkZC00OWFmLTk2Y2MtMjBjMTg2ZmUyMjJl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:45 DEBUG [ProjectCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZGJjMTg0NjUtYjZkZC00OWFmLTk2Y2MtMjBjMTg2ZmUyMjJl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:44 GMT]}]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/data-sets]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : Request [{
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "2IpFk5BS",
"project" : "",
"props" : null,
"version" : ""
}]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:46.412+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])",
"path" : "/api/v1/data-sets"
}]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODZmYTRhMTItODRjOS00YzQxLTg2NjctNWI5ZDY2ZDIyMWJj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:45 GMT]}]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : Time [1002]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1] : Size [745]
2019-03-20 10:44:46 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODZmYTRhMTItODRjOS00YzQxLTg2NjctNWI5ZDY2ZDIyMWJj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:45 GMT]}]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODZmYTRhMTItODRjOS00YzQxLTg2NjctNWI5ZDY2ZDIyMWJj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:45 GMT]}]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODZmYTRhMTItODRjOS00YzQxLTg2NjctNWI5ZDY2ZDIyMWJj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:45 GMT]}]
2019-03-20 10:44:46 DEBUG [DataSetCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODZmYTRhMTItODRjOS00YzQxLTg2NjctNWI5ZDY2ZDIyMWJj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:45 GMT]}]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : URL [http://13.56.210.25/api/v1/projects]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : Method [POST]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : Request [{
"account" : "",
"autoGenSuites" : "1207797453",
"branch" : "Z0yBXanW",
"bugsOpen" : "1207797453",
"createdBy" : "",
"createdDate" : "",
"description" : "Z0yBXanW",
"genPolicy" : "Create",
"id" : "",
"inactive" : false,
"isFileLoad" : "Z0yBXanW",
"issueTracker" : "",
"lastCommit" : "Z0yBXanW",
"lastSync" : null,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "Z0yBXanW",
"openAPISpec" : "Z0yBXanW",
"openText" : "Z0yBXanW",
"org" : "",
"props" : null,
"url" : "Z0yBXanW",
"version" : ""
}]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:47.438+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.Project[\"account\"])",
"path" : "/api/v1/projects"
}]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YjZlZmMxNWYtZjUwMi00ZjBlLWEyZTMtOGQ0YTQ1ZDUwYzM0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:46 GMT]}]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : StatusCode [400]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : Time [1024]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1] : Size [744]
2019-03-20 10:44:47 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YjZlZmMxNWYtZjUwMi00ZjBlLWEyZTMtOGQ0YTQ1ZDUwYzM0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:46 GMT]}]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YjZlZmMxNWYtZjUwMi00ZjBlLWEyZTMtOGQ0YTQ1ZDUwYzM0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:46 GMT]}]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YjZlZmMxNWYtZjUwMi00ZjBlLWEyZTMtOGQ0YTQ1ZDUwYzM0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:46 GMT]}]
2019-03-20 10:44:47 DEBUG [ProjectCreateUserAInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YjZlZmMxNWYtZjUwMi00ZjBlLWEyZTMtOGQ0YTQ1ZDUwYzM0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:46 GMT]}]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : URL [http://13.56.210.25/api/v1/data-sets]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Method [PUT]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Request [{
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "BrH8TbrX",
"project" : "",
"props" : null,
"version" : ""
}]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Response [{
"timestamp" : "2019-03-20T10:44:48.505+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])",
"path" : "/api/v1/data-sets"
}]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NjI0ZTE5MzYtNDg2MS00MzMwLThmYTItNDVkOTg2OTg3YzQ4; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:47 GMT]}]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : StatusCode [400]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Time [1069]
2019-03-20 10:44:48 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Size [745]
2019-03-20 10:44:48 ERROR [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [400 == 401 OR 400 == 403] result [Failed]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : URL [http://13.56.210.25/api/v1/data-sets/]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Method [DELETE]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Request [null]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Response [{
"timestamp" : "2019-03-20T10:44:49.542+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/data-sets/"
}]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Response-Headers [{Allow=[GET, PUT, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YjA3NzVjZGYtY2E1Ny00ODBkLTg5MzQtZGYyYjM3YTVkNWEx; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:48 GMT]}]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : StatusCode [405]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Time [1032]
2019-03-20 10:44:49 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Size [164]
2019-03-20 10:44:49 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : URL [http://13.56.210.25/api/v1/projects/]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Method [DELETE]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Request [null]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Response [{
"timestamp" : "2019-03-20T10:44:50.496+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/projects/"
}]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Response-Headers [{Allow=[GET, POST, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NDQxOGQ0NmQtYzA4Zi00YWQ1LWFiMzgtNDAyZjgxYWU2OWRh; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:49 GMT]}]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : StatusCode [405]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Time [1046]
2019-03-20 10:44:50 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Size [163]
2019-03-20 10:44:50 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : URL [http://13.56.210.25/api/v1/issue-trackers/issue-tracker-bot/]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Method [DELETE]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Request [null]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Response [{
"timestamp" : "2019-03-20T10:44:51.673+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/issue-trackers/issue-tracker-bot/"
}]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Response-Headers [{Allow=[POST, GET, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MTZmYjYwMjctZWIyZi00YzQ2LWFjNWMtZjliNDQ1N2FkYmY5; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:51 GMT]}]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : StatusCode [405]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Time [1079]
2019-03-20 10:44:51 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Size [187]
2019-03-20 10:44:51 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : URL [http://13.56.210.25/api/v1/skills/]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Method [DELETE]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Request [null]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Response [{
"timestamp" : "2019-03-20T10:44:52.359+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/skills/"
}]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Response-Headers [{Allow=[GET, POST, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGJiNmY0ZjQtMGMxZi00MTliLThiZDItMDIyOGRiMDA2MDE2; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:51 GMT]}]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : StatusCode [405]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Time [684]
2019-03-20 10:44:52 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Size [161]
2019-03-20 10:44:52 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : URL [http://13.56.210.25/api/v1/accounts/]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Method [DELETE]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request [null]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response [{
"timestamp" : "2019-03-20T10:44:53.535+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/accounts/"
}]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzJlNWY1OTktNjM2Yi00ZTYxLWExYzEtYjIyNzQ5ZmY3Zjdk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:52 GMT]}]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : StatusCode [405]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Time [1175]
2019-03-20 10:44:53 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Size [163]
2019-03-20 10:44:53 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : URL [http://13.56.210.25/api/v1/orgs/]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Method [DELETE]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request [null]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response [{
"timestamp" : "2019-03-20T10:44:54.885+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/orgs/"
}]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGFkNGM4YTItOTQ2Mi00ODE1LWExZGItOWFlMDY1OGYwZTkw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:44:54 GMT]}]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : StatusCode [405]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Time [1349]
2019-03-20 10:44:54 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Size [159]
2019-03-20 10:44:54 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
--- FX Bot ---
Project : FXABAC TEST
Template : ApiV1DataSetsPutDatasetuserbDisallowHijack1
Run Id : 8a808011699a990101699ab3901a2277
Job : Default
Env : Default
Category : Hijack_Level1
Tags : [FX Top 10 - API Vulnerability, Data_Access_Control]
Severity : Major
Region : FXLabs/US_WEST_1
Result : fail
Status Code : 400
Headers : {X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Yjg0MmIxMzQtYTY4Mi00ODdlLWFlNGYtZmQ5MDBkZWEzMmY1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:39 GMT]}
Endpoint : http://13.56.210.25/api/v1/data-sets
Request :
{
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "0Vonpnq7",
"project" : "",
"props" : null,
"version" : ""
}
Response :
{
"timestamp" : "2019-03-20T10:45:39.513+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])",
"path" : "/api/v1/data-sets"
}
Logs :
2019-03-20 10:45:30 DEBUG [OrgCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/orgs]
2019-03-20 10:45:30 DEBUG [OrgCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:45:30 DEBUG [OrgCreateUserBInitHijack1] : Request [{
"billingEmail" : "K0Lu8htt",
"company" : "Gleichner, Gleichner and Gleichner",
"createdBy" : "",
"createdDate" : "",
"description" : "K0Lu8htt",
"id" : "",
"inactive" : false,
"location" : "K0Lu8htt",
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "K0Lu8htt",
"orgPlan" : "TEAM",
"orgType" : "ENTERPRISE",
"version" : ""
}]
2019-03-20 10:45:30 DEBUG [OrgCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:45:30 DEBUG [OrgCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:45:30.458+0000",
"status" : 403,
"error" : "Forbidden",
"message" : "Forbidden",
"path" : "/api/v1/orgs"
}]
2019-03-20 10:45:30 DEBUG [OrgCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjdhOWI5YzYtNDYzZi00M2MzLThhYzUtMGIzMWJiNmI4ZGQ0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:30 GMT]}]
2019-03-20 10:45:30 DEBUG [OrgCreateUserBInitHijack1] : StatusCode [403]
2019-03-20 10:45:30 DEBUG [OrgCreateUserBInitHijack1] : Time [1042]
2019-03-20 10:45:30 DEBUG [OrgCreateUserBInitHijack1] : Size [121]
2019-03-20 10:45:30 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [403 == 200 OR 403 == 201] result [Failed]
2019-03-20 10:45:30 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjdhOWI5YzYtNDYzZi00M2MzLThhYzUtMGIzMWJiNmI4ZGQ0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:30 GMT]}]
2019-03-20 10:45:30 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjdhOWI5YzYtNDYzZi00M2MzLThhYzUtMGIzMWJiNmI4ZGQ0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:30 GMT]}]
2019-03-20 10:45:30 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjdhOWI5YzYtNDYzZi00M2MzLThhYzUtMGIzMWJiNmI4ZGQ0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:30 GMT]}]
2019-03-20 10:45:30 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjdhOWI5YzYtNDYzZi00M2MzLThhYzUtMGIzMWJiNmI4ZGQ0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:30 GMT]}]
2019-03-20 10:45:31 DEBUG [AccountCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/accounts]
2019-03-20 10:45:31 DEBUG [AccountCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:45:31 DEBUG [AccountCreateUserBInitHijack1] : Request [{
"accessKey" : "BYNcCRYA",
"accountType" : "GitLab",
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "BYNcCRYA",
"org" : "",
"prop1" : "BYNcCRYA",
"prop2" : "BYNcCRYA",
"prop3" : "BYNcCRYA",
"region" : "BYNcCRYA",
"secretKey" : "BYNcCRYA",
"version" : ""
}]
2019-03-20 10:45:31 DEBUG [AccountCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:45:31 DEBUG [AccountCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:45:31.507+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 11, column: 11] (through reference chain: com.fxlabs.fxt.dto.clusters.Account[\"org\"])",
"path" : "/api/v1/accounts"
}]
2019-03-20 10:45:31 DEBUG [AccountCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODc5YzAzNTQtMTBjYi00ZjNmLWJiNzEtYjczMjgxNGZmMGE3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:31 GMT]}]
2019-03-20 10:45:31 DEBUG [AccountCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:45:31 DEBUG [AccountCreateUserBInitHijack1] : Time [1049]
2019-03-20 10:45:31 DEBUG [AccountCreateUserBInitHijack1] : Size [722]
2019-03-20 10:45:31 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:45:31 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODc5YzAzNTQtMTBjYi00ZjNmLWJiNzEtYjczMjgxNGZmMGE3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:31 GMT]}]
2019-03-20 10:45:31 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODc5YzAzNTQtMTBjYi00ZjNmLWJiNzEtYjczMjgxNGZmMGE3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:31 GMT]}]
2019-03-20 10:45:31 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODc5YzAzNTQtMTBjYi00ZjNmLWJiNzEtYjczMjgxNGZmMGE3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:31 GMT]}]
2019-03-20 10:45:31 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODc5YzAzNTQtMTBjYi00ZjNmLWJiNzEtYjczMjgxNGZmMGE3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:31 GMT]}]
2019-03-20 10:45:32 DEBUG [SkillCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/skills]
2019-03-20 10:45:32 DEBUG [SkillCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:45:32 DEBUG [SkillCreateUserBInitHijack1] : Request [{
"accessKey" : "bW4u3drF",
"createdBy" : "",
"createdDate" : "",
"description" : "bW4u3drF",
"host" : "bW4u3drF",
"id" : "",
"inactive" : false,
"key" : "bW4u3drF",
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "bW4u3drF",
"org" : "",
"prop1" : "bW4u3drF",
"prop2" : "bW4u3drF",
"prop3" : "bW4u3drF",
"prop4" : "bW4u3drF",
"prop5" : "bW4u3drF",
"secretKey" : "bW4u3drF",
"skillType" : "BOT_DEPLOYMENT",
"version" : ""
}]
2019-03-20 10:45:32 DEBUG [SkillCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:45:32 DEBUG [SkillCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:45:32.630+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 13, column: 11] (through reference chain: com.fxlabs.fxt.dto.skills.Skill[\"org\"])",
"path" : "/api/v1/skills"
}]
2019-03-20 10:45:32 DEBUG [SkillCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmQwOGRiNWMtNzA3ZC00ZTM4LThhOWItMDQzNDE1N2JlZDlm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:32 GMT]}]
2019-03-20 10:45:32 DEBUG [SkillCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:45:32 DEBUG [SkillCreateUserBInitHijack1] : Time [1120]
2019-03-20 10:45:32 DEBUG [SkillCreateUserBInitHijack1] : Size [716]
2019-03-20 10:45:32 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:45:32 DEBUG [SkillCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmQwOGRiNWMtNzA3ZC00ZTM4LThhOWItMDQzNDE1N2JlZDlm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:32 GMT]}]
2019-03-20 10:45:32 DEBUG [SkillCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmQwOGRiNWMtNzA3ZC00ZTM4LThhOWItMDQzNDE1N2JlZDlm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:32 GMT]}]
2019-03-20 10:45:32 DEBUG [SkillCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmQwOGRiNWMtNzA3ZC00ZTM4LThhOWItMDQzNDE1N2JlZDlm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:32 GMT]}]
2019-03-20 10:45:32 DEBUG [SkillCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmQwOGRiNWMtNzA3ZC00ZTM4LThhOWItMDQzNDE1N2JlZDlm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:32 GMT]}]
2019-03-20 10:45:33 DEBUG [IssueTrackerCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/issue-trackers/issue-tracker-bot]
2019-03-20 10:45:33 DEBUG [IssueTrackerCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:45:33 DEBUG [IssueTrackerCreateUserBInitHijack1] : Request [{
"account" : "",
"createdBy" : "",
"createdDate" : "",
"description" : "1NU4JmO1",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "1NU4JmO1",
"org" : "",
"prop1" : "1NU4JmO1",
"prop2" : "1NU4JmO1",
"prop3" : "1NU4JmO1",
"prop4" : "1NU4JmO1",
"prop5" : "1NU4JmO1",
"skill" : "",
"state" : "INACTIVE",
"version" : "",
"visibility" : "ORG_PUBLIC"
}]
2019-03-20 10:45:33 DEBUG [IssueTrackerCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:45:33 DEBUG [IssueTrackerCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:45:33.826+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.it.IssueTracker[\"account\"])",
"path" : "/api/v1/issue-trackers/issue-tracker-bot"
}]
2019-03-20 10:45:33 DEBUG [IssueTrackerCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2IyY2UwNjktMDgzMS00MGIzLWE2NTYtOWM5YzJlMTVjOGEz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:33 GMT]}]
2019-03-20 10:45:33 DEBUG [IssueTrackerCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:45:33 DEBUG [IssueTrackerCreateUserBInitHijack1] : Time [1194]
2019-03-20 10:45:33 DEBUG [IssueTrackerCreateUserBInitHijack1] : Size [768]
2019-03-20 10:45:33 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:45:33 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2IyY2UwNjktMDgzMS00MGIzLWE2NTYtOWM5YzJlMTVjOGEz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:33 GMT]}]
2019-03-20 10:45:33 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2IyY2UwNjktMDgzMS00MGIzLWE2NTYtOWM5YzJlMTVjOGEz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:33 GMT]}]
2019-03-20 10:45:33 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2IyY2UwNjktMDgzMS00MGIzLWE2NTYtOWM5YzJlMTVjOGEz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:33 GMT]}]
2019-03-20 10:45:33 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2IyY2UwNjktMDgzMS00MGIzLWE2NTYtOWM5YzJlMTVjOGEz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:33 GMT]}]
2019-03-20 10:45:35 DEBUG [ProjectCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/projects]
2019-03-20 10:45:35 DEBUG [ProjectCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:45:35 DEBUG [ProjectCreateUserBInitHijack1] : Request [{
"account" : "",
"autoGenSuites" : "1742636955",
"branch" : "IIrtPakn",
"bugsOpen" : "1742636955",
"createdBy" : "",
"createdDate" : "",
"description" : "IIrtPakn",
"genPolicy" : "Create",
"id" : "",
"inactive" : false,
"isFileLoad" : "IIrtPakn",
"issueTracker" : "",
"lastCommit" : "IIrtPakn",
"lastSync" : null,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "IIrtPakn",
"openAPISpec" : "IIrtPakn",
"openText" : "IIrtPakn",
"org" : "",
"props" : null,
"url" : "IIrtPakn",
"version" : ""
}]
2019-03-20 10:45:35 DEBUG [ProjectCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:45:35 DEBUG [ProjectCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:45:35.182+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.Project[\"account\"])",
"path" : "/api/v1/projects"
}]
2019-03-20 10:45:35 DEBUG [ProjectCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MDhlNDM2ZjktZTA5OC00OTdhLWI1MzctNTQ3NjE1NTE2Yzk4; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:34 GMT]}]
2019-03-20 10:45:35 DEBUG [ProjectCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:45:35 DEBUG [ProjectCreateUserBInitHijack1] : Time [1355]
2019-03-20 10:45:35 DEBUG [ProjectCreateUserBInitHijack1] : Size [744]
2019-03-20 10:45:35 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:45:35 DEBUG [ProjectCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MDhlNDM2ZjktZTA5OC00OTdhLWI1MzctNTQ3NjE1NTE2Yzk4; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:34 GMT]}]
2019-03-20 10:45:35 DEBUG [ProjectCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MDhlNDM2ZjktZTA5OC00OTdhLWI1MzctNTQ3NjE1NTE2Yzk4; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:34 GMT]}]
2019-03-20 10:45:35 DEBUG [ProjectCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MDhlNDM2ZjktZTA5OC00OTdhLWI1MzctNTQ3NjE1NTE2Yzk4; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:34 GMT]}]
2019-03-20 10:45:35 DEBUG [ProjectCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MDhlNDM2ZjktZTA5OC00OTdhLWI1MzctNTQ3NjE1NTE2Yzk4; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:34 GMT]}]
2019-03-20 10:45:36 DEBUG [DataSetCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/data-sets]
2019-03-20 10:45:36 DEBUG [DataSetCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:45:36 DEBUG [DataSetCreateUserBInitHijack1] : Request [{
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "17rap373",
"project" : "",
"props" : null,
"version" : ""
}]
2019-03-20 10:45:36 DEBUG [DataSetCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:45:36 DEBUG [DataSetCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:45:36.654+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])",
"path" : "/api/v1/data-sets"
}]
2019-03-20 10:45:36 DEBUG [DataSetCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NTM3MGMzZDYtNjhmZC00ZjAzLTgxYzAtN2JhZjAyOGE4Nzc0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:36 GMT]}]
2019-03-20 10:45:36 DEBUG [DataSetCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:45:36 DEBUG [DataSetCreateUserBInitHijack1] : Time [1469]
2019-03-20 10:45:36 DEBUG [DataSetCreateUserBInitHijack1] : Size [745]
2019-03-20 10:45:36 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:45:36 DEBUG [DataSetCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NTM3MGMzZDYtNjhmZC00ZjAzLTgxYzAtN2JhZjAyOGE4Nzc0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:36 GMT]}]
2019-03-20 10:45:36 DEBUG [DataSetCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NTM3MGMzZDYtNjhmZC00ZjAzLTgxYzAtN2JhZjAyOGE4Nzc0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:36 GMT]}]
2019-03-20 10:45:36 DEBUG [DataSetCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NTM3MGMzZDYtNjhmZC00ZjAzLTgxYzAtN2JhZjAyOGE4Nzc0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:36 GMT]}]
2019-03-20 10:45:36 DEBUG [DataSetCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NTM3MGMzZDYtNjhmZC00ZjAzLTgxYzAtN2JhZjAyOGE4Nzc0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:36 GMT]}]
2019-03-20 10:45:38 DEBUG [ProjectCreateUserAInitHijack1] : URL [http://13.56.210.25/api/v1/projects]
2019-03-20 10:45:38 DEBUG [ProjectCreateUserAInitHijack1] : Method [POST]
2019-03-20 10:45:38 DEBUG [ProjectCreateUserAInitHijack1] : Request [{
"account" : "",
"autoGenSuites" : "607167116",
"branch" : "gnAwMLr3",
"bugsOpen" : "607167116",
"createdBy" : "",
"createdDate" : "",
"description" : "gnAwMLr3",
"genPolicy" : "Create",
"id" : "",
"inactive" : false,
"isFileLoad" : "gnAwMLr3",
"issueTracker" : "",
"lastCommit" : "gnAwMLr3",
"lastSync" : null,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "gnAwMLr3",
"openAPISpec" : "gnAwMLr3",
"openText" : "gnAwMLr3",
"org" : "",
"props" : null,
"url" : "gnAwMLr3",
"version" : ""
}]
2019-03-20 10:45:38 DEBUG [ProjectCreateUserAInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:45:38 DEBUG [ProjectCreateUserAInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:45:38.107+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.Project[\"account\"])",
"path" : "/api/v1/projects"
}]
2019-03-20 10:45:38 DEBUG [ProjectCreateUserAInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YWJhMTBmOWMtMWMxZi00ZTlmLWJjZjktYWQ0MGU0MTFkNzNm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:37 GMT]}]
2019-03-20 10:45:38 DEBUG [ProjectCreateUserAInitHijack1] : StatusCode [400]
2019-03-20 10:45:38 DEBUG [ProjectCreateUserAInitHijack1] : Time [1451]
2019-03-20 10:45:38 DEBUG [ProjectCreateUserAInitHijack1] : Size [744]
2019-03-20 10:45:38 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:45:38 DEBUG [ProjectCreateUserAInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YWJhMTBmOWMtMWMxZi00ZTlmLWJjZjktYWQ0MGU0MTFkNzNm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:37 GMT]}]
2019-03-20 10:45:38 DEBUG [ProjectCreateUserAInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YWJhMTBmOWMtMWMxZi00ZTlmLWJjZjktYWQ0MGU0MTFkNzNm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:37 GMT]}]
2019-03-20 10:45:38 DEBUG [ProjectCreateUserAInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YWJhMTBmOWMtMWMxZi00ZTlmLWJjZjktYWQ0MGU0MTFkNzNm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:37 GMT]}]
2019-03-20 10:45:38 DEBUG [ProjectCreateUserAInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YWJhMTBmOWMtMWMxZi00ZTlmLWJjZjktYWQ0MGU0MTFkNzNm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:37 GMT]}]
2019-03-20 10:45:39 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : URL [http://13.56.210.25/api/v1/data-sets]
2019-03-20 10:45:39 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Method [PUT]
2019-03-20 10:45:39 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Request [{
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "0Vonpnq7",
"project" : "",
"props" : null,
"version" : ""
}]
2019-03-20 10:45:39 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:45:39 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Response [{
"timestamp" : "2019-03-20T10:45:39.513+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])",
"path" : "/api/v1/data-sets"
}]
2019-03-20 10:45:39 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Yjg0MmIxMzQtYTY4Mi00ODdlLWFlNGYtZmQ5MDBkZWEzMmY1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:39 GMT]}]
2019-03-20 10:45:39 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : StatusCode [400]
2019-03-20 10:45:39 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Time [1402]
2019-03-20 10:45:39 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Size [745]
2019-03-20 10:45:39 ERROR [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [400 == 401 OR 400 == 403] result [Failed]
2019-03-20 10:45:41 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : URL [http://13.56.210.25/api/v1/data-sets/]
2019-03-20 10:45:41 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Method [DELETE]
2019-03-20 10:45:41 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Request [null]
2019-03-20 10:45:41 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:45:41 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Response [{
"timestamp" : "2019-03-20T10:45:40.980+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/data-sets/"
}]
2019-03-20 10:45:41 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Response-Headers [{Allow=[GET, PUT, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NTdjNmFkYmYtZGZmZi00NGQ0LWE2YTAtOGNkZjViNzZlMDk0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:40 GMT]}]
2019-03-20 10:45:41 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : StatusCode [405]
2019-03-20 10:45:41 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Time [1464]
2019-03-20 10:45:41 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Size [164]
2019-03-20 10:45:41 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:45:42 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : URL [http://13.56.210.25/api/v1/projects/]
2019-03-20 10:45:42 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Method [DELETE]
2019-03-20 10:45:42 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Request [null]
2019-03-20 10:45:42 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:45:42 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Response [{
"timestamp" : "2019-03-20T10:45:42.058+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/projects/"
}]
2019-03-20 10:45:42 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Response-Headers [{Allow=[GET, POST, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZTNjZDYzNjktYTdjNi00YTQyLWFhZGMtM2NlNmVhMGY5OThm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:41 GMT]}]
2019-03-20 10:45:42 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : StatusCode [405]
2019-03-20 10:45:42 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Time [1077]
2019-03-20 10:45:42 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Size [163]
2019-03-20 10:45:42 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:45:43 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : URL [http://13.56.210.25/api/v1/issue-trackers/issue-tracker-bot/]
2019-03-20 10:45:43 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Method [DELETE]
2019-03-20 10:45:43 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Request [null]
2019-03-20 10:45:43 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:45:43 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Response [{
"timestamp" : "2019-03-20T10:45:43.652+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/issue-trackers/issue-tracker-bot/"
}]
2019-03-20 10:45:43 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Response-Headers [{Allow=[POST, GET, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmNiZWM5MjQtOWU0OS00ZmJmLTliNmYtMzU2NGU1N2JhMGYz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:43 GMT]}]
2019-03-20 10:45:43 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : StatusCode [405]
2019-03-20 10:45:43 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Time [1593]
2019-03-20 10:45:43 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Size [187]
2019-03-20 10:45:43 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:45:44 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : URL [http://13.56.210.25/api/v1/skills/]
2019-03-20 10:45:44 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Method [DELETE]
2019-03-20 10:45:44 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Request [null]
2019-03-20 10:45:44 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:45:44 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Response [{
"timestamp" : "2019-03-20T10:45:44.873+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/skills/"
}]
2019-03-20 10:45:44 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Response-Headers [{Allow=[GET, POST, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZWE2Y2I1ODgtYjViMS00ZjEwLTkxMGItM2U2MDk1OTJjZTNm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:44 GMT]}]
2019-03-20 10:45:44 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : StatusCode [405]
2019-03-20 10:45:44 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Time [1221]
2019-03-20 10:45:44 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Size [161]
2019-03-20 10:45:44 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:45:46 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : URL [http://13.56.210.25/api/v1/accounts/]
2019-03-20 10:45:46 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Method [DELETE]
2019-03-20 10:45:46 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request [null]
2019-03-20 10:45:46 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:45:46 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response [{
"timestamp" : "2019-03-20T10:45:46.713+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/accounts/"
}]
2019-03-20 10:45:46 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NWIxZjkzZjktNDZlZi00MjI4LThjZWItNjBkMGVjZDE2MWM4; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:46 GMT]}]
2019-03-20 10:45:46 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : StatusCode [405]
2019-03-20 10:45:46 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Time [1846]
2019-03-20 10:45:46 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Size [163]
2019-03-20 10:45:46 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:45:48 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : URL [http://13.56.210.25/api/v1/orgs/]
2019-03-20 10:45:48 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Method [DELETE]
2019-03-20 10:45:48 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request [null]
2019-03-20 10:45:48 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:45:48 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response [{
"timestamp" : "2019-03-20T10:45:48.476+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/orgs/"
}]
2019-03-20 10:45:48 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NjgxYzQwYmEtMDdhMC00ZmI2LTg2M2UtZDk5MWQ5YjM0OTBm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:45:47 GMT]}]
2019-03-20 10:45:48 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : StatusCode [405]
2019-03-20 10:45:48 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Time [1756]
2019-03-20 10:45:48 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Size [159]
2019-03-20 10:45:48 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
--- FX Bot ---
Project : FXABAC TEST
Template : ApiV1DataSetsPutDatasetuserbDisallowHijack1
Run Id : 8a808011699a990101699ab3901a2277
Job : Default
Env : Default
Category : Hijack_Level1
Tags : [FX Top 10 - API Vulnerability, Data_Access_Control]
Severity : Major
Region : FXLabs/US_WEST_1
Result : fail
Status Code : 400
Headers : {X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODVkNjkyZjctOWU0OC00NDQyLTk1YTgtMDU4ZDNiZTZkNjQy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:47:00 GMT]}
Endpoint : http://13.56.210.25/api/v1/data-sets
Request :
{
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "To3iNx4F",
"project" : "",
"props" : null,
"version" : ""
}
Response :
{
"timestamp" : "2019-03-20T10:47:01.066+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])",
"path" : "/api/v1/data-sets"
}
Logs :
2019-03-20 10:46:50 DEBUG [OrgCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/orgs]
2019-03-20 10:46:50 DEBUG [OrgCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:46:50 DEBUG [OrgCreateUserBInitHijack1] : Request [{
"billingEmail" : "sR9OId2D",
"company" : "Doyle Group",
"createdBy" : "",
"createdDate" : "",
"description" : "sR9OId2D",
"id" : "",
"inactive" : false,
"location" : "sR9OId2D",
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "sR9OId2D",
"orgPlan" : "TEAM",
"orgType" : "ENTERPRISE",
"version" : ""
}]
2019-03-20 10:46:50 DEBUG [OrgCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:46:50 DEBUG [OrgCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:46:50.051+0000",
"status" : 403,
"error" : "Forbidden",
"message" : "Forbidden",
"path" : "/api/v1/orgs"
}]
2019-03-20 10:46:50 DEBUG [OrgCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzdiNTRiNjItNjNjNi00ODkwLWFhMmQtZTM2NmYzZjZkODlj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:50 GMT]}]
2019-03-20 10:46:50 DEBUG [OrgCreateUserBInitHijack1] : StatusCode [403]
2019-03-20 10:46:50 DEBUG [OrgCreateUserBInitHijack1] : Time [1626]
2019-03-20 10:46:50 DEBUG [OrgCreateUserBInitHijack1] : Size [121]
2019-03-20 10:46:50 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [403 == 200 OR 403 == 201] result [Failed]
2019-03-20 10:46:50 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzdiNTRiNjItNjNjNi00ODkwLWFhMmQtZTM2NmYzZjZkODlj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:50 GMT]}]
2019-03-20 10:46:50 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzdiNTRiNjItNjNjNi00ODkwLWFhMmQtZTM2NmYzZjZkODlj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:50 GMT]}]
2019-03-20 10:46:50 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzdiNTRiNjItNjNjNi00ODkwLWFhMmQtZTM2NmYzZjZkODlj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:50 GMT]}]
2019-03-20 10:46:50 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzdiNTRiNjItNjNjNi00ODkwLWFhMmQtZTM2NmYzZjZkODlj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:50 GMT]}]
2019-03-20 10:46:51 DEBUG [AccountCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/accounts]
2019-03-20 10:46:51 DEBUG [AccountCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:46:51 DEBUG [AccountCreateUserBInitHijack1] : Request [{
"accessKey" : "SWQB8K1O",
"accountType" : "GitLab",
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "SWQB8K1O",
"org" : "",
"prop1" : "SWQB8K1O",
"prop2" : "SWQB8K1O",
"prop3" : "SWQB8K1O",
"region" : "SWQB8K1O",
"secretKey" : "SWQB8K1O",
"version" : ""
}]
2019-03-20 10:46:51 DEBUG [AccountCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:46:51 DEBUG [AccountCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:46:51.434+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 11, column: 11] (through reference chain: com.fxlabs.fxt.dto.clusters.Account[\"org\"])",
"path" : "/api/v1/accounts"
}]
2019-03-20 10:46:51 DEBUG [AccountCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2YxZmY3NGYtMWFiZS00YzZkLThhYzYtNTg2Nzc1ZGMyYjZm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:51 GMT]}]
2019-03-20 10:46:51 DEBUG [AccountCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:46:51 DEBUG [AccountCreateUserBInitHijack1] : Time [1373]
2019-03-20 10:46:51 DEBUG [AccountCreateUserBInitHijack1] : Size [722]
2019-03-20 10:46:51 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:46:51 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2YxZmY3NGYtMWFiZS00YzZkLThhYzYtNTg2Nzc1ZGMyYjZm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:51 GMT]}]
2019-03-20 10:46:51 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2YxZmY3NGYtMWFiZS00YzZkLThhYzYtNTg2Nzc1ZGMyYjZm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:51 GMT]}]
2019-03-20 10:46:51 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2YxZmY3NGYtMWFiZS00YzZkLThhYzYtNTg2Nzc1ZGMyYjZm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:51 GMT]}]
2019-03-20 10:46:51 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2YxZmY3NGYtMWFiZS00YzZkLThhYzYtNTg2Nzc1ZGMyYjZm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:51 GMT]}]
2019-03-20 10:46:53 DEBUG [SkillCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/skills]
2019-03-20 10:46:53 DEBUG [SkillCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:46:53 DEBUG [SkillCreateUserBInitHijack1] : Request [{
"accessKey" : "3fmZXfBe",
"createdBy" : "",
"createdDate" : "",
"description" : "3fmZXfBe",
"host" : "3fmZXfBe",
"id" : "",
"inactive" : false,
"key" : "3fmZXfBe",
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "3fmZXfBe",
"org" : "",
"prop1" : "3fmZXfBe",
"prop2" : "3fmZXfBe",
"prop3" : "3fmZXfBe",
"prop4" : "3fmZXfBe",
"prop5" : "3fmZXfBe",
"secretKey" : "3fmZXfBe",
"skillType" : "BOT_DEPLOYMENT",
"version" : ""
}]
2019-03-20 10:46:53 DEBUG [SkillCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:46:53 DEBUG [SkillCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:46:53.080+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.NameDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 13, column: 11] (through reference chain: com.fxlabs.fxt.dto.skills.Skill[\"org\"])",
"path" : "/api/v1/skills"
}]
2019-03-20 10:46:53 DEBUG [SkillCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjEzNjdkYmYtZGMwZS00MjNmLWFhNzMtMTFjZjJmMWExODhm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:53 GMT]}]
2019-03-20 10:46:53 DEBUG [SkillCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:46:53 DEBUG [SkillCreateUserBInitHijack1] : Time [1643]
2019-03-20 10:46:53 DEBUG [SkillCreateUserBInitHijack1] : Size [716]
2019-03-20 10:46:53 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:46:53 DEBUG [SkillCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjEzNjdkYmYtZGMwZS00MjNmLWFhNzMtMTFjZjJmMWExODhm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:53 GMT]}]
2019-03-20 10:46:53 DEBUG [SkillCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjEzNjdkYmYtZGMwZS00MjNmLWFhNzMtMTFjZjJmMWExODhm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:53 GMT]}]
2019-03-20 10:46:53 DEBUG [SkillCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjEzNjdkYmYtZGMwZS00MjNmLWFhNzMtMTFjZjJmMWExODhm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:53 GMT]}]
2019-03-20 10:46:53 DEBUG [SkillCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjEzNjdkYmYtZGMwZS00MjNmLWFhNzMtMTFjZjJmMWExODhm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:53 GMT]}]
2019-03-20 10:46:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/issue-trackers/issue-tracker-bot]
2019-03-20 10:46:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:46:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : Request [{
"account" : "",
"createdBy" : "",
"createdDate" : "",
"description" : "BXr3Iaec",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "BXr3Iaec",
"org" : "",
"prop1" : "BXr3Iaec",
"prop2" : "BXr3Iaec",
"prop3" : "BXr3Iaec",
"prop4" : "BXr3Iaec",
"prop5" : "BXr3Iaec",
"skill" : "",
"state" : "INACTIVE",
"version" : "",
"visibility" : "ORG_PUBLIC"
}]
2019-03-20 10:46:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:46:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:46:54.811+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.it.IssueTracker[\"account\"])",
"path" : "/api/v1/issue-trackers/issue-tracker-bot"
}]
2019-03-20 10:46:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGQyZDg2MmQtNTI3MC00NTcwLTgyY2MtMjY3MmFiYzYxZTVl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:54 GMT]}]
2019-03-20 10:46:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:46:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : Time [1746]
2019-03-20 10:46:54 DEBUG [IssueTrackerCreateUserBInitHijack1] : Size [768]
2019-03-20 10:46:54 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:46:54 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGQyZDg2MmQtNTI3MC00NTcwLTgyY2MtMjY3MmFiYzYxZTVl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:54 GMT]}]
2019-03-20 10:46:54 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGQyZDg2MmQtNTI3MC00NTcwLTgyY2MtMjY3MmFiYzYxZTVl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:54 GMT]}]
2019-03-20 10:46:54 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGQyZDg2MmQtNTI3MC00NTcwLTgyY2MtMjY3MmFiYzYxZTVl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:54 GMT]}]
2019-03-20 10:46:54 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGQyZDg2MmQtNTI3MC00NTcwLTgyY2MtMjY3MmFiYzYxZTVl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:54 GMT]}]
2019-03-20 10:46:56 DEBUG [ProjectCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/projects]
2019-03-20 10:46:56 DEBUG [ProjectCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:46:56 DEBUG [ProjectCreateUserBInitHijack1] : Request [{
"account" : "",
"autoGenSuites" : "94546328",
"branch" : "8Y95iTLh",
"bugsOpen" : "94546328",
"createdBy" : "",
"createdDate" : "",
"description" : "8Y95iTLh",
"genPolicy" : "Create",
"id" : "",
"inactive" : false,
"isFileLoad" : "8Y95iTLh",
"issueTracker" : "",
"lastCommit" : "8Y95iTLh",
"lastSync" : null,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "8Y95iTLh",
"openAPISpec" : "8Y95iTLh",
"openText" : "8Y95iTLh",
"org" : "",
"props" : null,
"url" : "8Y95iTLh",
"version" : ""
}]
2019-03-20 10:46:56 DEBUG [ProjectCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:46:56 DEBUG [ProjectCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:46:56.351+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.Project[\"account\"])",
"path" : "/api/v1/projects"
}]
2019-03-20 10:46:56 DEBUG [ProjectCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjZiN2E0MzAtNDI5Mi00ZGUwLWJkOTYtODcxZDljOTM4Mjhl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:56 GMT]}]
2019-03-20 10:46:56 DEBUG [ProjectCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:46:56 DEBUG [ProjectCreateUserBInitHijack1] : Time [1522]
2019-03-20 10:46:56 DEBUG [ProjectCreateUserBInitHijack1] : Size [744]
2019-03-20 10:46:56 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:46:56 DEBUG [ProjectCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjZiN2E0MzAtNDI5Mi00ZGUwLWJkOTYtODcxZDljOTM4Mjhl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:56 GMT]}]
2019-03-20 10:46:56 DEBUG [ProjectCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjZiN2E0MzAtNDI5Mi00ZGUwLWJkOTYtODcxZDljOTM4Mjhl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:56 GMT]}]
2019-03-20 10:46:56 DEBUG [ProjectCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjZiN2E0MzAtNDI5Mi00ZGUwLWJkOTYtODcxZDljOTM4Mjhl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:56 GMT]}]
2019-03-20 10:46:56 DEBUG [ProjectCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjZiN2E0MzAtNDI5Mi00ZGUwLWJkOTYtODcxZDljOTM4Mjhl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:56 GMT]}]
2019-03-20 10:46:58 DEBUG [DataSetCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/data-sets]
2019-03-20 10:46:58 DEBUG [DataSetCreateUserBInitHijack1] : Method [POST]
2019-03-20 10:46:58 DEBUG [DataSetCreateUserBInitHijack1] : Request [{
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "IsOWdpMR",
"project" : "",
"props" : null,
"version" : ""
}]
2019-03-20 10:46:58 DEBUG [DataSetCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:46:58 DEBUG [DataSetCreateUserBInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:46:58.021+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])",
"path" : "/api/v1/data-sets"
}]
2019-03-20 10:46:58 DEBUG [DataSetCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OWEzMDNjNmEtZTc2My00M2Y5LTlmY2MtNDNjYjcwNjNlNmM2; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:57 GMT]}]
2019-03-20 10:46:58 DEBUG [DataSetCreateUserBInitHijack1] : StatusCode [400]
2019-03-20 10:46:58 DEBUG [DataSetCreateUserBInitHijack1] : Time [1668]
2019-03-20 10:46:58 DEBUG [DataSetCreateUserBInitHijack1] : Size [745]
2019-03-20 10:46:58 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:46:58 DEBUG [DataSetCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OWEzMDNjNmEtZTc2My00M2Y5LTlmY2MtNDNjYjcwNjNlNmM2; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:57 GMT]}]
2019-03-20 10:46:58 DEBUG [DataSetCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OWEzMDNjNmEtZTc2My00M2Y5LTlmY2MtNDNjYjcwNjNlNmM2; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:57 GMT]}]
2019-03-20 10:46:58 DEBUG [DataSetCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OWEzMDNjNmEtZTc2My00M2Y5LTlmY2MtNDNjYjcwNjNlNmM2; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:57 GMT]}]
2019-03-20 10:46:58 DEBUG [DataSetCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OWEzMDNjNmEtZTc2My00M2Y5LTlmY2MtNDNjYjcwNjNlNmM2; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:57 GMT]}]
2019-03-20 10:46:59 DEBUG [ProjectCreateUserAInitHijack1] : URL [http://13.56.210.25/api/v1/projects]
2019-03-20 10:46:59 DEBUG [ProjectCreateUserAInitHijack1] : Method [POST]
2019-03-20 10:46:59 DEBUG [ProjectCreateUserAInitHijack1] : Request [{
"account" : "",
"autoGenSuites" : "2141731388",
"branch" : "QXS8dJvC",
"bugsOpen" : "2141731388",
"createdBy" : "",
"createdDate" : "",
"description" : "QXS8dJvC",
"genPolicy" : "Create",
"id" : "",
"inactive" : false,
"isFileLoad" : "QXS8dJvC",
"issueTracker" : "",
"lastCommit" : "QXS8dJvC",
"lastSync" : null,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "QXS8dJvC",
"openAPISpec" : "QXS8dJvC",
"openText" : "QXS8dJvC",
"org" : "",
"props" : null,
"url" : "QXS8dJvC",
"version" : ""
}]
2019-03-20 10:46:59 DEBUG [ProjectCreateUserAInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:46:59 DEBUG [ProjectCreateUserAInitHijack1] : Response [{
"timestamp" : "2019-03-20T10:46:59.438+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.Project[\"account\"])",
"path" : "/api/v1/projects"
}]
2019-03-20 10:46:59 DEBUG [ProjectCreateUserAInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2M3NzExMDAtYzY1OC00ZDk0LThhOTEtOTk4M2VlZGZhYjUw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:59 GMT]}]
2019-03-20 10:46:59 DEBUG [ProjectCreateUserAInitHijack1] : StatusCode [400]
2019-03-20 10:46:59 DEBUG [ProjectCreateUserAInitHijack1] : Time [1414]
2019-03-20 10:46:59 DEBUG [ProjectCreateUserAInitHijack1] : Size [744]
2019-03-20 10:46:59 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed]
2019-03-20 10:46:59 DEBUG [ProjectCreateUserAInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2M3NzExMDAtYzY1OC00ZDk0LThhOTEtOTk4M2VlZGZhYjUw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:59 GMT]}]
2019-03-20 10:46:59 DEBUG [ProjectCreateUserAInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2M3NzExMDAtYzY1OC00ZDk0LThhOTEtOTk4M2VlZGZhYjUw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:59 GMT]}]
2019-03-20 10:46:59 DEBUG [ProjectCreateUserAInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2M3NzExMDAtYzY1OC00ZDk0LThhOTEtOTk4M2VlZGZhYjUw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:59 GMT]}]
2019-03-20 10:46:59 DEBUG [ProjectCreateUserAInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2M3NzExMDAtYzY1OC00ZDk0LThhOTEtOTk4M2VlZGZhYjUw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:46:59 GMT]}]
2019-03-20 10:47:01 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : URL [http://13.56.210.25/api/v1/data-sets]
2019-03-20 10:47:01 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Method [PUT]
2019-03-20 10:47:01 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Request [{
"createdBy" : "",
"createdDate" : "",
"id" : "",
"inactive" : false,
"modifiedBy" : "",
"modifiedDate" : "",
"name" : "To3iNx4F",
"project" : "",
"props" : null,
"version" : ""
}]
2019-03-20 10:47:01 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:47:01 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Response [{
"timestamp" : "2019-03-20T10:47:01.066+0000",
"status" : 400,
"error" : "Bad Request",
"message" : "JSON parse error: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance of com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])",
"path" : "/api/v1/data-sets"
}]
2019-03-20 10:47:01 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODVkNjkyZjctOWU0OC00NDQyLTk1YTgtMDU4ZDNiZTZkNjQy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:47:00 GMT]}]
2019-03-20 10:47:01 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : StatusCode [400]
2019-03-20 10:47:01 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Time [1628]
2019-03-20 10:47:01 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Size [745]
2019-03-20 10:47:01 ERROR [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [400 == 401 OR 400 == 403] result [Failed]
2019-03-20 10:47:02 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : URL [http://13.56.210.25/api/v1/data-sets/]
2019-03-20 10:47:02 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Method [DELETE]
2019-03-20 10:47:02 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Request [null]
2019-03-20 10:47:02 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:47:02 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Response [{
"timestamp" : "2019-03-20T10:47:02.776+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/data-sets/"
}]
2019-03-20 10:47:02 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Response-Headers [{Allow=[GET, PUT, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YjE3ZDRlOWQtN2MxMy00ODZlLWE5ZmUtNTRkZTNlOThiMjZm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:47:02 GMT]}]
2019-03-20 10:47:02 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : StatusCode [405]
2019-03-20 10:47:02 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Time [1708]
2019-03-20 10:47:02 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Size [164]
2019-03-20 10:47:02 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:47:04 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : URL [http://13.56.210.25/api/v1/projects/]
2019-03-20 10:47:04 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Method [DELETE]
2019-03-20 10:47:04 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Request [null]
2019-03-20 10:47:04 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:47:04 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Response [{
"timestamp" : "2019-03-20T10:47:04.555+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/projects/"
}]
2019-03-20 10:47:04 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Response-Headers [{Allow=[GET, POST, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NTE0NGY3ZDctZTY5NC00ZGRhLWI1NjctZWU5ODUwYWQ3OWZm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:47:04 GMT]}]
2019-03-20 10:47:04 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : StatusCode [405]
2019-03-20 10:47:04 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Time [1779]
2019-03-20 10:47:04 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Size [163]
2019-03-20 10:47:04 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:47:06 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : URL [http://13.56.210.25/api/v1/issue-trackers/issue-tracker-bot/]
2019-03-20 10:47:06 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Method [DELETE]
2019-03-20 10:47:06 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Request [null]
2019-03-20 10:47:06 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:47:06 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Response [{
"timestamp" : "2019-03-20T10:47:06.456+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/issue-trackers/issue-tracker-bot/"
}]
2019-03-20 10:47:06 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Response-Headers [{Allow=[POST, GET, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NTk2Y2Y5ZDYtYmVjNS00OWVjLTlhMGQtZmQ0YWEyOWRlOWY5; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:47:06 GMT]}]
2019-03-20 10:47:06 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : StatusCode [405]
2019-03-20 10:47:06 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Time [1898]
2019-03-20 10:47:06 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Size [187]
2019-03-20 10:47:06 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:47:08 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : URL [http://13.56.210.25/api/v1/skills/]
2019-03-20 10:47:08 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Method [DELETE]
2019-03-20 10:47:08 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Request [null]
2019-03-20 10:47:08 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:47:08 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Response [{
"timestamp" : "2019-03-20T10:47:08.096+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/skills/"
}]
2019-03-20 10:47:08 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Response-Headers [{Allow=[GET, POST, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjZiZjcyODQtYWM5Zi00ODQyLWFiYjQtNGQ5ZDU5ZGFiYmUx; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:47:07 GMT]}]
2019-03-20 10:47:08 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : StatusCode [405]
2019-03-20 10:47:08 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Time [1636]
2019-03-20 10:47:08 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Size [161]
2019-03-20 10:47:08 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:47:09 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : URL [http://13.56.210.25/api/v1/accounts/]
2019-03-20 10:47:09 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Method [DELETE]
2019-03-20 10:47:09 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request [null]
2019-03-20 10:47:09 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:47:09 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response [{
"timestamp" : "2019-03-20T10:47:09.527+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/accounts/"
}]
2019-03-20 10:47:09 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MmNhNjkzMzQtNjZiZC00MzY4LTliZGUtNTA3M2Y3ZGZhNTQy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:47:09 GMT]}]
2019-03-20 10:47:09 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : StatusCode [405]
2019-03-20 10:47:09 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Time [1431]
2019-03-20 10:47:09 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Size [163]
2019-03-20 10:47:09 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
2019-03-20 10:47:10 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : URL [http://13.56.210.25/api/v1/orgs/]
2019-03-20 10:47:10 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Method [DELETE]
2019-03-20 10:47:10 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request [null]
2019-03-20 10:47:10 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}]
2019-03-20 10:47:10 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response [{
"timestamp" : "2019-03-20T10:47:10.918+0000",
"status" : 405,
"error" : "Method Not Allowed",
"message" : "Request method 'DELETE' not supported",
"path" : "/api/v1/orgs/"
}]
2019-03-20 10:47:10 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=M2RjOTFiNDctYWJjZS00MDEyLTg4NTgtMWU3NmViZTUxZjFl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:47:10 GMT]}]
2019-03-20 10:47:10 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : StatusCode [405]
2019-03-20 10:47:10 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Time [1390]
2019-03-20 10:47:10 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Size [159]
2019-03-20 10:47:10 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]
--- FX Bot ---
Project : FXABAC TEST
Template : ApiV1DataSetsPutDatasetuserbDisallowHijack1
Run Id : 8a808011699a990101699ab0f9761b20
Job : Default
Env : Default
Category : Hijack_Level1
Tags : [FX Top 10 - API Vulnerability, Data_Access_Control]
Severity : Major
Region : FXLabs/US_WEST_1
Result : fail
Status Code : 400
Headers : {X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjFlMzQxNGEtOGQ2ZS00Nzk4LWEwMWMtMDNhODVjOGY1ZWYw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:52 GMT]}
Endpoint : http://13.56.210.25/api/v1/data-sets
Request :
{ "createdBy" : "", "createdDate" : "", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "name" : "AlxfLTHV", "project" : "", "props" : null, "version" : "" }
Response :
{ "timestamp" : "2019-03-20T10:41:52.252+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance of
com.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])", "path" : "/api/v1/data-sets" }Logs :
2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/orgs] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : Request [{ "billingEmail" : "bLyXI0Kj", "company" : "Mayert LLC", "createdBy" : "", "createdDate" : "", "description" : "bLyXI0Kj", "id" : "", "inactive" : false, "location" : "bLyXI0Kj", "modifiedBy" : "", "modifiedDate" : "", "name" : "bLyXI0Kj", "orgPlan" : "TEAM", "orgType" : "ENTERPRISE", "version" : "" }] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:48.816+0000", "status" : 403, "error" : "Forbidden", "message" : "Forbidden", "path" : "/api/v1/orgs" }] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzVlYjYyYWQtM2UxMC00NGUxLWEyNTItYTg0ZmE3MmM3MjNk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:47 GMT]}] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : StatusCode [403] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : Time [449] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1] : Size [121] 2019-03-20 10:41:48 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [403 == 200 OR 403 == 201] result [Failed] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzVlYjYyYWQtM2UxMC00NGUxLWEyNTItYTg0ZmE3MmM3MjNk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:47 GMT]}] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzVlYjYyYWQtM2UxMC00NGUxLWEyNTItYTg0ZmE3MmM3MjNk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:47 GMT]}] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzVlYjYyYWQtM2UxMC00NGUxLWEyNTItYTg0ZmE3MmM3MjNk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:47 GMT]}] 2019-03-20 10:41:48 DEBUG [OrgCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzVlYjYyYWQtM2UxMC00NGUxLWEyNTItYTg0ZmE3MmM3MjNk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:47 GMT]}] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/accounts] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : Request [{ "accessKey" : "OVAfBCBf", "accountType" : "GitLab", "createdBy" : "", "createdDate" : "", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "name" : "OVAfBCBf", "org" : "", "prop1" : "OVAfBCBf", "prop2" : "OVAfBCBf", "prop3" : "OVAfBCBf", "region" : "OVAfBCBf", "secretKey" : "OVAfBCBf", "version" : "" }] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:49.349+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance of
com.fxlabs.fxt.dto.base.NameDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.NameDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 11, column: 11] (through reference chain: com.fxlabs.fxt.dto.clusters.Account[\"org\"])", "path" : "/api/v1/accounts" }] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZWViNjVjOTAtOGFkYy00MDExLTk5NmEtOTIwMjFiM2QzM2Ji; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : StatusCode [400] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : Time [532] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1] : Size [722] 2019-03-20 10:41:49 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZWViNjVjOTAtOGFkYy00MDExLTk5NmEtOTIwMjFiM2QzM2Ji; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZWViNjVjOTAtOGFkYy00MDExLTk5NmEtOTIwMjFiM2QzM2Ji; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZWViNjVjOTAtOGFkYy00MDExLTk5NmEtOTIwMjFiM2QzM2Ji; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [AccountCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZWViNjVjOTAtOGFkYy00MDExLTk5NmEtOTIwMjFiM2QzM2Ji; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/skills] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : Request [{ "accessKey" : "aPJpJEJV", "createdBy" : "", "createdDate" : "", "description" : "aPJpJEJV", "host" : "aPJpJEJV", "id" : "", "inactive" : false, "key" : "aPJpJEJV", "modifiedBy" : "", "modifiedDate" : "", "name" : "aPJpJEJV", "org" : "", "prop1" : "aPJpJEJV", "prop2" : "aPJpJEJV", "prop3" : "aPJpJEJV", "prop4" : "aPJpJEJV", "prop5" : "aPJpJEJV", "secretKey" : "aPJpJEJV", "skillType" : "BOT_DEPLOYMENT", "version" : "" }] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:49.737+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance ofcom.fxlabs.fxt.dto.base.NameDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.NameDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 13, column: 11] (through reference chain: com.fxlabs.fxt.dto.skills.Skill[\"org\"])", "path" : "/api/v1/skills" }] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGI0NTA4OTctMTAwNi00MWFlLTk3NjctNGFkOTY1OTY2NjYz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : StatusCode [400] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : Time [386] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1] : Size [716] 2019-03-20 10:41:49 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGI0NTA4OTctMTAwNi00MWFlLTk3NjctNGFkOTY1OTY2NjYz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGI0NTA4OTctMTAwNi00MWFlLTk3NjctNGFkOTY1OTY2NjYz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGI0NTA4OTctMTAwNi00MWFlLTk3NjctNGFkOTY1OTY2NjYz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:49 DEBUG [SkillCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NGI0NTA4OTctMTAwNi00MWFlLTk3NjctNGFkOTY1OTY2NjYz; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:48 GMT]}] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/issue-trackers/issue-tracker-bot] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : Request [{ "account" : "", "createdBy" : "", "createdDate" : "", "description" : "ePe3W9sd", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "name" : "ePe3W9sd", "org" : "", "prop1" : "ePe3W9sd", "prop2" : "ePe3W9sd", "prop3" : "ePe3W9sd", "prop4" : "ePe3W9sd", "prop5" : "ePe3W9sd", "skill" : "", "state" : "INACTIVE", "version" : "", "visibility" : "ORG_PUBLIC" }] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:50.234+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance ofcom.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.it.IssueTracker[\"account\"])", "path" : "/api/v1/issue-trackers/issue-tracker-bot" }] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGM5NDVlMTYtMGMxOS00NjQ4LTk4ODMtZjlkNWZmMzU3ZGQ1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : StatusCode [400] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : Time [519] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1] : Size [768] 2019-03-20 10:41:50 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGM5NDVlMTYtMGMxOS00NjQ4LTk4ODMtZjlkNWZmMzU3ZGQ1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGM5NDVlMTYtMGMxOS00NjQ4LTk4ODMtZjlkNWZmMzU3ZGQ1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGM5NDVlMTYtMGMxOS00NjQ4LTk4ODMtZjlkNWZmMzU3ZGQ1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [IssueTrackerCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OGM5NDVlMTYtMGMxOS00NjQ4LTk4ODMtZjlkNWZmMzU3ZGQ1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/projects] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : Request [{ "account" : "", "autoGenSuites" : "273967066", "branch" : "5loPPrJE", "bugsOpen" : "273967066", "createdBy" : "", "createdDate" : "", "description" : "5loPPrJE", "genPolicy" : "Create", "id" : "", "inactive" : false, "isFileLoad" : "5loPPrJE", "issueTracker" : "", "lastCommit" : "5loPPrJE", "lastSync" : null, "modifiedBy" : "", "modifiedDate" : "", "name" : "5loPPrJE", "openAPISpec" : "5loPPrJE", "openText" : "5loPPrJE", "org" : "", "props" : null, "url" : "5loPPrJE", "version" : "" }] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:50.681+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance ofcom.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.Project[\"account\"])", "path" : "/api/v1/projects" }] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzdmMWIxMjMtZjUxNC00ZjAwLTg2ZDctMGM3OGY3MGZjZmYw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : StatusCode [400] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : Time [418] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1] : Size [744] 2019-03-20 10:41:50 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzdmMWIxMjMtZjUxNC00ZjAwLTg2ZDctMGM3OGY3MGZjZmYw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzdmMWIxMjMtZjUxNC00ZjAwLTg2ZDctMGM3OGY3MGZjZmYw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzdmMWIxMjMtZjUxNC00ZjAwLTg2ZDctMGM3OGY3MGZjZmYw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:50 DEBUG [ProjectCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YzdmMWIxMjMtZjUxNC00ZjAwLTg2ZDctMGM3OGY3MGZjZmYw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:49 GMT]}] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : URL [http://13.56.210.25/api/v1/data-sets] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : Method [POST] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : Request [{ "createdBy" : "", "createdDate" : "", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "name" : "FyuI2aQD", "project" : "", "props" : null, "version" : "" }] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:51.165+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance ofcom.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])", "path" : "/api/v1/data-sets" }] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZTVlNTdkMzgtMWRiNy00ZDE2LWFkZDMtOTIxM2Q0YjYxNjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : StatusCode [400] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : Time [479] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1] : Size [745] 2019-03-20 10:41:51 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZTVlNTdkMzgtMWRiNy00ZDE2LWFkZDMtOTIxM2Q0YjYxNjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZTVlNTdkMzgtMWRiNy00ZDE2LWFkZDMtOTIxM2Q0YjYxNjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZTVlNTdkMzgtMWRiNy00ZDE2LWFkZDMtOTIxM2Q0YjYxNjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [DataSetCreateUserBInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZTVlNTdkMzgtMWRiNy00ZDE2LWFkZDMtOTIxM2Q0YjYxNjNj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : URL [http://13.56.210.25/api/v1/projects] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : Method [POST] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : Request [{ "account" : "", "autoGenSuites" : "1001545831", "branch" : "Ngfw8jlS", "bugsOpen" : "1001545831", "createdBy" : "", "createdDate" : "", "description" : "Ngfw8jlS", "genPolicy" : "Create", "id" : "", "inactive" : false, "isFileLoad" : "Ngfw8jlS", "issueTracker" : "", "lastCommit" : "Ngfw8jlS", "lastSync" : null, "modifiedBy" : "", "modifiedDate" : "", "name" : "Ngfw8jlS", "openAPISpec" : "Ngfw8jlS", "openText" : "Ngfw8jlS", "org" : "", "props" : null, "url" : "Ngfw8jlS", "version" : "" }] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:51.584+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance ofcom.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.AccountMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 2, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.Project[\"account\"])", "path" : "/api/v1/projects" }] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MGQ2NDNjM2YtMWIyYy00YzQ1LWFkMDYtYWY2NDM3NDYxNTQy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : StatusCode [400] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : Time [415] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1] : Size [744] 2019-03-20 10:41:51 ERROR [null] : Assertion [@StatusCode == 200 OR @StatusCode == 201] resolved-to [400 == 200 OR 400 == 201] result [Failed] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MGQ2NDNjM2YtMWIyYy00YzQ1LWFkMDYtYWY2NDM3NDYxNTQy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MGQ2NDNjM2YtMWIyYy00YzQ1LWFkMDYtYWY2NDM3NDYxNTQy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MGQ2NDNjM2YtMWIyYy00YzQ1LWFkMDYtYWY2NDM3NDYxNTQy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:51 DEBUG [ProjectCreateUserAInitHijack1_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MGQ2NDNjM2YtMWIyYy00YzQ1LWFkMDYtYWY2NDM3NDYxNTQy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:51 GMT]}] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : URL [http://13.56.210.25/api/v1/data-sets] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Method [PUT] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Request [{ "createdBy" : "", "createdDate" : "", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "name" : "AlxfLTHV", "project" : "", "props" : null, "version" : "" }] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Response [{ "timestamp" : "2019-03-20T10:41:52.252+0000", "status" : 400, "error" : "Bad Request", "message" : "JSON parse error: Cannot construct instance ofcom.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value (''); nested exception is com.fasterxml.jackson.databind.exc.MismatchedInputException: Cannot construct instance ofcom.fxlabs.fxt.dto.base.ProjectMinimalDto
(although at least one Creator exists): no String-argument constructor/factory method to deserialize from String value ('')\n at [Source: (PushbackInputStream); line: 9, column: 15] (through reference chain: com.fxlabs.fxt.dto.project.DataSet[\"project\"])", "path" : "/api/v1/data-sets" }] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MjFlMzQxNGEtOGQ2ZS00Nzk4LWEwMWMtMDNhODVjOGY1ZWYw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:52 GMT]}] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : StatusCode [400] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Time [667] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Size [745] 2019-03-20 10:41:52 ERROR [ApiV1DataSetsPutDatasetuserbDisallowHijack1] : Assertion [@StatusCode == 401 OR @StatusCode == 403] resolved-to [400 == 401 OR 400 == 403] result [Failed] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : URL [http://13.56.210.25/api/v1/data-sets/] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Method [DELETE] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Request [null] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Response [{ "timestamp" : "2019-03-20T10:41:52.860+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/data-sets/" }] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Response-Headers [{Allow=[GET, PUT, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MmQ3OWMwMTUtNWVjNi00ODdiLWFlNWMtMDFhN2RkNjBmMjY0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:52 GMT]}] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : StatusCode [405] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Time [607] 2019-03-20 10:41:52 DEBUG [ApiV1DataSetsIdDeleteDatasethijack1] : Size [164] 2019-03-20 10:41:52 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : URL [http://13.56.210.25/api/v1/projects/] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Method [DELETE] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Request [null] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Response [{ "timestamp" : "2019-03-20T10:41:53.580+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/projects/" }] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Response-Headers [{Allow=[GET, POST, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2QxNjZlYzQtYzYzZS00OGI4LTgwNmEtOTg3MDZjZjJhZDdj; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:53 GMT]}] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : StatusCode [405] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Time [719] 2019-03-20 10:41:53 DEBUG [ApiV1ProjectsIdDeleteProjecthijack1] : Size [163] 2019-03-20 10:41:53 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : URL [http://13.56.210.25/api/v1/issue-trackers/issue-tracker-bot/] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Method [DELETE] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Request [null] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Response [{ "timestamp" : "2019-03-20T10:41:54.243+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/issue-trackers/issue-tracker-bot/" }] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Response-Headers [{Allow=[POST, GET, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OTViM2JiMzMtNDE0YS00YTNmLTgzZTktMGJkYjg4YjExMDA2; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:53 GMT]}] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : StatusCode [405] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Time [662] 2019-03-20 10:41:54 DEBUG [ApiV1IssueTrackersIssueTrackerBotIdDeleteIssuetrackerhijack1] : Size [187] 2019-03-20 10:41:54 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : URL [http://13.56.210.25/api/v1/skills/] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Method [DELETE] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Request [null] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Response [{ "timestamp" : "2019-03-20T10:41:54.699+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/skills/" }] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Response-Headers [{Allow=[GET, POST, PUT], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjU5YmJkMTAtZTBkNi00NTRmLWFmM2ItNTk5M2Y1NmFmYmEw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:54 GMT]}] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : StatusCode [405] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Time [455] 2019-03-20 10:41:54 DEBUG [ApiV1SkillsIdDeleteSkillhijack1] : Size [161] 2019-03-20 10:41:54 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : URL [http://13.56.210.25/api/v1/accounts/] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Method [DELETE] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request [null] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response [{ "timestamp" : "2019-03-20T10:41:55.250+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/accounts/" }] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YTlkYjUyYWItMWM3Ny00NzdmLTllOGUtMTg2ODUyY2VmOWRm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:54 GMT]}] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : StatusCode [405] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Time [550] 2019-03-20 10:41:55 DEBUG [ApiV1AccountsIdDeleteAccounthijack1] : Size [163] 2019-03-20 10:41:55 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : URL [http://13.56.210.25/api/v1/orgs/] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Method [DELETE] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request [null] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic T1JHQi8vdXNlckJAdGVzdGxhYnMuaW86b3JnMTIzNCQ=]}] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response [{ "timestamp" : "2019-03-20T10:41:55.773+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MWQ1NzllYTgtYTZkMC00MDY2LWFlNzgtZTY3ODA2NWIwZjA5; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Wed, 20 Mar 2019 10:41:55 GMT]}] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : StatusCode [405] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Time [523] 2019-03-20 10:41:55 DEBUG [ApiV1OrgsIdDeleteOrghijack1] : Size [159] 2019-03-20 10:41:55 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]--- FX Bot ---