diff --git a/spec/support/capybara_shared.rb b/spec/support/capybara_shared.rb index e140dd4..132b50a 100644 --- a/spec/support/capybara_shared.rb +++ b/spec/support/capybara_shared.rb @@ -40,7 +40,9 @@ def login(user) fill_in 'email', :with => user.email fill_in 'password', :with => user.clear_password end - click_on 'Login' + within('.actions') do + click_on 'Login' + end end ##Hack to fix PhantomJS errors on Mavericks - https://gist.github.com/ericboehs/7125105 diff --git a/spec/vulnerabilities/broken_auth_spec.rb b/spec/vulnerabilities/broken_auth_spec.rb index e3548a6..300eb47 100644 --- a/spec/vulnerabilities/broken_auth_spec.rb +++ b/spec/vulnerabilities/broken_auth_spec.rb @@ -12,7 +12,9 @@ feature 'broken_auth' do fill_in 'email', :with => @normal_user.email + 'not' fill_in 'password', :with => @normal_user.clear_password end - click_on 'Login' + within('.actions') do + click_on 'Login' + end pending(:if => verifying_fixed?) { find('div#flash_notice').text.should == "#{@normal_user.email}not doesn't exist!" } end @@ -22,7 +24,9 @@ feature 'broken_auth' do fill_in 'email', :with => @normal_user.email fill_in 'password', :with => @normal_user.clear_password + 'not' end - click_on 'Login' + within('.actions') do + click_on 'Login' + end pending(:if => verifying_fixed?) { find('div#flash_notice').text.should == 'Incorrect Password!' } end end \ No newline at end of file diff --git a/spec/vulnerabilities/unvalidated_redirects_spec.rb b/spec/vulnerabilities/unvalidated_redirects_spec.rb index 82cdc47..0518a27 100644 --- a/spec/vulnerabilities/unvalidated_redirects_spec.rb +++ b/spec/vulnerabilities/unvalidated_redirects_spec.rb @@ -12,8 +12,9 @@ feature 'unvalidated redirect' do fill_in 'email', :with => @normal_user.email fill_in 'password', :with => @normal_user.clear_password end - click_on 'Login' - + within('.actions') do + click_on 'Login' + end pending(:if => verifying_fixed?) { current_url.should == 'http://example.com/do/evil/things' } end end \ No newline at end of file