Hello !
From far, this is one of the best extension I've seen to test authorization controls on web apps :) There is two features I'd like to see implemented in this extension, let me know your thoughts:
- Ability to remove headers for testing unauthenticated roles. The documentation shows a good example that empties the
session_id cookie but I haven't found a way to remove the entire header.
- Ability to generate random strings to put in some fields. Some actions on APIs requires you to put some new data for each request. Would that make sense to have a Transformer that will generate a unique string ?
I can help making those changes if needed, just let me know !
Hello !
From far, this is one of the best extension I've seen to test authorization controls on web apps :) There is two features I'd like to see implemented in this extension, let me know your thoughts:
session_idcookie but I haven't found a way to remove the entire header.I can help making those changes if needed, just let me know !