aboutsummaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/xss_filter_test.php116
1 files changed, 90 insertions, 26 deletions
diff --git a/tests/xss_filter_test.php b/tests/xss_filter_test.php
index e480ef7ec..00e97cf98 100644
--- a/tests/xss_filter_test.php
+++ b/tests/xss_filter_test.php
@@ -1,16 +1,26 @@
<?php
/**
-* Tests, without pHPUnit by now
-* @package test.util
-*/
+ * Tests, without pHPUnit by now
+ * @package test.util
+ */
-require_once('include/text.php');
+require_once("include/template_processor.php");
+require_once('include/text.php');
class AntiXSSTest extends PHPUnit_Framework_TestCase {
-/**
-* test no tags
-*/
+ public function setUp() {
+ set_include_path(
+ get_include_path() . PATH_SEPARATOR
+ . 'include' . PATH_SEPARATOR
+ . 'library' . PATH_SEPARATOR
+ . 'library/phpsec' . PATH_SEPARATOR
+ . '.' );
+ }
+
+ /**
+ * test no tags
+ */
public function testEscapeTags() {
$invalidstring='<submit type="button" onclick="alert(\'failed!\');" />';
@@ -53,12 +63,12 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase {
$autoname1=autoname(-23);
$this->assertEquals(0, count($autoname1));
}
-
-// public function testAutonameMaxLength() {
-// $autoname2=autoname(PHP_INT_MAX);
-// $this->assertEquals(PHP_INT_MAX, count($autoname2));
-// }
-
+
+ // public function testAutonameMaxLength() {
+ // $autoname2=autoname(PHP_INT_MAX);
+ // $this->assertEquals(PHP_INT_MAX, count($autoname2));
+ // }
+
public function testAutonameLength1() {
$autoname3=autoname(1);
$this->assertEquals(1, count($autoname3));
@@ -68,7 +78,7 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase {
*xmlify and unxmlify
*/
public function testXmlify() {
- $text="<tag>I want to break\n this!11!<?hard?></tag>";
+ $text="<tag>I want to break\n this!11!<?hard?></tag>";
$xml=xmlify($text); //test whether it actually may be part of a xml document
$retext=unxmlify($text);
@@ -85,7 +95,7 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase {
$this->assertEquals(12, hex2bin(bin2hex(12)));
$this->assertEquals(PHP_INT_MAX, hex2bin(bin2hex(PHP_INT_MAX)));
}
-
+
/**
* test expand_acl
*/
@@ -93,7 +103,7 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase {
$text="<1><2><3>";
$this->assertEquals(array(1, 2, 3), expand_acl($text));
}
-
+
public function testExpandAclBigNumber() {
$text="<1><279012><15>";
$this->assertEquals(array(1, 279012, 15), expand_acl($text));
@@ -133,19 +143,19 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase {
$text="Another> invalid> string>"; //should be invalid
$this->assertEquals(array(), expand_acl($text));
}
-
+
public function testExpandAclOpenOnly() {
$text="<Another< invalid string<"; //should be invalid
$this->assertEquals(array(), expand_acl($text));
}
-
+
public function testExpandAclNoMatching1() {
$text="<Another<> invalid <string>"; //should be invalid
$this->assertEquals(array(), expand_acl($text));
}
-
+
public function testExpandAclNoMatching2() {
- $text="<1>2><3>";
+ $text="<1>2><3>";
$this->assertEquals(array(), expand_acl($text));
}
@@ -166,7 +176,7 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase {
$this->assertTrue(attribute_contains($testAttr, "class3"));
$this->assertFalse(attribute_contains($testAttr, "class2"));
}
-
+
public function testAttributeContainsEmpty() {
$testAttr="";
$this->assertFalse(attribute_contains($testAttr, "class2"));
@@ -176,17 +186,71 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase {
$testAttr="--... %\$รค() /(=?}";
$this->assertFalse(attribute_contains($testAttr, "class2"));
}
-
+
/**
* test get_tags
*/
+ public function testGetTagsShortPerson() {
+ $text="hi @Mike";
+
+ $tags=get_tags($text);
+
+ $this->assertEquals("@Mike", $tags[0]);
+ }
+
+ public function testGetTagsShortTag() {
+ $text="This is a #test_case";
+
+ $tags=get_tags($text);
+
+ $this->assertEquals("#test_case", $tags[0]);
+ }
+
+ public function testGetTagsShortTagAndPerson() {
+ $text="hi @Mike This is a #test_case";
+
+ $tags=get_tags($text);
+
+ $this->assertEquals("@Mike", $tags[0]);
+ $this->assertEquals("#test_case", $tags[1]);
+ }
+
+ public function testGetTagsShortTagAndPersonSpecialChars() {
+ $text="hi @Mike, This is a #test_case.";
+
+ $tags=get_tags($text);
+
+ $this->assertEquals("@Mike", $tags[0]);
+ $this->assertEquals("#test_case", $tags[1]);
+ }
+
+ public function testGetTagsPersonOnly() {
+ $text="@Mike I saw the Theme Dev group was created.";
+
+ $tags=get_tags($text);
+
+ $this->assertEquals("@Mike", $tags[0]);
+ }
+
+ public function testGetTags2Persons1TagSpecialChars() {
+ $text="hi @Mike, I'm just writing #test_cases, so"
+ ." so @somebody@friendica.com may change #things.";
+
+ $tags=get_tags($text);
+
+ $this->assertEquals("@Mike", $tags[0]);
+ $this->assertEquals("#test_cases", $tags[1]);
+ $this->assertEquals("@somebody@friendica.com", $tags[2]);
+ $this->assertEquals("#things", $tags[3]);
+ }
+
public function testGetTags() {
$text="hi @Mike, I'm just writing #test_cases, "
." so @somebody@friendica.com may change #things. Of course I "
."look for a lot of #pitfalls, like #tags at the end of a sentence "
."@comment. I hope noone forgets about @fullstops.because that might"
." break #things. @Mike@campino@friendica.eu is also #nice, isn't it? "
- ."Now, add a @first_last tag. ";
+ ."Now, add a @first_last tag. ";
//check whether this are all variants (no, auto-stuff is missing).
$tags=get_tags($text);
@@ -210,8 +274,8 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase {
$tags=get_tags("");
$this->assertEquals(0, count($tags));
}
-//function qp, quick and dirty??
-//get_mentions
-//get_contact_block, bis Zeile 538
+ //function qp, quick and dirty??
+ //get_mentions
+ //get_contact_block, bis Zeile 538
}
?>