我正在测试一些表单的模糊测试,以验证正确的响应。
现在,我的整个测试看起来像这样:
const app_config = require('../config/mainConfigs');
const request = require('supertest');
const nock = require('nock');
const expect = require('chai').expect;
const fuzzer = require('fuzzer');
process.env.TEST = true;
var app = require('../app/app');
var appRequest = request(app);
process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
//Run request tests
describe('Request Tests', () => {
before((done) => {
//load app
app.start().then(() => {
done();
});
});
describe('basic page request', () => {
it('should respond with 200 respond code', () => {
appRequest.get('/login')
.expect(200)
.expect('Content-Type', 'text/html; charset=utf-8')
.end((err, res) => {
if (err) throw err;
});
});
});
describe('Fuzz Test', () => {
describe('fuzzing login page with 1000 username/password permutations', () => {
fuzzer.seed(0);
it('should respond with 403 / invalid csrf token', async () => {
for(var i=0; i <= 1000; i++){
appRequest.post('/login')
.send({
username: fuzzer.mutate.string('fuzzfromhere'),
password: fuzzer.mutate.string('fuzzfromhere')
})
.expect((code) => {
if (code != 403 && code != 429) throw code;
})
.end((err, res) => {
if (err) throw err;
});
}
});
});
describe('fuzzing tokenizer page with 1000 random values', () => {
it('should respond with invalid number', () => {
// touch env to skip login and rate limiter
process.env.TEST = 'skipLogin,skipRateLimiter';
//get csrf to validate queries
appRequest.get('/tokenize')
.expect((response) => {
//test
console.log(`expect resp: ${response}`);
})
.end((err, res) => {
if (err) throw err;
console.error(`expect error: ${err}`);
});
});
});
});
//Tests completed, end server
after((done) => {
app.end().then(() => {
delete process.env.TEST;
done();
}).catch((err) => {
throw err;
});
});
});
如果你注意到,有3个测试,首先它加载登录页面(只是为了确保服务器响应),第二个是模糊登录页面,第三个是模糊另一个表单。但是,出于某种原因,第三次测试永远不会运行。我收到以下错误:
未捕获错误:ECONNREFUSED:连接被拒绝 在Test.assert(node_modules \ supertest \ lib \ test.js:165:15) 在assert(node_modules \ supertest \ lib \ test.js:131:12) 在C:\ Users ... \ src \ node_modules \ supertest \ lib \ test.js:128:5 在Test.Request.callback(node_modules \ supertest \ node_modules \ superagent \ lib \ node \ index.js:718:3) 在ClientRequest.req.once.err(node_modules \ supertest \ node_modules \ superagent \ lib \ node \ index.js:646:10) 在TLSSocket.socketErrorListener(_http_client.js:387:9) 在emitErrorNT(internal / streams / destroy.js:64:8) at _combinedTickCallback(internal / process / next_tick.js:138:11) at process._tickCallback(internal / process / next_tick.js:180:9)
我已经在使用&#34;解决方案&#34;提交here,没有任何变化。
知道可能导致这种情况的原因吗?