@contrast/loopback-test-bench
v3.15.0
Published
Intentionally vulnerable Loopback application
Downloads
9
Maintainers
Keywords
Readme
@contrast/loopback-test-bench
An intentionally vulnerable loopback
application.
Running Locally
Make sure you have Node.js installed or install a version of Node from nvm.
git clone https://github.com/Contrast-Security-OSS/NodeTestBenches.git # or clone your own fork
cd NodeTestBenches/loopback
npm install
npm start
Your app should now be running on localhost:3000.
Running with Contrast
Installation
See our documentation for installation instructions.
After installation, the agent can be run with npm run contrast
. For more
information on configuration and which technologies the agent supports, see our
documentation.
Adding a shared vulnerability
Once you have added shared functionality to
@contrast/test-bench-utils
,
you are ready to add an endpoint in the test bench application.
Create a server/boot/ruleName.js file and call the controllerFactory
method:
'use strict';
const controllerFactory = require('../utils/controllerFactory');
module.exports = controllerFactory('ruleName');
Check the documentation for controllerFactory
under server/utils/controllerFactory.js
usage information.
Add a server/views/pages/ruleName.ejs file that includes the shared
template from @contrast/test-bench-utils
:
<% include ../../../node_modules/@contrast/test-bench-utils/public/views/ruleName.ejs %>
Now run the app and make sure everything works as expected!