Created
July 6, 2016 03:56
-
-
Save streichsbaer/0bb93f6c78921c159f1ae6a790d7c148 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @authentication | |
| Feature: Authentication | |
| Verify that the authentication system is robust | |
| [...] | |
| @cwe-319-auth | |
| Scenario: Transmit authentication credentials over HTTPS | |
| Given a new browser or client instance | |
| And the client/browser is configured to use an intercepting proxy | |
| And the proxy logs are cleared | |
| When the default user logs in | |
| And the HTTP request-response containing the default credentials is selected | |
| Then the protocol should be HTTPS |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment