diff options
| author | Alexander Kampmann <programmer@nurfuerspam.de> | 2012-03-14 12:54:49 +0100 |
|---|---|---|
| committer | Alexander Kampmann <programmer@nurfuerspam.de> | 2012-03-14 12:54:49 +0100 |
| commit | 509ed2604fe6860b83e02984f8b4a280496a22a8 (patch) | |
| tree | 4e15a616bd8f36c7bd207bf3c2ae5cfa7cf13d73 /tests/xss_filter_test.php | |
| parent | c0c98206ef322b3d175d5348d37e8d0b5fca140b (diff) | |
| download | volse-hubzilla-509ed2604fe6860b83e02984f8b4a280496a22a8.tar.gz volse-hubzilla-509ed2604fe6860b83e02984f8b4a280496a22a8.tar.bz2 volse-hubzilla-509ed2604fe6860b83e02984f8b4a280496a22a8.zip | |
splitted tests into several files
Diffstat (limited to 'tests/xss_filter_test.php')
| -rw-r--r-- | tests/xss_filter_test.php | 149 |
1 files changed, 3 insertions, 146 deletions
diff --git a/tests/xss_filter_test.php b/tests/xss_filter_test.php index fe944c2a7..d7dcf0472 100644 --- a/tests/xss_filter_test.php +++ b/tests/xss_filter_test.php @@ -1,24 +1,16 @@ <?php /** + * tests several functions which are used to prevent xss attacks + * * @package test.util */ -require_once("include/template_processor.php"); require_once('include/text.php'); class AntiXSSTest extends PHPUnit_Framework_TestCase { - public function setUp() { - set_include_path(
- get_include_path() . PATH_SEPARATOR
- . 'include' . PATH_SEPARATOR
- . 'library' . PATH_SEPARATOR
- . 'library/phpsec' . PATH_SEPARATOR
- . '.' ); - } - /** - * test no tags + * test, that tags are escaped */ public function testEscapeTags() { $invalidstring='<submit type="button" onclick="alert(\'failed!\');" />'; @@ -31,49 +23,6 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { } /** - *autonames should be random, even length - */ - public function testAutonameEven() { - $autoname1=autoname(10); - $autoname2=autoname(10); - - $this->assertNotEquals($autoname1, $autoname2); - } - - /** - *autonames should be random, odd length - */ - public function testAutonameOdd() { - $autoname1=autoname(9); - $autoname2=autoname(9); - - $this->assertNotEquals($autoname1, $autoname2); - } - - /** - * try to fail autonames - */ - public function testAutonameNoLength() { - $autoname1=autoname(0); - $this->assertEquals(0, count($autoname1)); - } - - public function testAutonameNegativeLength() { - $autoname1=autoname(-23); - $this->assertEquals(0, count($autoname1)); - } - - // public function testAutonameMaxLength() { - // $autoname2=autoname(PHP_INT_MAX); - // $this->assertEquals(PHP_INT_MAX, count($autoname2)); - // } - - public function testAutonameLength1() { - $autoname3=autoname(1); - $this->assertEquals(1, count($autoname3)); - } - - /** *xmlify and unxmlify */ public function testXmlify() { @@ -87,7 +36,6 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { /** * test hex2bin and reverse */ - public function testHex2Bin() { $this->assertEquals(-3, hex2bin(bin2hex(-3))); $this->assertEquals(0, hex2bin(bin2hex(0))); @@ -95,97 +43,6 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { $this->assertEquals(PHP_INT_MAX, hex2bin(bin2hex(PHP_INT_MAX))); } - /** - * test expand_acl - */ - public function testExpandAclNormal() { - $text="<1><2><3>"; - $this->assertEquals(array(1, 2, 3), expand_acl($text)); - } - - public function testExpandAclBigNumber() { - $text="<1><279012><15>"; - $this->assertEquals(array(1, 279012, 15), expand_acl($text)); - } - - public function testExpandAclString() { - $text="<1><279012><tt>"; //maybe that's invalid - $this->assertEquals(array(1, 279012, 'tt'), expand_acl($text)); - } - - public function testExpandAclSpace() { - $text="<1><279 012><32>"; //maybe that's invalid - $this->assertEquals(array(1, "279 012", "32"), expand_acl($text)); - } - - public function testExpandAclEmpty() { - $text=""; //maybe that's invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclNoBrackets() { - $text="According to documentation, that's invalid. "; //should be invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclJustOneBracket1() { - $text="<Another invalid string"; //should be invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclJustOneBracket2() { - $text="Another invalid> string"; //should be invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclCloseOnly() { - $text="Another> invalid> string>"; //should be invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclOpenOnly() { - $text="<Another< invalid string<"; //should be invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclNoMatching1() { - $text="<Another<> invalid <string>"; //should be invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclNoMatching2() { - $text="<1>2><3>"; - $this->assertEquals(array(), expand_acl($text)); - } - - /** - * test attribute contains - */ - public function testAttributeContains1() { - $testAttr="class1 notclass2 class3"; - $this->assertTrue(attribute_contains($testAttr, "class3")); - $this->assertFalse(attribute_contains($testAttr, "class2")); - } - - /** - * test attribute contains - */ - public function testAttributeContains2() { - $testAttr="class1 not-class2 class3"; - $this->assertTrue(attribute_contains($testAttr, "class3")); - $this->assertFalse(attribute_contains($testAttr, "class2")); - } - - public function testAttributeContainsEmpty() { - $testAttr=""; - $this->assertFalse(attribute_contains($testAttr, "class2")); - } - - public function testAttributeContainsSpecialChars() { - $testAttr="--... %\$รค() /(=?}"; - $this->assertFalse(attribute_contains($testAttr, "class2")); - } - //function qp, quick and dirty?? //get_mentions //get_contact_block, bis Zeile 538 |