package com.atlassian.jira.webtests.ztests.plugin;

import com.atlassian.jira.functest.framework.FuncTestCase;
import com.atlassian.jira.functest.framework.suite.Category;
import com.atlassian.jira.functest.framework.suite.WebTest;

@WebTest({Category.FUNC_TEST, Category.PLUGINS, Category.SECURITY})
/* loaded from: input_file:com/atlassian/jira/webtests/ztests/plugin/TestPluginWebworkVelocityServletXSS.class */
public class TestPluginWebworkVelocityServletXSS extends FuncTestCase {
    public void testRenderingError() {
        this.tester.gotoPage("/secure/<script>alert('XSS!')</script>.vm");
        this.assertions.getTextAssertions().assertTextNotPresent("<script>alert('XSS!')</script>");
    }

    public void testXssInPathNameParam() {
        this.tester.gotoPage("/secure/\"><script>alert</script>.vm");
        this.assertions.getTextAssertions().assertTextPresent("Could not find template");
        this.assertions.getTextAssertions().assertTextNotPresent("secure/\"><script>alert</script>.vm");
    }
}
