Added code for XSS post

src/test/java/gui/headlessfirefox/firefox/test/HeadlessFirefoxDemoTest.java → src/test/java/gui/headlessfirefox/test/HeadlessFirefoxDemoTest.java

@@ -1,7 +1,7 @@
-package gui.headlessfirefox.firefox.test;
+package gui.headlessfirefox.test;
 
 import gui.browsermobproxy.pages.AwesomeTestingPage;
-import gui.headlessfirefox.firefox.utils.FirefoxManipulator;
+import gui.headlessfirefox.utils.FirefoxManipulator;
 import org.fluentlenium.core.annotation.Page;
 import org.testng.annotations.Test;
 

src/test/java/gui/headlessfirefox/firefox/utils/FirefoxManipulator.java → src/test/java/gui/headlessfirefox/utils/FirefoxManipulator.java

@@ -1,4 +1,4 @@
-package gui.headlessfirefox.firefox.utils;
+package gui.headlessfirefox.utils;
 
 import org.apache.commons.lang3.SystemUtils;
 import org.fluentlenium.adapter.testng.FluentTestNg;

src/test/java/gui/xss/pages/XssGameLevelOnePage.java

@@ -0,0 +1,47 @@
+package gui.xss.pages;
+
+import org.fluentlenium.core.FluentPage;
+import org.fluentlenium.core.annotation.PageUrl;
+import org.fluentlenium.core.domain.FluentWebElement;
+import org.openqa.selenium.TimeoutException;
+import org.openqa.selenium.support.FindBy;
+import org.openqa.selenium.support.ui.ExpectedConditions;
+import org.openqa.selenium.support.ui.WebDriverWait;
+
+import java.util.concurrent.TimeUnit;
+
+@PageUrl("https://xss-game.appspot.com/level1/frame")
+public class XssGameLevelOnePage extends FluentPage {
+
+    @FindBy(id = "level1")
+    private FluentWebElement body;
+
+    @FindBy(id = "query")
+    private FluentWebElement queryInput;
+
+    @FindBy(id = "button")
+    private FluentWebElement sarchButton;
+
+    @Override
+    public void isAt() {
+        await().atMost(5, TimeUnit.SECONDS).until(body).displayed();
+    }
+
+    public void searchFor(String content) {
+        queryInput.fill().with(content);
+        sarchButton.click();
+    }
+
+    public boolean isAlertDisplayed() {
+        boolean foundAlert;
+        WebDriverWait wait = new WebDriverWait(getDriver(), 2);
+        try {
+            wait.until(ExpectedConditions.alertIsPresent());
+            foundAlert = true;
+        } catch (TimeoutException e) {
+            foundAlert = false;
+        }
+        return foundAlert;
+    }
+
+}

src/test/java/gui/xss/test/XssGameTest.java

@@ -0,0 +1,41 @@
+package gui.xss.test;
+
+import gui.xss.pages.XssGameLevelOnePage;
+import gui.xss.utils.XssDisabledChromeConfig;
+import org.apache.commons.lang3.SystemUtils;
+import org.fluentlenium.core.annotation.Page;
+import org.testng.annotations.BeforeTest;
+import org.testng.annotations.Test;
+
+import java.util.concurrent.TimeUnit;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+/**
+ * See more at http://awesome-testing.com
+ */
+public class XssGameTest extends XssDisabledChromeConfig {
+
+    private static final String MY_CHROME_PATH = "C:\\drivers\\chromedriver.exe";
+
+    private static final String XSS_CONTENT = "<script>alert(\"1\");</script>";
+
+    @BeforeTest
+    public void setUp() {
+        if (SystemUtils.IS_OS_WINDOWS) {
+            System.setProperty("webdriver.chrome.driver", MY_CHROME_PATH);
+        }
+    }
+
+    @Page
+    private XssGameLevelOnePage xssGameLevelOnePage;
+
+    @Test
+    public void xssShouldNotWork() {
+        goTo(xssGameLevelOnePage).isAt();
+
+        xssGameLevelOnePage.searchFor(XSS_CONTENT);
+
+        assertThat(xssGameLevelOnePage.isAlertDisplayed()).isFalse();
+    }
+}

src/test/java/gui/xss/utils/XssDisabledChromeConfig.java

@@ -0,0 +1,39 @@
+package gui.xss.utils;
+
+import org.fluentlenium.adapter.testng.FluentTestNg;
+import org.openqa.selenium.WebDriver;
+import org.openqa.selenium.chrome.ChromeDriver;
+import org.openqa.selenium.chrome.ChromeOptions;
+import org.openqa.selenium.remote.DesiredCapabilities;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class XssDisabledChromeConfig extends FluentTestNg {
+
+    private static final String DISABLE_XSS_AUDITOR = "--disable-xss-auditor";
+
+    @Override
+    public WebDriver newWebDriver() {
+        return new ChromeDriver(getChromeCapabilities());
+    }
+
+    private DesiredCapabilities getChromeCapabilities() {
+        DesiredCapabilities capabilities = DesiredCapabilities.chrome();
+        capabilities.setCapability(ChromeOptions.CAPABILITY, getChromeOptions());
+        return capabilities;
+    }
+
+    private ChromeOptions getChromeOptions() {
+        ChromeOptions options = new ChromeOptions();
+        options.addArguments(getChromeSwitches());
+        return options;
+    }
+
+    private List<String> getChromeSwitches() {
+        List<String> chromeSwitches = new ArrayList<>();
+        chromeSwitches.add(DISABLE_XSS_AUDITOR);
+        return chromeSwitches;
+    }
+
+}