I am new to Codeception and I am researching using it to run our integration / acceptance test suite (currently some phpunit scripts...). It seems like a very interesting tool but I've run into an issue that could prevent us from using it.
I'm trying to find a way to inject a middleware or create a module that will allow me to strip the JSON protection string from our server's response before it's decoded by the REST module.
The JSON is prefixed with ")]}',
"
to make the object invalid, which protects against a type of CSRF vulnerability in some browsers, but it breaks json_decode()
(intentionally) and the Codeception REST validation methods.
I'm looking for a way to modify the response, to strip off the prefix, before the test suite begins using the data. Does anyone know if that's possible? Or if there are any built-in ways to work with or rewrite response bodies?
Unfortunately, removing the prefix from the server output is not an option. Thanks for any advice!