@Test
public void Test19_index_page() {
tester.beginAt("index.php");
tester.setWorkingForm("login");
tester.setTextField("login", "0");
TestUtil.addFormTextField(
tester, "login", "page", "0'><a href='http://unitn.it'>XSS</a><br class='");
TestUtil.addFormSubmitButton(tester, "login");
tester.submit("submit");
tester.assertMatch("Today's Message");
tester.assertLinkNotPresentWithText("XSS");
}
@Test
public void Test19_AdminMain_page2() {
tester.beginAt("index.php");
tester.setTextField("username", TestKeys.USER_ADMIN);
tester.setTextField("password", TestKeys.PASSWORD_ADMIN);
TestUtil.addFormTextField(
tester, "login", "page2", "0'> <a href=\"http://unitn.it\">XSS</a> </ br '");
tester.submit();
tester.assertMatch("Manage Classes");
tester.assertLinkNotPresentWithText("XSS");
}
@Test
public void Test19_AddTerm_page2() {
tester.beginAt("index.php");
tester.setTextField("username", TestKeys.USER_ADMIN);
tester.setTextField("password", TestKeys.USER_ADMIN);
tester.submit();
tester.assertMatch("Manage Classes");
tester.clickLinkWithText("Terms");
tester.assertMatch("Manage Terms");
tester.setWorkingForm("terms");
tester.setTextField("page2", "8'> <a href=\"http://unitn.it\">XSS</a> </ br '");
tester.setTextField("page", "1");
// add submit button
TestUtil.addFormSubmitButton(tester, "terms");
tester.submit();
tester.assertMatch("Add New Term");
tester.assertLinkNotPresentWithText("XSS");
}