From 96040b546f6b02db1456c634f9f4f3dfe7fe84c4 Mon Sep 17 00:00:00 2001
From: Alexander Borovsky <aborovsky@users.noreply.github.com>
Date: Thu, 20 Jul 2023 13:03:13 +0200
Subject: [PATCH] feat(scan): add `stored_xss` and deprecate `dom_xss` (#170)

Closes #169
---
 packages/scan/src/DefaultScans.spec.ts | 4 ++--
 packages/scan/src/ScanFactory.spec.ts  | 8 ++++----
 packages/scan/src/ScanSettings.spec.ts | 8 ++++----
 packages/scan/src/models/TestType.ts   | 4 ++++
 4 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/packages/scan/src/DefaultScans.spec.ts b/packages/scan/src/DefaultScans.spec.ts
index 2ddd337f..fc97ab06 100644
--- a/packages/scan/src/DefaultScans.spec.ts
+++ b/packages/scan/src/DefaultScans.spec.ts
@@ -110,7 +110,7 @@ describe('HttpScans', () => {
 
       await scans.createScan({
         name: 'test',
-        tests: [TestType.DOM_XSS],
+        tests: [TestType.XSS],
         module: Module.DAST
       });
 
@@ -139,7 +139,7 @@ describe('HttpScans', () => {
 
       const result = scans.createScan({
         name: 'test',
-        tests: [TestType.DOM_XSS],
+        tests: [TestType.XSS],
         module: Module.DAST
       });
 
diff --git a/packages/scan/src/ScanFactory.spec.ts b/packages/scan/src/ScanFactory.spec.ts
index ff2b472b..0019cd2a 100644
--- a/packages/scan/src/ScanFactory.spec.ts
+++ b/packages/scan/src/ScanFactory.spec.ts
@@ -53,7 +53,7 @@ describe('ScanFactory', () => {
     it('should create a scan', async () => {
       const settings: ScanSettingsOptions = {
         target: { url: 'https://example.com' },
-        tests: [TestType.DOM_XSS]
+        tests: [TestType.XSS]
       };
       when(mockedScans.uploadHar(anything())).thenResolve({ id: fileId });
       when(mockedScans.createScan(anything())).thenResolve({ id: scanId });
@@ -68,7 +68,7 @@ describe('ScanFactory', () => {
             name: 'GET example.com',
             module: Module.DAST,
             discoveryTypes: [Discovery.ARCHIVE],
-            tests: [TestType.DOM_XSS]
+            tests: [TestType.XSS]
           })
         )
       ).once();
@@ -78,7 +78,7 @@ describe('ScanFactory', () => {
     it('should generate and upload a HAR file', async () => {
       const settings: ScanSettingsOptions = {
         target: { url: 'https://example.com' },
-        tests: [TestType.DOM_XSS]
+        tests: [TestType.XSS]
       };
       when(mockedScans.uploadHar(anything())).thenResolve({ id: fileId });
       when(mockedScans.createScan(anything())).thenResolve({ id: scanId });
@@ -108,7 +108,7 @@ describe('ScanFactory', () => {
             'hex'
           )}.example.com`
         },
-        tests: [TestType.DOM_XSS]
+        tests: [TestType.XSS]
       };
       when(mockedScans.uploadHar(anything())).thenResolve({ id: fileId });
       when(mockedScans.createScan(anything())).thenResolve({ id: scanId });
diff --git a/packages/scan/src/ScanSettings.spec.ts b/packages/scan/src/ScanSettings.spec.ts
index 0cad7bf9..29a3c402 100644
--- a/packages/scan/src/ScanSettings.spec.ts
+++ b/packages/scan/src/ScanSettings.spec.ts
@@ -107,7 +107,7 @@ describe('ScanSettings', () => {
       // arrange
       const settings: ScanSettingsOptions = {
         name: 'my scan',
-        tests: [TestType.DOM_XSS],
+        tests: [TestType.XSS],
         target: { url: 'https://example.com' }
       };
 
@@ -123,7 +123,7 @@ describe('ScanSettings', () => {
     it('should create a settings with default name', () => {
       // arrange
       const settings: ScanSettingsOptions = {
-        tests: [TestType.DOM_XSS],
+        tests: [TestType.XSS],
         target: { url: 'https://example.com' }
       };
 
@@ -140,7 +140,7 @@ describe('ScanSettings', () => {
       // arrange
       const settings: ScanSettingsOptions = {
         name: randomBytes(201).toString('hex'),
-        tests: [TestType.DOM_XSS],
+        tests: [TestType.XSS],
         target: { url: 'https://example.com' }
       };
 
@@ -153,7 +153,7 @@ describe('ScanSettings', () => {
     it('should truncate a default name if hostname is greater than 200 characters', () => {
       // arrange
       const settings: ScanSettingsOptions = {
-        tests: [TestType.DOM_XSS],
+        tests: [TestType.XSS],
         target: {
           url: `https://subdomain-${randomBytes(200).toString(
             'hex'
diff --git a/packages/scan/src/models/TestType.ts b/packages/scan/src/models/TestType.ts
index e7cce26e..72d0b1d0 100644
--- a/packages/scan/src/models/TestType.ts
+++ b/packages/scan/src/models/TestType.ts
@@ -11,6 +11,9 @@ export enum TestType {
   DATE_MANIPULATION = 'date_manipulation',
   DEFAULT_LOGIN_LOCATION = 'default_login_location',
   DIRECTORY_LISTING = 'directory_listing',
+  /**
+   * @deprecated Use TestType.XSS instead
+   */
   DOM_XSS = 'dom_xss',
   EMAIL_INJECTION = 'email_injection',
   EXPOSED_COUCH_DB_APIS = 'exposed_couch_db_apis',
@@ -41,6 +44,7 @@ export enum TestType {
   SQLI = 'sqli',
   SSRF = 'ssrf',
   SSTI = 'ssti',
+  STORED_XSS = 'stored_xss',
   UNVALIDATED_REDIRECT = 'unvalidated_redirect',
   VERSION_CONTROL_SYSTEMS = 'version_control_systems',
   WORDPRESS = 'wordpress',