diff --git a/spec/vulnerabilities/broken_auth_spec.rb b/spec/vulnerabilities/broken_auth_spec.rb index 4a89b0f..fc6f603 100644 --- a/spec/vulnerabilities/broken_auth_spec.rb +++ b/spec/vulnerabilities/broken_auth_spec.rb @@ -7,7 +7,7 @@ feature "broken_auth" do before do UserFixture.reset_all_users - pending unless verifying_fixed? + skip unless verifying_fixed? end scenario "one\nTutorial: https://github.com/OWASP/railsgoat/wiki/A2-Credential-Enumeration" do diff --git a/spec/vulnerabilities/command_injection_spec.rb b/spec/vulnerabilities/command_injection_spec.rb index 02d3ff6..5cfb185 100644 --- a/spec/vulnerabilities/command_injection_spec.rb +++ b/spec/vulnerabilities/command_injection_spec.rb @@ -7,7 +7,7 @@ feature "command injection" do before do UserFixture.reset_all_users - pending unless verifying_fixed? + skip unless verifying_fixed? end scenario "attack\nTutorial: https://github.com/OWASP/railsgoat/wiki/A1-Command-Injection", js: true do diff --git a/spec/vulnerabilities/csrf_spec.rb b/spec/vulnerabilities/csrf_spec.rb index d876dab..e25b0fa 100644 --- a/spec/vulnerabilities/csrf_spec.rb +++ b/spec/vulnerabilities/csrf_spec.rb @@ -7,7 +7,7 @@ feature "csrf" do before(:each) do UserFixture.reset_all_users - pending unless verifying_fixed? + skip unless verifying_fixed? end scenario "attack\nTutorial: https://github.com/OWASP/railsgoat/wiki/R4-A8-CSRF", js: true do diff --git a/spec/vulnerabilities/insecure_dor_spec.rb b/spec/vulnerabilities/insecure_dor_spec.rb index 50e5854..dceb143 100644 --- a/spec/vulnerabilities/insecure_dor_spec.rb +++ b/spec/vulnerabilities/insecure_dor_spec.rb @@ -7,7 +7,7 @@ feature "insecure direct object reference" do before do UserFixture.reset_all_users - pending unless verifying_fixed? + skip unless verifying_fixed? end scenario "attack one" do diff --git a/spec/vulnerabilities/mass_assignment_spec.rb b/spec/vulnerabilities/mass_assignment_spec.rb index 5b40ca0..3936707 100644 --- a/spec/vulnerabilities/mass_assignment_spec.rb +++ b/spec/vulnerabilities/mass_assignment_spec.rb @@ -6,7 +6,7 @@ feature "mass assignment" do before do UserFixture.reset_all_users - pending unless verifying_fixed? + skip unless verifying_fixed? end scenario "attack one" do diff --git a/spec/vulnerabilities/password_complexity_spec.rb b/spec/vulnerabilities/password_complexity_spec.rb index b1b4c6e..1490bc8 100644 --- a/spec/vulnerabilities/password_complexity_spec.rb +++ b/spec/vulnerabilities/password_complexity_spec.rb @@ -6,7 +6,7 @@ feature "password complexity" do before do UserFixture.reset_all_users - pending unless verifying_fixed? + skip unless verifying_fixed? end scenario "one\nTutorial: https://github.com/OWASP/railsgoat/wiki/A2-Lack-of-Password-Complexity" do diff --git a/spec/vulnerabilities/sensitive_data_exposure.rb b/spec/vulnerabilities/sensitive_data_exposure.rb index 9d9380b..c5b8eb7 100644 --- a/spec/vulnerabilities/sensitive_data_exposure.rb +++ b/spec/vulnerabilities/sensitive_data_exposure.rb @@ -9,7 +9,7 @@ feature "sensitive data exposure" do UserFixture.reset_all_users normal_user.work_info.update(:SSN, user_ssn) - pending unless verifying_fixed? + skip unless verifying_fixed? end # this won't work with javascript_driver, as it'll apply the javascript diff --git a/spec/vulnerabilities/sql_injection_spec.rb b/spec/vulnerabilities/sql_injection_spec.rb index 3196975..6c20f7d 100644 --- a/spec/vulnerabilities/sql_injection_spec.rb +++ b/spec/vulnerabilities/sql_injection_spec.rb @@ -7,7 +7,7 @@ feature "sql injection" do before do UserFixture.reset_all_users - pending unless verifying_fixed? + skip unless verifying_fixed? end scenario "attack\nTutorial: https://github.com/OWASP/railsgoat/wiki/R5-A1-SQL-Injection-Concatentation" do diff --git a/spec/vulnerabilities/unvalidated_redirects_spec.rb b/spec/vulnerabilities/unvalidated_redirects_spec.rb index 724c256..b40d924 100644 --- a/spec/vulnerabilities/unvalidated_redirects_spec.rb +++ b/spec/vulnerabilities/unvalidated_redirects_spec.rb @@ -7,7 +7,7 @@ feature "unvalidated redirect" do before do UserFixture.reset_all_users - pending unless verifying_fixed? + skip unless verifying_fixed? end scenario "attack\nTutorial: https://github.com/OWASP/railsgoat/wiki/A10-Unvalidated-Redirects-and-Forwards-(redirect_to)", js: true do diff --git a/spec/vulnerabilities/url_access_spec.rb b/spec/vulnerabilities/url_access_spec.rb index 4fa70ce..161cb51 100644 --- a/spec/vulnerabilities/url_access_spec.rb +++ b/spec/vulnerabilities/url_access_spec.rb @@ -7,7 +7,7 @@ feature "url access" do before do UserFixture.reset_all_users - pending unless verifying_fixed? + skip unless verifying_fixed? end scenario "attack\nTutorial: https://github.com/OWASP/railsgoat/wiki/A7-Missing-Function-Level-Access-Control--(Admin-Controller)", js: true do diff --git a/spec/vulnerabilities/xss_spec.rb b/spec/vulnerabilities/xss_spec.rb index 0d13852..0862520 100644 --- a/spec/vulnerabilities/xss_spec.rb +++ b/spec/vulnerabilities/xss_spec.rb @@ -7,7 +7,7 @@ feature "xss" do before(:each) do UserFixture.reset_all_users - pending unless verifying_fixed? + skip unless verifying_fixed? end scenario "attack\nTutorial: https://github.com/OWASP/railsgoat/wiki/A3-Cross-Site-Scripting", js: true do