-
Notifications
You must be signed in to change notification settings - Fork 75
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Request for Guidance: Writing a Functional Fuzzer for OpenAPI Specs with Missing Keys #81
Comments
I'm not sure I understand the question. Can you please provide additional context with a more detailed example. |
Sure @en-milie, here is the curl command sample for the above request.
This is a valid body. As a content-type as json, the body is expected to have a JSON object, array or literal. |
Hi @beam-me-up. I want to resume this issue. And want to check if my understanding is correct. You would like to be able to check if a certain request body is missing fields that you would typically expect? And deduct this from the endpoint name and http method? Or specify the expected fields in the functional fuzzer file?
Thanks! |
Hi @en-milie, Apologies for the delay. For a request like this:
If there's no JSON payload and only raw content in the body, I was curious if Functional Fuzzer supports testing this scenario. It's not a mandatory requirement. A simple "yes" or "no" response would be sufficient, and we can close this accordingly. |
Currently it's a 'no'. |
I'm interested in learning how to write a functional fuzzer for OpenAPI specifications that lack keys. To illustrate, I have provided a sample OpenAPI spec below:
In this example, the OpenAPI spec is missing keys that are typically present. I would greatly appreciate some guidance or best practices on how to approach fuzzing such specifications effectively.
The text was updated successfully, but these errors were encountered: