Skip to content

http oracle - invalid allow#1604

Merged
arcuri82 merged 4 commits into
masterfrom
invalid-allow
Jun 29, 2026
Merged

http oracle - invalid allow#1604
arcuri82 merged 4 commits into
masterfrom
invalid-allow

Conversation

@omursahin

@omursahin omursahin commented Jun 22, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

Example test:

/**
* Calls:
* (200) OPTIONS:/api/products/{id}
* Found 1 potential fault of type-code 919
*/
@Test @Timeout(60)
fun test_5_optionsOnProductInvalidAllow()  {
    
    // Fault919. Invalid allow.
    given().accept("*/*")
            .options("${baseUrlOfSut}/api/products/771")
            .then()
            .statusCode(200)
            .assertThat()
            // .header("Allow", "HEAD,DELETE,GET,OPTIONS,PUT")
            .body(isEmptyOrNullString())
}

@omursahin omursahin changed the title Invalid allow http oracle - invalid allow Jun 22, 2026
@omursahin omursahin requested a review from arcuri82 June 23, 2026 19:34
arcuri82
arcuri82 requested changes Jun 26, 2026
View reviewed changes
Comment thread core/src/main/kotlin/org/evomaster/core/problem/rest/service/fitness/AbstractRestFitness.kt
if (a.verb != HttpVerb.OPTIONS) continue

val r = actionResults.find { it.sourceLocalId == a.getLocalId() } as RestCallResult? ?: continue
val allowed = r.getAllowedVerbs() ?: continue

@arcuri82 arcuri82 Jun 26, 2026

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

in comment, add ref to https://httpwg.org/specs/rfc9110.html#OPTIONS, clarifying that Allow is not mandatory. so that, if missing, we CANNOT count it as a fault

Comment thread core/src/main/kotlin/org/evomaster/core/problem/rest/service/fitness/AbstractRestFitness.kt Outdated
val category = ExperimentalFaultCategory.HTTP_INVALID_ALLOW
val scenarioId = idMapper.handleLocalTarget(idMapper.getFaultDescriptiveId(category, a.getName()))
fv.updateTarget(scenarioId, 1.0, index)
r.addFault(DetectedFault(category, a.getName(), null))

@arcuri82 arcuri82 Jun 26, 2026

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

add in localMessage as input here the info on extra and missing

@omursahin omursahin requested a review from arcuri82 June 28, 2026 16:35
@arcuri82 arcuri82 merged commit b74acec into master Jun 29, 2026
29 checks passed
@arcuri82 arcuri82 deleted the invalid-allow branch June 29, 2026 07:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@arcuri82 arcuri82 arcuri82 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@omursahin @arcuri82