search

jaleelsyed / online-banking

0 stars 0 forks source link

online banking app : ApiV1BranchesIdDeleteUsercDisallowAbac #21

Open jaleelsyed opened 5 years ago

jaleelsyed commented 5 years ago

Project : online banking app

Job : Default

Env : Default

Category : ABAC_Level1

Tags : [FX Top 10 - API Vulnerability, Data_Access_Control]

Severity : Major

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 405

Headers : {Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MWFiMzQ3MzMtNzY3ZS00YmUwLTg2OWQtZmMyY2IxMTIzNDVi; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:53:56 GMT]}

Endpoint : http://54.215.136.217/api/v1/branches/

Request :

Response :
{ "timestamp" : "2019-01-24T04:53:57.080+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/branches/" }

Logs :
2019-01-24 04:53:55 DEBUG [BranchCreateUserAInitAbac] : URL [http://54.215.136.217/api/v1/branches] 2019-01-24 04:53:55 DEBUG [BranchCreateUserAInitAbac] : Method [POST] 2019-01-24 04:53:55 DEBUG [BranchCreateUserAInitAbac] : Request [{ "access" : "3amfvtNt", "atmAtBranch" : "3amfvtNt", "branchMediatedServiceName" : "3amfvtNt", "branchName" : "3amfvtNt", "branchType" : "3amfvtNt", "createdBy" : "", "createdDate" : "", "customerSegment" : "3amfvtNt", "faxNumber" : "3amfvtNt", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "version" : "" }] 2019-01-24 04:53:55 DEBUG [BranchCreateUserAInitAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjJAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 04:53:55 DEBUG [BranchCreateUserAInitAbac] : Response [{ "timestamp" : "2019-01-24T04:53:55.871+0000", "status" : 403, "error" : "Forbidden", "message" : "Forbidden", "path" : "/api/v1/branches" }] 2019-01-24 04:53:55 DEBUG [BranchCreateUserAInitAbac] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Zjg0YWZjMjAtZmQ1Zi00ZDQyLTg1NTAtNWFhM2Y3NDkzYjMy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:53:55 GMT]}] 2019-01-24 04:53:55 DEBUG [BranchCreateUserAInitAbac] : StatusCode [403] 2019-01-24 04:53:55 DEBUG [BranchCreateUserAInitAbac] : Time [1071] 2019-01-24 04:53:55 DEBUG [BranchCreateUserAInitAbac] : Size [125] 2019-01-24 04:53:55 ERROR [null] : Assertion [@StatusCode == 200 AND @Response.errors == false] resolved-to [403 == 200 AND == false] result [Failed] 2019-01-24 04:53:55 DEBUG [BranchCreateUserAInitAbac_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Zjg0YWZjMjAtZmQ1Zi00ZDQyLTg1NTAtNWFhM2Y3NDkzYjMy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:53:55 GMT]}] 2019-01-24 04:53:55 DEBUG [BranchCreateUserAInitAbac_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Zjg0YWZjMjAtZmQ1Zi00ZDQyLTg1NTAtNWFhM2Y3NDkzYjMy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:53:55 GMT]}] 2019-01-24 04:53:55 DEBUG [BranchCreateUserAInitAbac_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Zjg0YWZjMjAtZmQ1Zi00ZDQyLTg1NTAtNWFhM2Y3NDkzYjMy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:53:55 GMT]}] 2019-01-24 04:53:55 DEBUG [BranchCreateUserAInitAbac_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Zjg0YWZjMjAtZmQ1Zi00ZDQyLTg1NTAtNWFhM2Y3NDkzYjMy; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:53:55 GMT]}] 2019-01-24 04:53:56 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : URL [http://54.215.136.217/api/v1/branches/] 2019-01-24 04:53:56 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Method [DELETE] 2019-01-24 04:53:56 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Request [] 2019-01-24 04:53:56 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjRAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 04:53:56 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Response [{ "timestamp" : "2019-01-24T04:53:57.080+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/branches/" }] 2019-01-24 04:53:56 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MWFiMzQ3MzMtNzY3ZS00YmUwLTg2OWQtZmMyY2IxMTIzNDVi; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:53:56 GMT]}] 2019-01-24 04:53:56 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : StatusCode [405] 2019-01-24 04:53:56 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Time [1230] 2019-01-24 04:53:56 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Size [163] 2019-01-24 04:53:56 ERROR [ApiV1BranchesIdDeleteUsercDisallowAbac] : Assertion [@StatusCode == 401 OR @StatusCode == 403 OR @Response.errors == true] resolved-to [405 == 401 OR 405 == 403 OR == true] result [Failed] 2019-01-24 04:53:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : URL [http://54.215.136.217/api/v1/branches/] 2019-01-24 04:53:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Method [DELETE] 2019-01-24 04:53:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Request [null] 2019-01-24 04:53:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjJAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 04:53:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Response [{ "timestamp" : "2019-01-24T04:53:57.910+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/branches/" }] 2019-01-24 04:53:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MzJjYTA5MjItZWQ4OS00NjBjLWFiODYtOGYyM2U0ZDljYWE0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:53:57 GMT]}] 2019-01-24 04:53:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : StatusCode [405] 2019-01-24 04:53:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Time [796] 2019-01-24 04:53:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Size [163] 2019-01-24 04:53:57 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]

--- FX Bot ---

jaleelsyed commented 5 years ago

Project : online banking app

Job : Default

Env : Default

Message : This issue is manually closed from FX control plane.

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 405

Headers : {Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MWFiMzQ3MzMtNzY3ZS00YmUwLTg2OWQtZmMyY2IxMTIzNDVi; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:53:56 GMT]}

Endpoint : http://54.215.136.217/api/v1/branches/

Request :

Response :
{ "timestamp" : "2019-01-24T04:53:57.080+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/branches/" }

Logs :
Assertion [@StatusCode == 401 OR @StatusCode == 403 OR @Response.errors == true] resolved-to [405 == 401 OR 405 == 403 OR == true] result [Failed] --- FX Bot ---

jaleelsyed commented 5 years ago

Message : null

Project : online banking app

Job : Default

Env : Default

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 405

Headers : {Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2Q1NGIxMTUtYThhNy00ZTYxLTg4MDYtMzhjZGNlNTRhNWRk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:28:55 GMT]}

Endpoint : http://54.215.136.217/api/v1/branches/

Request :

Response :
{ "timestamp" : "2019-01-24T09:28:56.064+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/branches/" }

Logs :
2019-01-24 09:28:54 DEBUG [BranchCreateUserAInitAbac] : URL [http://54.215.136.217/api/v1/branches] 2019-01-24 09:28:54 DEBUG [BranchCreateUserAInitAbac] : Method [POST] 2019-01-24 09:28:54 DEBUG [BranchCreateUserAInitAbac] : Request [{ "access" : "SL0fKO2V", "atmAtBranch" : "SL0fKO2V", "branchMediatedServiceName" : "SL0fKO2V", "branchName" : "SL0fKO2V", "branchType" : "SL0fKO2V", "createdBy" : "", "createdDate" : "", "customerSegment" : "SL0fKO2V", "faxNumber" : "SL0fKO2V", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "version" : "" }] 2019-01-24 09:28:54 DEBUG [BranchCreateUserAInitAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjJAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 09:28:54 DEBUG [BranchCreateUserAInitAbac] : Response [{ "timestamp" : "2019-01-24T09:28:55.008+0000", "status" : 403, "error" : "Forbidden", "message" : "Forbidden", "path" : "/api/v1/branches" }] 2019-01-24 09:28:54 DEBUG [BranchCreateUserAInitAbac] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZmE5YjhkMjAtYzU5ZC00ZjE0LWE1MTYtNmE1NjFiZjM4NDZl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:28:54 GMT]}] 2019-01-24 09:28:54 DEBUG [BranchCreateUserAInitAbac] : StatusCode [403] 2019-01-24 09:28:54 DEBUG [BranchCreateUserAInitAbac] : Time [877] 2019-01-24 09:28:54 DEBUG [BranchCreateUserAInitAbac] : Size [125] 2019-01-24 09:28:54 ERROR [null] : Assertion [@StatusCode == 200 AND @Response.errors == false] resolved-to [403 == 200 AND == false] result [Failed] 2019-01-24 09:28:54 DEBUG [BranchCreateUserAInitAbac_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZmE5YjhkMjAtYzU5ZC00ZjE0LWE1MTYtNmE1NjFiZjM4NDZl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:28:54 GMT]}] 2019-01-24 09:28:54 DEBUG [BranchCreateUserAInitAbac_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZmE5YjhkMjAtYzU5ZC00ZjE0LWE1MTYtNmE1NjFiZjM4NDZl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:28:54 GMT]}] 2019-01-24 09:28:54 DEBUG [BranchCreateUserAInitAbac_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZmE5YjhkMjAtYzU5ZC00ZjE0LWE1MTYtNmE1NjFiZjM4NDZl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:28:54 GMT]}] 2019-01-24 09:28:54 DEBUG [BranchCreateUserAInitAbac_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZmE5YjhkMjAtYzU5ZC00ZjE0LWE1MTYtNmE1NjFiZjM4NDZl; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:28:54 GMT]}] 2019-01-24 09:28:55 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : URL [http://54.215.136.217/api/v1/branches/] 2019-01-24 09:28:55 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Method [DELETE] 2019-01-24 09:28:55 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Request [] 2019-01-24 09:28:55 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjRAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 09:28:55 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Response [{ "timestamp" : "2019-01-24T09:28:56.064+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/branches/" }] 2019-01-24 09:28:55 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2Q1NGIxMTUtYThhNy00ZTYxLTg4MDYtMzhjZGNlNTRhNWRk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:28:55 GMT]}] 2019-01-24 09:28:55 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : StatusCode [405] 2019-01-24 09:28:55 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Time [1051] 2019-01-24 09:28:55 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Size [163] 2019-01-24 09:28:55 ERROR [ApiV1BranchesIdDeleteUsercDisallowAbac] : Assertion [@StatusCode == 401 OR @StatusCode == 403 OR @Response.errors == true] resolved-to [405 == 401 OR 405 == 403 OR == true] result [Failed] 2019-01-24 09:28:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : URL [http://54.215.136.217/api/v1/branches/] 2019-01-24 09:28:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Method [DELETE] 2019-01-24 09:28:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Request [null] 2019-01-24 09:28:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjJAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 09:28:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Response [{ "timestamp" : "2019-01-24T09:28:57.272+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/branches/" }] 2019-01-24 09:28:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=YmM5NmZkYzgtNGQyZS00Njc3LTgzMGYtZDU4ODIwMmRlZTAw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:28:56 GMT]}] 2019-01-24 09:28:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : StatusCode [405] 2019-01-24 09:28:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Time [1273] 2019-01-24 09:28:57 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Size [163] 2019-01-24 09:28:57 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]

--- FX Bot ---

jaleelsyed commented 5 years ago

Message : This issue is manually closed from FX control plane.

Project : online banking app

Job : Default

Env : Default

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 405

Headers : {Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Y2Q1NGIxMTUtYThhNy00ZTYxLTg4MDYtMzhjZGNlNTRhNWRk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:28:55 GMT]}

Endpoint : http://54.215.136.217/api/v1/branches/

Request :

Response :
{ "timestamp" : "2019-01-24T09:28:56.064+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/branches/" }

Logs :
Assertion [@StatusCode == 401 OR @StatusCode == 403 OR @Response.errors == true] resolved-to [405 == 401 OR 405 == 403 OR == true] result [Failed] --- FX Bot ---

jaleelsyed commented 5 years ago

Message : null

Project : online banking app

Job : Default

Env : Default

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 405

Headers : {Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZTcwYWE0NWYtN2E4NS00NmNlLTkyMDQtNGQ0M2Y3NWU4Nzcw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:45:04 GMT]}

Endpoint : http://54.215.136.217/api/v1/branches/

Request :

Response :
{ "timestamp" : "2019-01-24T09:45:04.969+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/branches/" }

Logs :
Assertion [@StatusCode == 401 OR @StatusCode == 403 OR @Response.errors == true] resolved-to [405 == 401 OR 405 == 403 OR == true] result [Failed] --- FX Bot ---

jaleelsyed commented 5 years ago

Message : This issue is manually closed from FX control plane.

Project : online banking app

Job : Default

Env : Default

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 405

Headers : {Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZTcwYWE0NWYtN2E4NS00NmNlLTkyMDQtNGQ0M2Y3NWU4Nzcw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:45:04 GMT]}

Endpoint : http://54.215.136.217/api/v1/branches/

Request :

Response :
{ "timestamp" : "2019-01-24T09:45:04.969+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/branches/" }

Logs :
Assertion [@StatusCode == 401 OR @StatusCode == 403 OR @Response.errors == true] resolved-to [405 == 401 OR 405 == 403 OR == true] result [Failed] --- FX Bot ---

jaleelsyed commented 5 years ago

Project : online banking app

Job : Default

Env : Default

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 405

Headers : {Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Zjg5YTQ4ZWUtMDg3Yi00ZjljLTk1N2MtMzU5MTJmOWZiNmVm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 10:18:01 GMT]}

Endpoint : http://54.215.136.217/api/v1/branches/

Request :

Response :
{ "timestamp" : "2019-01-24T10:18:02.188+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/branches/" }

Logs :
2019-01-24 10:18:00 DEBUG [BranchCreateUserAInitAbac] : URL [http://54.215.136.217/api/v1/branches] 2019-01-24 10:18:00 DEBUG [BranchCreateUserAInitAbac] : Method [POST] 2019-01-24 10:18:00 DEBUG [BranchCreateUserAInitAbac] : Request [{ "access" : "oHxWvW74", "atmAtBranch" : "oHxWvW74", "branchMediatedServiceName" : "oHxWvW74", "branchName" : "oHxWvW74", "branchType" : "oHxWvW74", "createdBy" : "", "createdDate" : "", "customerSegment" : "oHxWvW74", "faxNumber" : "oHxWvW74", "id" : "", "inactive" : false, "modifiedBy" : "", "modifiedDate" : "", "version" : "" }] 2019-01-24 10:18:00 DEBUG [BranchCreateUserAInitAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjJAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 10:18:00 DEBUG [BranchCreateUserAInitAbac] : Response [{ "timestamp" : "2019-01-24T10:18:00.832+0000", "status" : 403, "error" : "Forbidden", "message" : "Forbidden", "path" : "/api/v1/branches" }] 2019-01-24 10:18:00 DEBUG [BranchCreateUserAInitAbac] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjQ3MGEzNDQtNTQ1MS00YzUwLWExYWMtZTkxMzYxN2Y5MGM0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 10:18:00 GMT]}] 2019-01-24 10:18:00 DEBUG [BranchCreateUserAInitAbac] : StatusCode [403] 2019-01-24 10:18:00 DEBUG [BranchCreateUserAInitAbac] : Time [1444] 2019-01-24 10:18:00 DEBUG [BranchCreateUserAInitAbac] : Size [125] 2019-01-24 10:18:00 ERROR [null] : Assertion [@StatusCode == 200 AND @Response.errors == false] resolved-to [403 == 200 AND == false] result [Failed] 2019-01-24 10:18:00 DEBUG [BranchCreateUserAInitAbac_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjQ3MGEzNDQtNTQ1MS00YzUwLWExYWMtZTkxMzYxN2Y5MGM0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 10:18:00 GMT]}] 2019-01-24 10:18:00 DEBUG [BranchCreateUserAInitAbac_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjQ3MGEzNDQtNTQ1MS00YzUwLWExYWMtZTkxMzYxN2Y5MGM0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 10:18:00 GMT]}] 2019-01-24 10:18:00 DEBUG [BranchCreateUserAInitAbac_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjQ3MGEzNDQtNTQ1MS00YzUwLWExYWMtZTkxMzYxN2Y5MGM0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 10:18:00 GMT]}] 2019-01-24 10:18:00 DEBUG [BranchCreateUserAInitAbac_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjQ3MGEzNDQtNTQ1MS00YzUwLWExYWMtZTkxMzYxN2Y5MGM0; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 10:18:00 GMT]}] 2019-01-24 10:18:01 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : URL [http://54.215.136.217/api/v1/branches/] 2019-01-24 10:18:01 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Method [DELETE] 2019-01-24 10:18:01 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Request [] 2019-01-24 10:18:01 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjRAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 10:18:01 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Response [{ "timestamp" : "2019-01-24T10:18:02.188+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/branches/" }] 2019-01-24 10:18:01 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Zjg5YTQ4ZWUtMDg3Yi00ZjljLTk1N2MtMzU5MTJmOWZiNmVm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 10:18:01 GMT]}] 2019-01-24 10:18:01 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : StatusCode [405] 2019-01-24 10:18:01 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Time [1405] 2019-01-24 10:18:01 DEBUG [ApiV1BranchesIdDeleteUsercDisallowAbac] : Size [163] 2019-01-24 10:18:01 ERROR [ApiV1BranchesIdDeleteUsercDisallowAbac] : Assertion [@StatusCode == 401 OR @StatusCode == 403 OR @Response.errors == true] resolved-to [405 == 401 OR 405 == 403 OR == true] result [Failed] 2019-01-24 10:18:03 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : URL [http://54.215.136.217/api/v1/branches/] 2019-01-24 10:18:03 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Method [DELETE] 2019-01-24 10:18:03 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Request [null] 2019-01-24 10:18:03 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjJAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 10:18:03 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Response [{ "timestamp" : "2019-01-24T10:18:03.753+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/branches/" }] 2019-01-24 10:18:03 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=MWNkZWZjYTctYTRiNS00ZWM3LTg3MTYtNWJlNjhiOGU3Mzc1; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 10:18:03 GMT]}] 2019-01-24 10:18:03 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : StatusCode [405] 2019-01-24 10:18:03 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Time [1593] 2019-01-24 10:18:03 DEBUG [ApiV1BranchesIdDeleteAbstractAbac] : Size [163] 2019-01-24 10:18:03 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]

--- FX Bot ---