search

jaleelsyed / online-banking

0 stars 0 forks source link

online banking app : ApiV1OrgsIdDeleteUsercDisallowAbac #22

Open jaleelsyed opened 5 years ago

jaleelsyed commented 5 years ago

Project : online banking app

Job : Default

Env : Default

Category : ABAC_Level1

Tags : [FX Top 10 - API Vulnerability, Data_Access_Control]

Severity : Major

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 405

Headers : {Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZDQ4ZmQxMjctOWNmNC00MWVmLTg2NTgtOTlhYWVmNGFjZGFm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:54:01 GMT]}

Endpoint : http://54.215.136.217/api/v1/orgs/

Request :

Response :
{ "timestamp" : "2019-01-24T04:54:01.739+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }

Logs :
2019-01-24 04:54:00 DEBUG [ OrgCreateUserAInitAbac] : URL [http://54.215.136.217/api/v1/orgs] 2019-01-24 04:54:00 DEBUG [ OrgCreateUserAInitAbac] : Method [POST] 2019-01-24 04:54:00 DEBUG [ OrgCreateUserAInitAbac] : Request [{ "billingEmail" : "larue.lesch@yahoo.com", "company" : "Willms and Sons", "createdBy" : "", "createdDate" : "", "description" : "v8nVchhZ", "id" : "", "inactive" : false, "location" : "v8nVchhZ", "modifiedBy" : "", "modifiedDate" : "", "name" : "v8nVchhZ", "orgPlan" : "BUSINESS", "orgType" : "ENTERPRISE", "version" : "" }] 2019-01-24 04:54:00 DEBUG [ OrgCreateUserAInitAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjJAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 04:54:00 DEBUG [ OrgCreateUserAInitAbac] : Response [{ "timestamp" : "2019-01-24T04:54:00.839+0000", "status" : 403, "error" : "Forbidden", "message" : "Forbidden", "path" : "/api/v1/orgs" }] 2019-01-24 04:54:00 DEBUG [ OrgCreateUserAInitAbac] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODQ3NzM3ZDMtOThlYy00MGI2LWEyMTgtYjU2MzU4YjhmZThi; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:54:00 GMT]}] 2019-01-24 04:54:00 DEBUG [ OrgCreateUserAInitAbac] : StatusCode [403] 2019-01-24 04:54:00 DEBUG [ OrgCreateUserAInitAbac] : Time [765] 2019-01-24 04:54:00 DEBUG [ OrgCreateUserAInitAbac] : Size [121] 2019-01-24 04:54:00 ERROR [null] : Assertion [@StatusCode == 200 AND @Response.errors == false] resolved-to [403 == 200 AND == false] result [Failed] 2019-01-24 04:54:00 DEBUG [OrgCreateUserAInitAbac_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODQ3NzM3ZDMtOThlYy00MGI2LWEyMTgtYjU2MzU4YjhmZThi; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:54:00 GMT]}] 2019-01-24 04:54:00 DEBUG [OrgCreateUserAInitAbac_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODQ3NzM3ZDMtOThlYy00MGI2LWEyMTgtYjU2MzU4YjhmZThi; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:54:00 GMT]}] 2019-01-24 04:54:00 DEBUG [OrgCreateUserAInitAbac_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODQ3NzM3ZDMtOThlYy00MGI2LWEyMTgtYjU2MzU4YjhmZThi; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:54:00 GMT]}] 2019-01-24 04:54:00 DEBUG [OrgCreateUserAInitAbac_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ODQ3NzM3ZDMtOThlYy00MGI2LWEyMTgtYjU2MzU4YjhmZThi; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:54:00 GMT]}] 2019-01-24 04:54:01 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : URL [http://54.215.136.217/api/v1/orgs/] 2019-01-24 04:54:01 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Method [DELETE] 2019-01-24 04:54:01 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Request [] 2019-01-24 04:54:01 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjRAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 04:54:01 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Response [{ "timestamp" : "2019-01-24T04:54:01.739+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }] 2019-01-24 04:54:01 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZDQ4ZmQxMjctOWNmNC00MWVmLTg2NTgtOTlhYWVmNGFjZGFm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:54:01 GMT]}] 2019-01-24 04:54:01 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : StatusCode [405] 2019-01-24 04:54:01 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Time [945] 2019-01-24 04:54:01 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Size [159] 2019-01-24 04:54:01 ERROR [ApiV1OrgsIdDeleteUsercDisallowAbac] : Assertion [@StatusCode == 401 OR @StatusCode == 403 OR @Response.errors == true] resolved-to [405 == 401 OR 405 == 403 OR == true] result [Failed] 2019-01-24 04:54:02 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : URL [http://54.215.136.217/api/v1/orgs/] 2019-01-24 04:54:02 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Method [DELETE] 2019-01-24 04:54:02 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Request [null] 2019-01-24 04:54:02 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjJAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 04:54:02 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Response [{ "timestamp" : "2019-01-24T04:54:02.612+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }] 2019-01-24 04:54:02 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZjkzMTg4MTctOWE1NC00MjU1LTgwN2EtOGY4NzczYTNkYzJk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:54:01 GMT]}] 2019-01-24 04:54:02 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : StatusCode [405] 2019-01-24 04:54:02 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Time [815] 2019-01-24 04:54:02 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Size [159] 2019-01-24 04:54:02 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]

--- FX Bot ---

jaleelsyed commented 5 years ago

Project : online banking app

Job : Default

Env : Default

Message : This issue is manually closed from FX control plane.

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 405

Headers : {Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZDQ4ZmQxMjctOWNmNC00MWVmLTg2NTgtOTlhYWVmNGFjZGFm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 04:54:01 GMT]}

Endpoint : http://54.215.136.217/api/v1/orgs/

Request :

Response :
{ "timestamp" : "2019-01-24T04:54:01.739+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }

Logs :
Assertion [@StatusCode == 401 OR @StatusCode == 403 OR @Response.errors == true] resolved-to [405 == 401 OR 405 == 403 OR == true] result [Failed] --- FX Bot ---

jaleelsyed commented 5 years ago

Message : null

Project : online banking app

Job : Default

Env : Default

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 405

Headers : {Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OWFjMmE0M2UtMzFjZC00YjY2LTk1N2QtMzY4M2ZjNzU0YmZk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:28:55 GMT]}

Endpoint : http://54.215.136.217/api/v1/orgs/

Request :

Response :
{ "timestamp" : "2019-01-24T09:28:56.079+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }

Logs :
Assertion [@StatusCode == 401 OR @StatusCode == 403 OR @Response.errors == true] resolved-to [405 == 401 OR 405 == 403 OR == true] result [Failed] --- FX Bot ---

jaleelsyed commented 5 years ago

Message : This issue is manually closed from FX control plane.

Project : online banking app

Job : Default

Env : Default

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 405

Headers : {Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=OWFjMmE0M2UtMzFjZC00YjY2LTk1N2QtMzY4M2ZjNzU0YmZk; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:28:55 GMT]}

Endpoint : http://54.215.136.217/api/v1/orgs/

Request :

Response :
{ "timestamp" : "2019-01-24T09:28:56.079+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }

Logs :
Assertion [@StatusCode == 401 OR @StatusCode == 403 OR @Response.errors == true] resolved-to [405 == 401 OR 405 == 403 OR == true] result [Failed] --- FX Bot ---

jaleelsyed commented 5 years ago

Message : null

Project : online banking app

Job : Default

Env : Default

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 405

Headers : {Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZDU4YTdlZDMtMTYzZC00OTViLTk3YmItNjQ4MmQ3ODI1Zjlm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:45:07 GMT]}

Endpoint : http://54.215.136.217/api/v1/orgs/

Request :

Response :
{ "timestamp" : "2019-01-24T09:45:07.521+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }

Logs :
2019-01-24 09:45:05 DEBUG [ OrgCreateUserAInitAbac] : URL [http://54.215.136.217/api/v1/orgs] 2019-01-24 09:45:05 DEBUG [ OrgCreateUserAInitAbac] : Method [POST] 2019-01-24 09:45:05 DEBUG [ OrgCreateUserAInitAbac] : Request [{ "billingEmail" : "florencio.yost@gmail.com", "company" : "Fay LLC", "createdBy" : "", "createdDate" : "", "description" : "YZHCl40b", "id" : "", "inactive" : false, "location" : "YZHCl40b", "modifiedBy" : "", "modifiedDate" : "", "name" : "YZHCl40b", "orgPlan" : "BUSINESS", "orgType" : "ENTERPRISE", "version" : "" }] 2019-01-24 09:45:05 DEBUG [ OrgCreateUserAInitAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjJAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 09:45:05 DEBUG [ OrgCreateUserAInitAbac] : Response [{ "timestamp" : "2019-01-24T09:45:06.237+0000", "status" : 403, "error" : "Forbidden", "message" : "Forbidden", "path" : "/api/v1/orgs" }] 2019-01-24 09:45:05 DEBUG [ OrgCreateUserAInitAbac] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZDc3YzA1YjItNjBlOS00OGMzLTk4NjAtMjk0ZDZiYjA4NmY3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:45:05 GMT]}] 2019-01-24 09:45:05 DEBUG [ OrgCreateUserAInitAbac] : StatusCode [403] 2019-01-24 09:45:05 DEBUG [ OrgCreateUserAInitAbac] : Time [1498] 2019-01-24 09:45:05 DEBUG [ OrgCreateUserAInitAbac] : Size [121] 2019-01-24 09:45:05 ERROR [null] : Assertion [@StatusCode == 200 AND @Response.errors == false] resolved-to [403 == 200 AND == false] result [Failed] 2019-01-24 09:45:05 DEBUG [OrgCreateUserAInitAbac_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZDc3YzA1YjItNjBlOS00OGMzLTk4NjAtMjk0ZDZiYjA4NmY3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:45:05 GMT]}] 2019-01-24 09:45:05 DEBUG [OrgCreateUserAInitAbac_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZDc3YzA1YjItNjBlOS00OGMzLTk4NjAtMjk0ZDZiYjA4NmY3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:45:05 GMT]}] 2019-01-24 09:45:05 DEBUG [OrgCreateUserAInitAbac_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZDc3YzA1YjItNjBlOS00OGMzLTk4NjAtMjk0ZDZiYjA4NmY3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:45:05 GMT]}] 2019-01-24 09:45:05 DEBUG [OrgCreateUserAInitAbac_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZDc3YzA1YjItNjBlOS00OGMzLTk4NjAtMjk0ZDZiYjA4NmY3; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:45:05 GMT]}] 2019-01-24 09:45:07 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : URL [http://54.215.136.217/api/v1/orgs/] 2019-01-24 09:45:07 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Method [DELETE] 2019-01-24 09:45:07 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Request [] 2019-01-24 09:45:07 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjRAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 09:45:07 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Response [{ "timestamp" : "2019-01-24T09:45:07.521+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }] 2019-01-24 09:45:07 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZDU4YTdlZDMtMTYzZC00OTViLTk3YmItNjQ4MmQ3ODI1Zjlm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:45:07 GMT]}] 2019-01-24 09:45:07 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : StatusCode [405] 2019-01-24 09:45:07 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Time [1366] 2019-01-24 09:45:07 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Size [159] 2019-01-24 09:45:07 ERROR [ApiV1OrgsIdDeleteUsercDisallowAbac] : Assertion [@StatusCode == 401 OR @StatusCode == 403 OR @Response.errors == true] resolved-to [405 == 401 OR 405 == 403 OR == true] result [Failed] 2019-01-24 09:45:08 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : URL [http://54.215.136.217/api/v1/orgs/] 2019-01-24 09:45:08 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Method [DELETE] 2019-01-24 09:45:08 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Request [null] 2019-01-24 09:45:08 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjJAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 09:45:08 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Response [{ "timestamp" : "2019-01-24T09:45:08.546+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }] 2019-01-24 09:45:08 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=Mzg2MmExYmMtNjk5YS00NjZlLWFmNjctZDY3Mzk2N2JjMmUx; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:45:08 GMT]}] 2019-01-24 09:45:08 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : StatusCode [405] 2019-01-24 09:45:08 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Time [1007] 2019-01-24 09:45:08 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Size [159] 2019-01-24 09:45:08 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]

--- FX Bot ---

jaleelsyed commented 5 years ago

Message : This issue is manually closed from FX control plane.

Project : online banking app

Job : Default

Env : Default

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 405

Headers : {Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZDU4YTdlZDMtMTYzZC00OTViLTk3YmItNjQ4MmQ3ODI1Zjlm; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 09:45:07 GMT]}

Endpoint : http://54.215.136.217/api/v1/orgs/

Request :

Response :
{ "timestamp" : "2019-01-24T09:45:07.521+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }

Logs :
Assertion [@StatusCode == 401 OR @StatusCode == 403 OR @Response.errors == true] resolved-to [405 == 401 OR 405 == 403 OR == true] result [Failed] --- FX Bot ---

jaleelsyed commented 5 years ago

Project : online banking app

Job : Default

Env : Default

Region : FXLabs/US_WEST_1

Result : fail

Status Code : 405

Headers : {Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZDBjZjZiNzEtZmMyMy00OGVhLTgzNWEtNDg1YTkwODdkNzNh; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 10:18:01 GMT]}

Endpoint : http://54.215.136.217/api/v1/orgs/

Request :

Response :
{ "timestamp" : "2019-01-24T10:18:02.400+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }

Logs :
2019-01-24 10:18:00 DEBUG [ OrgCreateUserAInitAbac] : URL [http://54.215.136.217/api/v1/orgs] 2019-01-24 10:18:00 DEBUG [ OrgCreateUserAInitAbac] : Method [POST] 2019-01-24 10:18:00 DEBUG [ OrgCreateUserAInitAbac] : Request [{ "billingEmail" : "vivienne.macgyver@yahoo.com", "company" : "Koss-Koss", "createdBy" : "", "createdDate" : "", "description" : "iSdG3ajq", "id" : "", "inactive" : false, "location" : "iSdG3ajq", "modifiedBy" : "", "modifiedDate" : "", "name" : "iSdG3ajq", "orgPlan" : "BUSINESS", "orgType" : "ENTERPRISE", "version" : "" }] 2019-01-24 10:18:00 DEBUG [ OrgCreateUserAInitAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjJAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 10:18:00 DEBUG [ OrgCreateUserAInitAbac] : Response [{ "timestamp" : "2019-01-24T10:18:01.024+0000", "status" : 403, "error" : "Forbidden", "message" : "Forbidden", "path" : "/api/v1/orgs" }] 2019-01-24 10:18:00 DEBUG [ OrgCreateUserAInitAbac] : Response-Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NTk1ZWI1MzQtN2M2OC00MDU1LWJlYjQtYjc0ZjhjNzliODQw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 10:18:00 GMT]}] 2019-01-24 10:18:00 DEBUG [ OrgCreateUserAInitAbac] : StatusCode [403] 2019-01-24 10:18:00 DEBUG [ OrgCreateUserAInitAbac] : Time [1333] 2019-01-24 10:18:00 DEBUG [ OrgCreateUserAInitAbac] : Size [121] 2019-01-24 10:18:00 ERROR [null] : Assertion [@StatusCode == 200 AND @Response.errors == false] resolved-to [403 == 200 AND == false] result [Failed] 2019-01-24 10:18:00 DEBUG [OrgCreateUserAInitAbac_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NTk1ZWI1MzQtN2M2OC00MDU1LWJlYjQtYjc0ZjhjNzliODQw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 10:18:00 GMT]}] 2019-01-24 10:18:00 DEBUG [OrgCreateUserAInitAbac_Headers] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NTk1ZWI1MzQtN2M2OC00MDU1LWJlYjQtYjc0ZjhjNzliODQw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 10:18:00 GMT]}] 2019-01-24 10:18:00 DEBUG [OrgCreateUserAInitAbac_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NTk1ZWI1MzQtN2M2OC00MDU1LWJlYjQtYjc0ZjhjNzliODQw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 10:18:00 GMT]}] 2019-01-24 10:18:00 DEBUG [OrgCreateUserAInitAbac_Headers[2]] : Headers [{X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=NTk1ZWI1MzQtN2M2OC00MDU1LWJlYjQtYjc0ZjhjNzliODQw; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 10:18:00 GMT]}] 2019-01-24 10:18:02 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : URL [http://54.215.136.217/api/v1/orgs/] 2019-01-24 10:18:02 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Method [DELETE] 2019-01-24 10:18:02 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Request [] 2019-01-24 10:18:02 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjRAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 10:18:02 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Response [{ "timestamp" : "2019-01-24T10:18:02.400+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }] 2019-01-24 10:18:02 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZDBjZjZiNzEtZmMyMy00OGVhLTgzNWEtNDg1YTkwODdkNzNh; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 10:18:01 GMT]}] 2019-01-24 10:18:02 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : StatusCode [405] 2019-01-24 10:18:02 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Time [1361] 2019-01-24 10:18:02 DEBUG [ApiV1OrgsIdDeleteUsercDisallowAbac] : Size [159] 2019-01-24 10:18:02 ERROR [ApiV1OrgsIdDeleteUsercDisallowAbac] : Assertion [@StatusCode == 401 OR @StatusCode == 403 OR @Response.errors == true] resolved-to [405 == 401 OR 405 == 403 OR == true] result [Failed] 2019-01-24 10:18:03 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : URL [http://54.215.136.217/api/v1/orgs/] 2019-01-24 10:18:03 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Method [DELETE] 2019-01-24 10:18:03 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Request [null] 2019-01-24 10:18:03 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Request-Headers [{Content-Type=[application/json], Accept=[application/json], Authorization=[Basic dXNlcjJAb25saW5lc3VwcG9ydC5pbzphZG1pbjEyMyQ=]}] 2019-01-24 10:18:03 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Response [{ "timestamp" : "2019-01-24T10:18:03.886+0000", "status" : 405, "error" : "Method Not Allowed", "message" : "Request method 'DELETE' not supported", "path" : "/api/v1/orgs/" }] 2019-01-24 10:18:03 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Response-Headers [{Allow=[GET, POST], X-Content-Type-Options=[nosniff], X-XSS-Protection=[1; mode=block], Cache-Control=[no-cache, no-store, max-age=0, must-revalidate], Pragma=[no-cache], Expires=[0], X-Frame-Options=[DENY], Set-Cookie=[SESSION=ZTRkN2Q4OTctNGJhOC00YTI4LWI5NDItOTg1NTMwNjMxOTdh; Path=/; HttpOnly], Content-Type=[application/json;charset=UTF-8], Transfer-Encoding=[chunked], Date=[Thu, 24 Jan 2019 10:18:03 GMT]}] 2019-01-24 10:18:03 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : StatusCode [405] 2019-01-24 10:18:03 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Time [1512] 2019-01-24 10:18:03 DEBUG [ApiV1OrgsIdDeleteAbstractAbac] : Size [159] 2019-01-24 10:18:03 ERROR [null] : Assertion [@StatusCode == 200] resolved-to [405 == 200] result [Failed]

--- FX Bot ---