team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixes #165

Browse Source
This commit is contained in:
cktricky
2016-06-09 22:33:53 -04:00
parent d1874789f2
commit 79c1ddd45d
12 changed files with 13 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files
spec/vulnerabilities/url_access_spec.rb
+1 -1
View File
@@ -6,7 +6,7 @@ feature 'url access' do
@normal_user = UserFixture.normal_user
end
scenario 'attack', :js => true do
scenario "attack\nTutorial: https://github.com/OWASP/railsgoat/wiki/A7-Missing-Function-Level-Access-Control--(Admin-Controller)", :js => true do
login @normal_user
visit '/admin/1/dashboard'