Non Rest HTTP Methods
| Item | Description |
|---|---|
| Full Fuzzer Name | NonRestHttpMethodsFuzzer |
| Log Key | NRHM |
| Description | This fuzzer will send happy path requests for HTTP methods not specific to REST APIs. The expectation is that APIs will reject the request. |
| Enabled by default? | Yes |
| Expected result | 405 |
| Fuzzing logic | Iteratively sends a happy path request for each path and the following HTTP methods: CONNECT, COPY, MOVE, PROPPATCH, PROPFIND, MKCOL, LOCK, UNLOCK, SEARCH, BIND, UNBIND, REBIND, MKREDIRECTREF, UPDATEREDIRECTREF, ORDERPATCH, ACL, REPORT |
| Conditions when this fuzzer will be skipped | None |
| HTTP methods that will be skipped | All REST HTTP methods |
| Reporting | Reports error if: 1. response code is 404; 2. response code is documented, but not expected; 3. any unexpected exception. Reports warn if: 1. response code is expected and documented, but not matches response schema; 2. response code is expected, but not documented; 3. response code is 501. Reports success if: 1. response code is expected, documented and matches response schema. |