How this template works
The API selection filters in this template specify the criteria for selecting the API requests to be executed. It filters the requests based on the response code (between 200 and 299), extracts the URL into a variable, checks if the response payload contains the HTML doctype, and ensures that the method is GET.
The execute section of the template defines the type of execution as "single" and includes a list of requests to be executed. In this case, there is only one request defined. It adds a custom header to the request, modifies the URL by appending a slash and then replacing any trailing slashes with '/random-url'.
The validation section specifies the criteria for validating the response of the executed request. In this template, it checks if the response payload contains the string "akto'". If the response payload contains this string, the validation is considered successful.
Frequently asked questions
What is the purpose of adding a random header to a request for a non-existent page in this test
How does this test help in identifying security misconfigurations related to header reflection in invalid URLs
What is the impact of finding an XSS vulnerability on the website during this test
What are the selection filters used in this test to determine which requests to include
How is the URL modified in this test
What is the validation criteria for a successful test execution