Hi Andres and list
>> This time I have to disagree. I think that this is not an
>> improvement, as we might find pages with text in German but parameter
>> names in English; and the user would (with the best intentions) set
>> the language to German and then the formFiller would fill the form in
>> a wrong way.
That's right, that's why i suggest that English should always be on and
that's what the help info says on the side of the button.
If you want we can disable the possibility to disable English.
>> Another issue that I see is that maybe in a big application we
>> have pages developed by different persons, one of them likes
>> parameters in english and the other in german.
That's correct. Then it should be set to German and English.
The problem I see, is if we add a lot more languages, the form filler
won't work anymore.
An example:
The word "address" in polish is "adres". Of course this field should be
filled with an address, let's say "londonstreet 10".
But in german, the recipient of something is called "adressat". So this
field should be filled with a name, like "Andres".
But if we add polish first, the formFiller will fill in a field named
"addressat"
with an address (because he found the polish "adres"), instead of
a name.
I'm sure there are better examples, but I hope you see what I mean.
What do you think?
cheers
floyd
________________________________
Von: Andres Riancho <andres.rian...@gmail.com>
An: Floyd Fuh <floyd_...@yahoo.de>
CC: w3af-develop@lists.sourceforge.net
Gesendet: Montag, den 21. Dezember 2009, 12:29:25 Uhr
Betreff: Re: [W3af-develop] FormFiller
Floyd,
On Mon, Dec 21, 2009 at 5:26 AM, Floyd Fuh <floyd_...@yahoo.de> wrote:
> Hi list
>
> I think I improved it again ;)
>
> I added a Language tab in configuration/miscellaneous, where you can
> specify the language of the web application which is tested. This way the
> form
> filler will only look for the words in the given language(s). I added German
> and more languages should be added (we have english, german, spanish,
> portuguese).
This time I have to disagree. I think that this is not an
improvement, as we might find pages with text in German but parameter
names in English; and the user would (with the best intentions) set
the language to German and then the formFiller would fill the form in
a wrong way.
Another issue that I see is that maybe in a big application we
have pages developed by different persons, one of them likes
parameters in english and the other in german.
But your contribution was not useless! I added the parameter names
in German to the SVN version of the formFiller. Thank you very much
for your continious contributions! =)
PS: Please read the private email I sent you the other day
> ATM the language option is only used for the form filler, but maybe it could
> be used
> somewhere else as well?
>
> See the attached files core.data.fuzzer.formFiller and
> core.controllers.miscSettings
>
> cheers
> floyd
>
>
> ________________________________
> Von: Andres Riancho <andres.rian...@gmail.com>
> An: Floyd Fuh <floyd_...@yahoo.de>
> CC: w3af-develop@lists.sourceforge.net
> Gesendet: Donnerstag, den 17. Dezember 2009, 17:10:23 Uhr
> Betreff: Re: [W3af-develop] FormFiller
>
> Floyd,
>
> On Thu, Dec 17, 2009 at 12:18 PM, Floyd Fuh <floyd_...@yahoo.de> wrote:
>> Hi list
>>
>> I had a look at the core.data.fuzzer.formFiller. Wouldn't it be better if
>> a password field is always filled with the same value (for example
>> w3af-FrAmEW0rK.)?
>> Because sometimes you have to fill in the same password twice (for example
>> in a register
>> form). I did it for my local version and it works fine.
>
> Thats a great idea! =)
> I love these small modifications that make the framework a little
> bit smarter =) If you have more of these, please let me know.
>
>> I attached the modified file
>
> I reviewed your code, and commited it without any modifications.
> Thank you very much =)
>
>> cheers
>> floyd
>>
>> __________________________________________________
>> Do You Yahoo!?
>> Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden Schutz
>> gegen Massenmails.
>> http://mail..yahoo.com
>>
>> ------------------------------------------------------------------------------
>> This SF.Net email is sponsored by the Verizon Developer Community
>> Take advantage of Verizon's best-in-class app development support
>> A streamlined, 14 day to market process makes app distribution fast and
>> easy
>> Join now and get one step closer to millions of Verizon customers
>> http://p.sf.net/sfu/verizon-dev2dev
>> _______________________________________________
>> W3af-develop mailing list
>> W3af-develop@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/w3af-develop
>>
>>
>
>
>
> --
> Andrés Riancho
> Founder, Bonsai - Information Security
> http://www.bonsai-sec.com/
> http://w3af.sf.net/
>
> ------------------------------------------------------------------------------
> This SF.Net email is sponsored by the Verizon Developer Community
> Take advantage of Verizon's best-in-class app development support
> A streamlined, 14 day to market process makes app distribution fast and easy
> Join now and get one step closer to millions of Verizon customers
> http://p.sf.net/sfu/verizon-dev2dev
> _______________________________________________
> W3af-develop mailing list
> W3af-develop@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/w3af-develop
>
> __________________________________________________
> Do You Yahoo!?
> Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden Schutz
> gegen Massenmails.
> http://mail.yahoo.com
> ------------------------------------------------------------------------------
> This SF.Net email is sponsored by the Verizon Developer Community
> Take advantage of Verizon's best-in-class app development support
> A streamlined, 14 day to market process makes app distribution fast and easy
> Join now and get one step closer to millions of Verizon customers
> http://p.sf.net/sfu/verizon-dev2dev
> _______________________________________________
> W3af-develop mailing list
> W3af-develop@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/w3af-develop
>
>
--
Andrés Riancho
Founder, Bonsai - Information Security
http://www.bonsai-sec.com/
http://w3af.sf.net/
__________________________________________________
Do You Yahoo!?
Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden Schutz gegen
Massenmails.
http://mail.yahoo..com ------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
