Merge pull request #51 from chrismo/readme_for_capybara
Additions to README
This commit is contained in:
Ken Johnson
@@ -19,7 +19,24 @@
|
||||
|
||||
Start hacking!!!
|
||||
|
||||
### Running Capybara Tests ###
|
||||
|
||||
RailsGoat now includes a set of _failing_ Capybara RSpecs, each one indicating a separate vulnerability exists
|
||||
in the application.
|
||||
|
||||
To run them, though, you'll first need to [install PhantomJS](https://github.com/jonleighton/poltergeist#installing-phantomjs),
|
||||
which is required by the Poltergeist Capybara driver. Then just rake:
|
||||
|
||||
rake
|
||||
|
||||
NOTE: As vulnerabilities are fixed in the application, these specs won't change from to passing but to _pending_.
|
||||
|
||||
### Developer Note ###
|
||||
|
||||
As changes are made to the application, the Capybara RSpecs can be used to verify the vulnerabilities
|
||||
in the application are still intact. To use them in this way, and have them _pass_ instead of fail,
|
||||
set the `RAILSGOAT_MAINTAINER` environment variable.
|
||||
|
||||
<p/>
|
||||
Conversion to the OWASP Top 10, 2013 is under way.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user