From 534c1eeadd15369462f60adc290ef4909d33e36b Mon Sep 17 00:00:00 2001
From: Omur <omur@erciyes.edu.tr>
Date: Wed, 3 Dec 2025 16:45:46 +0300
Subject: [PATCH] remove

---
 .../xss/reflected/XSSReflectedApplication.kt  | 109 ----------
 .../xss/stored/XSSStoredApplication.kt        | 197 ------------------
 .../xss/reflected/XSSReflectedController.kt   |   5 -
 .../xss/stored/XSSStoredController.kt         |   5 -
 .../xss/reflected/XSSReflectedEMTest.kt       |  59 ------
 .../v3/security/xss/stored/XSSStoredEMTest.kt |  64 ------
 6 files changed, 439 deletions(-)
 delete mode 100644 core-tests/e2e-tests/spring-rest-openapi-v3/src/main/kotlin/com/foo/rest/examples/spring/openapi/v3/security/xss/reflected/XSSReflectedApplication.kt
 delete mode 100644 core-tests/e2e-tests/spring-rest-openapi-v3/src/main/kotlin/com/foo/rest/examples/spring/openapi/v3/security/xss/stored/XSSStoredApplication.kt
 delete mode 100644 core-tests/e2e-tests/spring-rest-openapi-v3/src/test/kotlin/com/foo/rest/examples/spring/openapi/v3/security/xss/reflected/XSSReflectedController.kt
 delete mode 100644 core-tests/e2e-tests/spring-rest-openapi-v3/src/test/kotlin/com/foo/rest/examples/spring/openapi/v3/security/xss/stored/XSSStoredController.kt
 delete mode 100644 core-tests/e2e-tests/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/reflected/XSSReflectedEMTest.kt
 delete mode 100644 core-tests/e2e-tests/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/stored/XSSStoredEMTest.kt

diff --git a/core-tests/e2e-tests/spring-rest-openapi-v3/src/main/kotlin/com/foo/rest/examples/spring/openapi/v3/security/xss/reflected/XSSReflectedApplication.kt b/core-tests/e2e-tests/spring-rest-openapi-v3/src/main/kotlin/com/foo/rest/examples/spring/openapi/v3/security/xss/reflected/XSSReflectedApplication.kt
deleted file mode 100644
index e2da75cd0c..0000000000
--- a/core-tests/e2e-tests/spring-rest-openapi-v3/src/main/kotlin/com/foo/rest/examples/spring/openapi/v3/security/xss/reflected/XSSReflectedApplication.kt
+++ /dev/null
@@ -1,109 +0,0 @@
-package com.foo.rest.examples.spring.openapi.v3.security.xss.reflected
-
-import io.swagger.v3.oas.annotations.Operation
-import io.swagger.v3.oas.annotations.responses.ApiResponse
-import io.swagger.v3.oas.annotations.responses.ApiResponses
-import org.springframework.boot.SpringApplication
-import org.springframework.boot.autoconfigure.SpringBootApplication
-import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration
-import org.springframework.http.MediaType
-import org.springframework.web.bind.annotation.*
-
-data class CommentDto(
-    val comment: String? = null,
-    val author: String? = null
-)
-
-@SpringBootApplication(exclude = [SecurityAutoConfiguration::class])
-@RequestMapping(path = ["/api/reflected"])
-@RestController
-open class XSSReflectedApplication {
-
-    companion object {
-        @JvmStatic
-        fun main(args: Array<String>) {
-            SpringApplication.run(XSSReflectedApplication::class.java, *args)
-        }
-    }
-
-    // ==== BODY PARAMETER - Comment System ====
-
-    @PostMapping(path = ["/comment"], produces = [MediaType.TEXT_HTML_VALUE])
-    open fun reflectComment(@RequestBody commentDto: CommentDto): String {
-        // VULNERABLE: Reflects user input without sanitization
-        val comment = commentDto.comment ?: "No comment"
-        val author = commentDto.author ?: "Anonymous"
-
-        return """
-            <!DOCTYPE html>
-            <html>
-            <head>
-                <title>Comment Reflected</title>
-            </head>
-            <body>
-                <h2>Comment Received!</h2>
-                <div class="comment">
-                    <p><strong>Author:</strong> $author</p>
-                    <p><strong>Comment:</strong> $comment</p>
-                </div>
-            </body>
-            </html>
-        """.trimIndent()
-    }
-
-    // ==== PATH PARAMETER - User Profile System ====
-
-    @Operation(
-        summary = "GET endpoint to display user profile (Reflected XSS with path parameter)",
-        description = "Displays user profile without sanitization - allows Reflected XSS attacks via path parameter"
-    )
-    @ApiResponses(
-        value = [
-            ApiResponse(responseCode = "200", description = "User profile displayed"),
-            ApiResponse(responseCode = "400", description = "Invalid URI with special characters")
-        ]
-    )
-    @GetMapping(path = ["/user/{username}"], produces = [MediaType.TEXT_HTML_VALUE])
-    open fun getUserProfile(@PathVariable username: String): String {
-        // VULNERABLE: Reflects path parameter without sanitization
-        return """
-            <!DOCTYPE html>
-            <html>
-            <head>
-                <title>User Profile</title>
-            </head>
-            <body>
-                <h1>Profile of $username</h1>
-                <div class="profile-info">
-                    <p><strong>Username:</strong> $username</p>
-                    <p>Welcome to $username's profile page!</p>
-                </div>
-            </body>
-            </html>
-        """.trimIndent()
-    }
-
-    // ==== QUERY PARAMETER - Search System ====
-
-    @GetMapping(path = ["/search"], produces = [MediaType.TEXT_HTML_VALUE])
-    open fun search(
-        @RequestParam(name = "query", required = false, defaultValue = "") query: String
-    ): String {
-        // VULNERABLE: Reflects query parameter without sanitization
-        return """
-            <!DOCTYPE html>
-            <html>
-            <head>
-                <title>Search Results</title>
-            </head>
-            <body>
-                <h1>Search Results</h1>
-                <p>You searched for: <strong>$query</strong></p>
-                <div class="results">
-                    <p>No results found for "$query"</p>
-                </div>
-            </body>
-            </html>
-        """.trimIndent()
-    }
-}
diff --git a/core-tests/e2e-tests/spring-rest-openapi-v3/src/main/kotlin/com/foo/rest/examples/spring/openapi/v3/security/xss/stored/XSSStoredApplication.kt b/core-tests/e2e-tests/spring-rest-openapi-v3/src/main/kotlin/com/foo/rest/examples/spring/openapi/v3/security/xss/stored/XSSStoredApplication.kt
deleted file mode 100644
index d86a5a6445..0000000000
--- a/core-tests/e2e-tests/spring-rest-openapi-v3/src/main/kotlin/com/foo/rest/examples/spring/openapi/v3/security/xss/stored/XSSStoredApplication.kt
+++ /dev/null
@@ -1,197 +0,0 @@
-package com.foo.rest.examples.spring.openapi.v3.security.xss.stored
-
-import io.swagger.v3.oas.annotations.Operation
-import io.swagger.v3.oas.annotations.responses.ApiResponse
-import io.swagger.v3.oas.annotations.responses.ApiResponses
-import org.springframework.boot.SpringApplication
-import org.springframework.boot.autoconfigure.SpringBootApplication
-import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration
-import org.springframework.http.MediaType
-import org.springframework.web.bind.annotation.*
-
-data class CommentDto(
-    val comment: String? = null,
-    val author: String? = null
-)
-
-@SpringBootApplication(exclude = [SecurityAutoConfiguration::class])
-@RequestMapping(path = ["/api/stored"])
-@RestController
-open class XSSStoredApplication {
-
-    companion object {
-        @JvmStatic
-        fun main(args: Array<String>) {
-            SpringApplication.run(XSSStoredApplication::class.java, *args)
-        }
-
-        // In-memory storage for stored XSS examples
-        private val comments = mutableListOf<Pair<String, String>>() // Body parameter
-        private val userBios = mutableMapOf<String, String>() // Path parameter
-        private val guestbookEntries = mutableListOf<Pair<String, String>>() // Query parameter
-    }
-
-    // ==== BODY PARAMETER - Comment System ====
-
-    @PostMapping(path = ["/comment"], produces = [MediaType.TEXT_HTML_VALUE])
-    open fun storeComment(@RequestBody commentDto: CommentDto): String {
-        // VULNERABLE: Stores user input without sanitization
-        val comment = commentDto.comment ?: "No comment"
-        val author = commentDto.author ?: "Anonymous"
-
-        comments.add(Pair(author, comment))
-
-        return """
-            <!DOCTYPE html>
-            <html>
-            <head>
-                <title>Comment Stored</title>
-            </head>
-            <body>
-                <h2>Comment Stored Successfully!</h2>
-                <p>Your comment has been saved and will be displayed to other users.</p>
-                <a href="/api/stored/comments">View all comments</a>
-            </body>
-            </html>
-        """.trimIndent()
-    }
-
-    @GetMapping(path = ["/comments"], produces = [MediaType.TEXT_HTML_VALUE])
-    open fun getComments(): String {
-        // VULNERABLE: Displays stored user input without sanitization
-        val commentsList = comments.joinToString("\n") { (author, comment) ->
-            """
-                <div class="comment">
-                    <p><strong>Author:</strong> $author</p>
-                    <p><strong>Comment:</strong> $comment</p>
-                    <hr>
-                </div>
-            """.trimIndent()
-        }
-
-        return """
-            <!DOCTYPE html>
-            <html>
-            <head>
-                <title>All Comments</title>
-            </head>
-            <body>
-                <h1>All Comments</h1>
-                ${if (comments.isEmpty()) "<p>No comments yet.</p>" else commentsList}
-            </body>
-            </html>
-        """.trimIndent()
-    }
-
-    // ==== PATH PARAMETER - User Bio System ====
-
-    @Operation(
-        summary = "POST endpoint to store user bio (Stored XSS with path parameter)",
-        description = "Stores user bio in memory without sanitization - allows Stored XSS attacks via path parameter"
-    )
-    @ApiResponses(
-        value = [
-            ApiResponse(responseCode = "200", description = "Bio stored successfully"),
-            ApiResponse(responseCode = "400", description = "Invalid URI with special characters")
-        ]
-    )
-    @PostMapping(path = ["/user/{username}"], produces = [MediaType.TEXT_HTML_VALUE])
-    open fun storeBio(
-        @PathVariable username: String,
-        @RequestParam(name = "bio", required = false, defaultValue = "") bio: String
-    ): String {
-        // VULNERABLE: Stores user input from both path parameter and query parameter without sanitization
-        userBios[username] = bio
-
-        return """
-            <!DOCTYPE html>
-            <html>
-            <head>
-                <title>Bio Stored</title>
-            </head>
-            </html>
-        """.trimIndent()
-    }
-
-    @Operation(
-        summary = "GET endpoint to retrieve user profile with bio (Stored XSS)",
-        description = "Displays stored user bio without sanitization - executes stored XSS from path parameter data"
-    )
-    @ApiResponses(
-        value = [
-            ApiResponse(responseCode = "200", description = "User profile displayed"),
-            ApiResponse(responseCode = "400", description = "Invalid URI with special characters")
-        ]
-    )
-    @GetMapping(path = ["/user/{username}"], produces = [MediaType.TEXT_HTML_VALUE])
-    open fun getUserProfile(@PathVariable username: String): String {
-        // VULNERABLE: Displays stored user input without sanitization
-        val bio = userBios[username] ?: "No bio available"
-
-        return """
-            <!DOCTYPE html>
-            <html>
-            <head>
-                <title>User Profile</title>
-            </head>
-            <body>
-                <div class="profile-info">
-                    <p><strong>Bio:</strong> $bio</p>
-                </div>
-            </body>
-            </html>
-        """.trimIndent()
-    }
-
-    // ==== QUERY PARAMETER - Guestbook System ====
-
-    @PostMapping(path = ["/guestbook"], produces = [MediaType.TEXT_HTML_VALUE])
-    open fun storeGuestbookEntry(
-        @RequestParam(name = "name", required = false, defaultValue = "Anonymous") name: String,
-        @RequestParam(name = "entry", required = false, defaultValue = "") entry: String
-    ): String {
-        // VULNERABLE: Stores user input from query parameters without sanitization
-        guestbookEntries.add(Pair(name, entry))
-
-        return """
-            <!DOCTYPE html>
-            <html>
-            <head>
-                <title>Entry Stored</title>
-            </head>
-            <body>
-                <h2>Guestbook Entry Stored!</h2>
-                <p>Thank you for signing our guestbook!</p>
-                <a href="/api/stored/guestbook">View guestbook</a>
-            </body>
-            </html>
-        """.trimIndent()
-    }
-
-    @GetMapping(path = ["/guestbook"], produces = [MediaType.TEXT_HTML_VALUE])
-    open fun getGuestbook(): String {
-        // VULNERABLE: Displays stored user input without sanitization
-        val entriesList = guestbookEntries.joinToString("\n") { (name, entry) ->
-            """
-                <div class="entry">
-                    <p><strong>$name</strong> wrote:</p>
-                    <p>$entry</p>
-                    <hr>
-                </div>
-            """.trimIndent()
-        }
-
-        return """
-            <!DOCTYPE html>
-            <html>
-            <head>
-                <title>Guestbook</title>
-            </head>
-            <body>
-                <h1>Guestbook</h1>
-                ${if (guestbookEntries.isEmpty()) "<p>No entries yet. Be the first to sign!</p>" else entriesList}
-            </body>
-            </html>
-        """.trimIndent()
-    }
-}
diff --git a/core-tests/e2e-tests/spring-rest-openapi-v3/src/test/kotlin/com/foo/rest/examples/spring/openapi/v3/security/xss/reflected/XSSReflectedController.kt b/core-tests/e2e-tests/spring-rest-openapi-v3/src/test/kotlin/com/foo/rest/examples/spring/openapi/v3/security/xss/reflected/XSSReflectedController.kt
deleted file mode 100644
index c2da3d04c7..0000000000
--- a/core-tests/e2e-tests/spring-rest-openapi-v3/src/test/kotlin/com/foo/rest/examples/spring/openapi/v3/security/xss/reflected/XSSReflectedController.kt
+++ /dev/null
@@ -1,5 +0,0 @@
-package com.foo.rest.examples.spring.openapi.v3.security.xss.reflected
-
-import com.foo.rest.examples.spring.openapi.v3.SpringController
-
-class XSSReflectedController: SpringController(XSSReflectedApplication::class.java)
diff --git a/core-tests/e2e-tests/spring-rest-openapi-v3/src/test/kotlin/com/foo/rest/examples/spring/openapi/v3/security/xss/stored/XSSStoredController.kt b/core-tests/e2e-tests/spring-rest-openapi-v3/src/test/kotlin/com/foo/rest/examples/spring/openapi/v3/security/xss/stored/XSSStoredController.kt
deleted file mode 100644
index 748a1fc83d..0000000000
--- a/core-tests/e2e-tests/spring-rest-openapi-v3/src/test/kotlin/com/foo/rest/examples/spring/openapi/v3/security/xss/stored/XSSStoredController.kt
+++ /dev/null
@@ -1,5 +0,0 @@
-package com.foo.rest.examples.spring.openapi.v3.security.xss.stored
-
-import com.foo.rest.examples.spring.openapi.v3.SpringController
-
-class XSSStoredController: SpringController(XSSStoredApplication::class.java)
diff --git a/core-tests/e2e-tests/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/reflected/XSSReflectedEMTest.kt b/core-tests/e2e-tests/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/reflected/XSSReflectedEMTest.kt
deleted file mode 100644
index 78d4effe11..0000000000
--- a/core-tests/e2e-tests/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/reflected/XSSReflectedEMTest.kt
+++ /dev/null
@@ -1,59 +0,0 @@
-package org.evomaster.e2etests.spring.openapi.v3.security.xss.reflected
-
-import com.foo.rest.examples.spring.openapi.v3.security.xss.reflected.XSSReflectedController
-import com.webfuzzing.commons.faults.DefinedFaultCategory
-import org.evomaster.core.EMConfig
-import org.evomaster.core.problem.enterprise.DetectedFaultUtils
-import org.evomaster.e2etests.spring.openapi.v3.SpringTestBase
-import org.junit.jupiter.api.Assertions.assertTrue
-import org.junit.jupiter.api.BeforeAll
-import org.junit.jupiter.api.Test
-
-class XSSReflectedEMTest : SpringTestBase() {
-
-    companion object {
-        @BeforeAll
-        @JvmStatic
-        fun init() {
-            val config = EMConfig()
-            config.instrumentMR_NET = false
-            initClass(XSSReflectedController(), config)
-        }
-    }
-
-    @Test
-    fun testXSSReflectedEM() {
-        runTestHandlingFlakyAndCompilation(
-            "XSSReflectedEMTest",
-            50,
-        ) { args: MutableList<String> ->
-
-            setOption(args, "security", "true")
-
-
-            val solution = initAndRun(args)
-
-            assertTrue(solution.individuals.isNotEmpty())
-
-            val faultsCategories = DetectedFaultUtils.getDetectedFaultCategories(solution)
-            val faults = DetectedFaultUtils.getDetectedFaults(solution)
-
-            assertTrue(DefinedFaultCategory.XSS in faultsCategories)
-
-            assertTrue(faults.any {
-                it.category == DefinedFaultCategory.XSS
-                        && it.operationId == "POST:/api/reflected/comment"
-            })
-
-            assertTrue(faults.any {
-                it.category == DefinedFaultCategory.XSS
-                        && it.operationId == "GET:/api/reflected/search"
-            })
-
-            assertTrue(faults.any {
-                it.category == DefinedFaultCategory.XSS
-                        && it.operationId == "GET:/api/reflected/user/{username}"
-            })
-        }
-    }
-}
diff --git a/core-tests/e2e-tests/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/stored/XSSStoredEMTest.kt b/core-tests/e2e-tests/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/stored/XSSStoredEMTest.kt
deleted file mode 100644
index cfefe4999a..0000000000
--- a/core-tests/e2e-tests/spring-rest-openapi-v3/src/test/kotlin/org/evomaster/e2etests/spring/openapi/v3/security/xss/stored/XSSStoredEMTest.kt
+++ /dev/null
@@ -1,64 +0,0 @@
-package org.evomaster.e2etests.spring.openapi.v3.security.xss.stored
-
-import com.foo.rest.examples.spring.openapi.v3.security.xss.stored.XSSStoredController
-import com.webfuzzing.commons.faults.DefinedFaultCategory
-import org.evomaster.core.EMConfig
-import org.evomaster.core.problem.enterprise.DetectedFaultUtils
-import org.evomaster.core.problem.rest.data.HttpVerb
-import org.evomaster.e2etests.spring.openapi.v3.SpringTestBase
-import org.junit.jupiter.api.Assertions
-import org.junit.jupiter.api.Assertions.assertTrue
-import org.junit.jupiter.api.BeforeAll
-import org.junit.jupiter.api.Test
-
-class XSSStoredEMTest : SpringTestBase() {
-
-    companion object {
-        @BeforeAll
-        @JvmStatic
-        fun init() {
-            val config = EMConfig()
-            config.instrumentMR_NET = false
-            initClass(XSSStoredController(), config)
-        }
-    }
-
-    @Test
-    fun testXSSStoredEM() {
-        runTestHandlingFlakyAndCompilation(
-            "XSSStoredEMTest",
-            50,
-        ) { args: MutableList<String> ->
-
-            setOption(args, "security", "true")
-
-
-            val solution = initAndRun(args)
-
-            assertTrue(solution.individuals.isNotEmpty())
-
-            val faults = DetectedFaultUtils.getDetectedFaults(solution)
-
-            assertTrue(faults.size == 3)
-
-            val faultCategories = DetectedFaultUtils.getDetectedFaultCategories(solution)
-
-            assertTrue({ DefinedFaultCategory.XSS in faultCategories })
-
-            assertTrue(faults.any {
-                it.category == DefinedFaultCategory.XSS
-                        && it.operationId == "GET:/api/stored/comments"
-            })
-
-            assertTrue(faults.any {
-                it.category == DefinedFaultCategory.XSS
-                        && it.operationId == "GET:/api/stored/guestbook"
-            })
-
-            assertTrue(faults.any {
-                it.category == DefinedFaultCategory.XSS
-                        && it.operationId == "GET:/api/stored/user/{username}"
-            })
-        }
-    }
-}