Logo: Relish

  1. Sign in

Project: Website

Security

In order to ensure our site is not compromised
As a Web Administrator
I want to be defended against known vulnerabilities

Scenarios
SQL Injection attack
Given
I am logged in the web-site
And
I click on the Report button
When
I see a a field labelled Field
And
I fill in that field String
And
I click on submit
Then
the database is unaffected
Examples:
Field String
url "bbc.co.uk"; DROP TABLE Users
comment "bbc.co.uk"; DROP TABLE Users

Last published almost 5 years ago by RedFred.