Contrast-Security-OSS · contrast-jproberts · Jan 3, 2025 · Jan 3, 2025 · Jan 3, 2025 · Jan 3, 2025
diff --git a/setup.py b/setup.py
@@ -11,7 +11,7 @@
 trigger_extras = {"PyYAML<7", "lxml>=4.3.1", "mock==3.*"}
 aiohttp_extras = {"aiohttp<4"} | trigger_extras
 django_extras = {"Django<6"} | trigger_extras
-falcon_extras = {"falcon<4", "falcon-multipart==0.2.0"} | trigger_extras
+falcon_extras = {"falcon<5", "falcon-multipart==0.2.0"} | trigger_extras
 flask_extras = {"Flask<4"} | trigger_extras
 fastapi_extras = {
     "fastapi<1",

diff --git a/src/vulnpy/falcon/vulnerable.py b/src/vulnpy/falcon/vulnerable.py
@@ -114,13 +114,13 @@ def _set_response(resp, path):
     """
     Set the response body and Content-Type
     """
-    resp.body = get_template(path)
+    resp.text = get_template(path)
     resp.content_type = "text/html"
 
 
 def _set_xss_response(resp, path, user_input):
     template = get_template(path)
     template += "<p>XSS: " + user_input + "</p>"
 
-    resp.body = template
+    resp.text = template
     resp.content_type = "text/html"
diff --git a/tests/falcon/test_vulnerable.py b/tests/falcon/test_vulnerable.py
@@ -13,7 +13,7 @@
 
 @pytest.fixture(scope="module")
 def client():
-    app = falcon.API()
+    app = falcon.App()
     vulnpy.falcon.add_vulnerable_routes(app)
     return testing.TestClient(app)
 

diff --git a/tests/falcon/test_vulnerable_asgi.py b/tests/falcon/test_vulnerable_asgi.py
@@ -12,7 +12,7 @@
 
 
 @pytest.fixture(scope="module")
-def client():
+async def client():
     app = falcon.asgi.App()
     vulnpy.falcon.add_vulnerable_asgi_routes(app)
     return testing.TestClient(app)