@@ -1100,9 +1100,8 @@ class SecurityRest {
11001100
11011101 mainloop@ for (action in actionDefinitions){
11021102
1103-
11041103 // Find individuals with 2xx response for this endpoint
1105- val successfulIndividuals = RestIndividualSelectorUtils .findIndividuals (
1104+ val successfulIndividuals = RestIndividualSelectorUtils .findAndSlice (
11061105 individualsInSolution,
11071106 action.verb,
11081107 action.path,
@@ -1114,37 +1113,21 @@ class SecurityRest {
11141113 }
11151114
11161115 // Take the smallest successful individual
1117- val target = successfulIndividuals.minBy { it.individual.size() }
1118-
1119- val actionIndex = RestIndividualSelectorUtils .findIndexOfAction(
1120- target,
1121- action.verb,
1122- action.path,
1123- statusGroup = StatusGroup .G_2xx
1124- )
1125-
1126- if (actionIndex < 0 ){
1127- continue
1128- }
1116+ val target = successfulIndividuals.minBy { it.size() }
11291117
1130- // Slice to keep only up to the target action
1131- val sliced = RestIndividualBuilder .sliceAllCallsInIndividualAfterAction(
1132- target.individual,
1133- actionIndex
1134- )
11351118
11361119 // Try each XSS payload (but only add one test per endpoint)
11371120 for (payload in XSS_PAYLOADS ){
11381121
11391122 // Create a copy of the individual
1140- var copy = sliced .copy() as RestIndividual
1141- val actionCopy = copy.seeMainExecutableActions().last() as RestCallAction
1123+ var copy = target .copy() as RestIndividual
1124+ val actionCopy = copy.seeMainExecutableActions().last()
11421125
11431126 val genes = GeneUtils .getAllStringFields(actionCopy.parameters)
11441127 .filter { it.staticCheckIfImpactPhenotype() }
11451128
11461129 if (genes.isEmpty()){
1147- continue
1130+ continue @mainloop
11481131 }
11491132
11501133 val anySuccess = genes.map { gene ->
0 commit comments