Merge branch 'aling-dast-lf-with-other-parsers' into 'master'

Improve location fingerprint See merge request gitlab-org/gitlab-ee!10487

Merge branch 'aling-dast-lf-with-other-parsers' into 'master'
Improve location fingerprint See merge request gitlab-org/gitlab-ee!10487
547c5d19 · Nick Thomas · 55764aad · 9c77918a · 547c5d19 · 547c5d19
Commit 547c5d19 authored Mar 28, 2019 by Nick Thomas
3 changed files
--- a/ee/changelogs/unreleased/aling-dast-lf-with-other-parsers.yml
+++ b/ee/changelogs/unreleased/aling-dast-lf-with-other-parsers.yml
+---
+title: Improve DAST location fingerprints
+merge_request: 10487
+author:
+type: changed
--- a/ee/lib/gitlab/ci/parsers/security/dast.rb
+++ b/ee/lib/gitlab/ci/parsers/security/dast.rb
@@ -46,7 +46,7 @@ module Gitlab
          end
          def generate_location_fingerprint(location)
-            Digest::SHA1.hexdigest("#{location['param']} #{location['method']} #{location['path']}")
+            Digest::SHA1.hexdigest("#{location['path']}:#{location['param']}:#{location['method']}")
          end
        end
      end

--- a/ee/spec/lib/gitlab/ci/parsers/security/dast_spec.rb
+++ b/ee/spec/lib/gitlab/ci/parsers/security/dast_spec.rb
@@ -24,8 +24,8 @@ describe Gitlab::Ci::Parsers::Security::Dast do
    end
    it 'generates expected location fingerprint' do
-      expected1 = Digest::SHA1.hexdigest('X-Content-Type-Options GET ')
+      expected1 = Digest::SHA1.hexdigest(':X-Content-Type-Options:GET')
-      expected2 = Digest::SHA1.hexdigest('X-Content-Type-Options GET /')
+      expected2 = Digest::SHA1.hexdigest('/:X-Content-Type-Options:GET')
      expect(report.occurrences.first[:location_fingerprint]).to eq(expected1)
      expect(report.occurrences.last[:location_fingerprint]).to eq(expected2)