From 185fcd0701946babf61066b49582225286061563 Mon Sep 17 00:00:00 2001 From: Alexander Kampmann Date: Thu, 8 Mar 2012 17:43:12 +0100 Subject: better tests --- tests/xss_filter_test.php | 217 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 217 insertions(+) create mode 100644 tests/xss_filter_test.php (limited to 'tests/xss_filter_test.php') diff --git a/tests/xss_filter_test.php b/tests/xss_filter_test.php new file mode 100644 index 000000000..e480ef7ec --- /dev/null +++ b/tests/xss_filter_test.php @@ -0,0 +1,217 @@ +'; + + $validstring=notags($invalidstring); + $escapedString=escape_tags($invalidstring); + + $this->assertEquals('[submit type="button" onclick="alert(\'failed!\');" /]', $validstring); + $this->assertEquals("<submit type="button" onclick="alert('failed!');" />", $escapedString); + } + + /** + *autonames should be random, even length + */ + public function testAutonameEven() { + $autoname1=autoname(10); + $autoname2=autoname(10); + + $this->assertNotEquals($autoname1, $autoname2); + } + + /** + *autonames should be random, odd length + */ + public function testAutonameOdd() { + $autoname1=autoname(9); + $autoname2=autoname(9); + + $this->assertNotEquals($autoname1, $autoname2); + } + + /** + * try to fail autonames + */ + public function testAutonameNoLength() { + $autoname1=autoname(0); + $this->assertEquals(0, count($autoname1)); + } + + public function testAutonameNegativeLength() { + $autoname1=autoname(-23); + $this->assertEquals(0, count($autoname1)); + } + +// public function testAutonameMaxLength() { +// $autoname2=autoname(PHP_INT_MAX); +// $this->assertEquals(PHP_INT_MAX, count($autoname2)); +// } + + public function testAutonameLength1() { + $autoname3=autoname(1); + $this->assertEquals(1, count($autoname3)); + } + + /** + *xmlify and unxmlify + */ + public function testXmlify() { + $text="I want to break\n this!11!"; + $xml=xmlify($text); //test whether it actually may be part of a xml document + $retext=unxmlify($text); + + $this->assertEquals($text, $retext); + } + + /** + * test hex2bin and reverse + */ + + public function testHex2Bin() { + $this->assertEquals(-3, hex2bin(bin2hex(-3))); + $this->assertEquals(0, hex2bin(bin2hex(0))); + $this->assertEquals(12, hex2bin(bin2hex(12))); + $this->assertEquals(PHP_INT_MAX, hex2bin(bin2hex(PHP_INT_MAX))); + } + + /** + * test expand_acl + */ + public function testExpandAclNormal() { + $text="<1><2><3>"; + $this->assertEquals(array(1, 2, 3), expand_acl($text)); + } + + public function testExpandAclBigNumber() { + $text="<1><279012><15>"; + $this->assertEquals(array(1, 279012, 15), expand_acl($text)); + } + + public function testExpandAclString() { + $text="<1><279012>"; //maybe that's invalid + $this->assertEquals(array(1, 279012, 'tt'), expand_acl($text)); + } + + public function testExpandAclSpace() { + $text="<1><279 012><32>"; //maybe that's invalid + $this->assertEquals(array(1, "279 012", "32"), expand_acl($text)); + } + + public function testExpandAclEmpty() { + $text=""; //maybe that's invalid + $this->assertEquals(array(), expand_acl($text)); + } + + public function testExpandAclNoBrackets() { + $text="According to documentation, that's invalid. "; //should be invalid + $this->assertEquals(array(), expand_acl($text)); + } + + public function testExpandAclJustOneBracket1() { + $text="assertEquals(array(), expand_acl($text)); + } + + public function testExpandAclJustOneBracket2() { + $text="Another invalid> string"; //should be invalid + $this->assertEquals(array(), expand_acl($text)); + } + + public function testExpandAclCloseOnly() { + $text="Another> invalid> string>"; //should be invalid + $this->assertEquals(array(), expand_acl($text)); + } + + public function testExpandAclOpenOnly() { + $text="assertEquals(array(), expand_acl($text)); + } + + public function testExpandAclNoMatching1() { + $text=" invalid "; //should be invalid + $this->assertEquals(array(), expand_acl($text)); + } + + public function testExpandAclNoMatching2() { + $text="<1>2><3>"; + $this->assertEquals(array(), expand_acl($text)); + } + + /** + * test attribute contains + */ + public function testAttributeContains1() { + $testAttr="class1 notclass2 class3"; + $this->assertTrue(attribute_contains($testAttr, "class3")); + $this->assertFalse(attribute_contains($testAttr, "class2")); + } + + /** + * test attribute contains + */ + public function testAttributeContains2() { + $testAttr="class1 not-class2 class3"; + $this->assertTrue(attribute_contains($testAttr, "class3")); + $this->assertFalse(attribute_contains($testAttr, "class2")); + } + + public function testAttributeContainsEmpty() { + $testAttr=""; + $this->assertFalse(attribute_contains($testAttr, "class2")); + } + + public function testAttributeContainsSpecialChars() { + $testAttr="--... %\$ä() /(=?}"; + $this->assertFalse(attribute_contains($testAttr, "class2")); + } + + /** + * test get_tags + */ + public function testGetTags() { + $text="hi @Mike, I'm just writing #test_cases, " + ." so @somebody@friendica.com may change #things. Of course I " + ."look for a lot of #pitfalls, like #tags at the end of a sentence " + ."@comment. I hope noone forgets about @fullstops.because that might" + ." break #things. @Mike@campino@friendica.eu is also #nice, isn't it? " + ."Now, add a @first_last tag. "; + //check whether this are all variants (no, auto-stuff is missing). + + $tags=get_tags($text); + + $this->assertEquals("@Mike", $tags[0]); + $this->assertEquals("#test_cases", $tags[1]); + $this->assertEquals("@somebody@friendica.com", $tags[2]); + $this->assertEquals("#things", $tags[3]); + $this->assertEquals("#pitfalls", $tags[4]); + $this->assertEquals("#tags", $tags[5]); + $this->assertEquals("@comment", $tags[6]); + $this->assertEquals("@fullstops", $tags[7]); + $this->assertEquals("#things", $tags[8]); + $this->assertEquals("@Mike", $tags[9]); + $this->assertEquals("@campino@friendica.eu", $tags[10]); + $this->assertEquals("#nice", $tags[11]); + $this->assertEquals("@first_last", $tags[12]); + } + + public function testGetTagsEmpty() { + $tags=get_tags(""); + $this->assertEquals(0, count($tags)); + } +//function qp, quick and dirty?? +//get_mentions +//get_contact_block, bis Zeile 538 +} +?> -- cgit v1.2.3 From f84c191f8df126b95d8a41f70e785a9592018390 Mon Sep 17 00:00:00 2001 From: Alexander Kampmann Date: Fri, 9 Mar 2012 12:16:58 +0100 Subject: added some tests --- tests/xss_filter_test.php | 116 +++++++++++++++++++++++++++++++++++----------- 1 file changed, 90 insertions(+), 26 deletions(-) (limited to 'tests/xss_filter_test.php') diff --git a/tests/xss_filter_test.php b/tests/xss_filter_test.php index e480ef7ec..00e97cf98 100644 --- a/tests/xss_filter_test.php +++ b/tests/xss_filter_test.php @@ -1,16 +1,26 @@ '; @@ -53,12 +63,12 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { $autoname1=autoname(-23); $this->assertEquals(0, count($autoname1)); } - -// public function testAutonameMaxLength() { -// $autoname2=autoname(PHP_INT_MAX); -// $this->assertEquals(PHP_INT_MAX, count($autoname2)); -// } - + + // public function testAutonameMaxLength() { + // $autoname2=autoname(PHP_INT_MAX); + // $this->assertEquals(PHP_INT_MAX, count($autoname2)); + // } + public function testAutonameLength1() { $autoname3=autoname(1); $this->assertEquals(1, count($autoname3)); @@ -68,7 +78,7 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { *xmlify and unxmlify */ public function testXmlify() { - $text="I want to break\n this!11!"; + $text="I want to break\n this!11!"; $xml=xmlify($text); //test whether it actually may be part of a xml document $retext=unxmlify($text); @@ -85,7 +95,7 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { $this->assertEquals(12, hex2bin(bin2hex(12))); $this->assertEquals(PHP_INT_MAX, hex2bin(bin2hex(PHP_INT_MAX))); } - + /** * test expand_acl */ @@ -93,7 +103,7 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { $text="<1><2><3>"; $this->assertEquals(array(1, 2, 3), expand_acl($text)); } - + public function testExpandAclBigNumber() { $text="<1><279012><15>"; $this->assertEquals(array(1, 279012, 15), expand_acl($text)); @@ -133,19 +143,19 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { $text="Another> invalid> string>"; //should be invalid $this->assertEquals(array(), expand_acl($text)); } - + public function testExpandAclOpenOnly() { $text="assertEquals(array(), expand_acl($text)); } - + public function testExpandAclNoMatching1() { $text=" invalid "; //should be invalid $this->assertEquals(array(), expand_acl($text)); } - + public function testExpandAclNoMatching2() { - $text="<1>2><3>"; + $text="<1>2><3>"; $this->assertEquals(array(), expand_acl($text)); } @@ -166,7 +176,7 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { $this->assertTrue(attribute_contains($testAttr, "class3")); $this->assertFalse(attribute_contains($testAttr, "class2")); } - + public function testAttributeContainsEmpty() { $testAttr=""; $this->assertFalse(attribute_contains($testAttr, "class2")); @@ -176,17 +186,71 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { $testAttr="--... %\$ä() /(=?}"; $this->assertFalse(attribute_contains($testAttr, "class2")); } - + /** * test get_tags */ + public function testGetTagsShortPerson() { + $text="hi @Mike"; + + $tags=get_tags($text); + + $this->assertEquals("@Mike", $tags[0]); + } + + public function testGetTagsShortTag() { + $text="This is a #test_case"; + + $tags=get_tags($text); + + $this->assertEquals("#test_case", $tags[0]); + } + + public function testGetTagsShortTagAndPerson() { + $text="hi @Mike This is a #test_case"; + + $tags=get_tags($text); + + $this->assertEquals("@Mike", $tags[0]); + $this->assertEquals("#test_case", $tags[1]); + } + + public function testGetTagsShortTagAndPersonSpecialChars() { + $text="hi @Mike, This is a #test_case."; + + $tags=get_tags($text); + + $this->assertEquals("@Mike", $tags[0]); + $this->assertEquals("#test_case", $tags[1]); + } + + public function testGetTagsPersonOnly() { + $text="@Mike I saw the Theme Dev group was created."; + + $tags=get_tags($text); + + $this->assertEquals("@Mike", $tags[0]); + } + + public function testGetTags2Persons1TagSpecialChars() { + $text="hi @Mike, I'm just writing #test_cases, so" + ." so @somebody@friendica.com may change #things."; + + $tags=get_tags($text); + + $this->assertEquals("@Mike", $tags[0]); + $this->assertEquals("#test_cases", $tags[1]); + $this->assertEquals("@somebody@friendica.com", $tags[2]); + $this->assertEquals("#things", $tags[3]); + } + public function testGetTags() { $text="hi @Mike, I'm just writing #test_cases, " ." so @somebody@friendica.com may change #things. Of course I " ."look for a lot of #pitfalls, like #tags at the end of a sentence " ."@comment. I hope noone forgets about @fullstops.because that might" ." break #things. @Mike@campino@friendica.eu is also #nice, isn't it? " - ."Now, add a @first_last tag. "; + ."Now, add a @first_last tag. "; //check whether this are all variants (no, auto-stuff is missing). $tags=get_tags($text); @@ -210,8 +274,8 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { $tags=get_tags(""); $this->assertEquals(0, count($tags)); } -//function qp, quick and dirty?? -//get_mentions -//get_contact_block, bis Zeile 538 + //function qp, quick and dirty?? + //get_mentions + //get_contact_block, bis Zeile 538 } ?> -- cgit v1.2.3 From 21589c5eced7869d7105fa439c433e6a12c89531 Mon Sep 17 00:00:00 2001 From: Alexander Kampmann Date: Fri, 9 Mar 2012 12:18:37 +0100 Subject: changed a test string --- tests/xss_filter_test.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests/xss_filter_test.php') diff --git a/tests/xss_filter_test.php b/tests/xss_filter_test.php index 00e97cf98..35d3b1be9 100644 --- a/tests/xss_filter_test.php +++ b/tests/xss_filter_test.php @@ -225,11 +225,11 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { } public function testGetTagsPersonOnly() { - $text="@Mike I saw the Theme Dev group was created."; + $text="@Test I saw the Theme Dev group was created."; $tags=get_tags($text); - $this->assertEquals("@Mike", $tags[0]); + $this->assertEquals("@Test", $tags[0]); } public function testGetTags2Persons1TagSpecialChars() { -- cgit v1.2.3 From f8042d04451905486fb766c520736f4060ae9a12 Mon Sep 17 00:00:00 2001 From: Alexander Kampmann Date: Fri, 9 Mar 2012 12:57:11 +0100 Subject: splitted test cases. --- tests/xss_filter_test.php | 88 ----------------------------------------------- 1 file changed, 88 deletions(-) (limited to 'tests/xss_filter_test.php') diff --git a/tests/xss_filter_test.php b/tests/xss_filter_test.php index 35d3b1be9..fe944c2a7 100644 --- a/tests/xss_filter_test.php +++ b/tests/xss_filter_test.php @@ -1,6 +1,5 @@ assertFalse(attribute_contains($testAttr, "class2")); } - /** - * test get_tags - */ - public function testGetTagsShortPerson() { - $text="hi @Mike"; - - $tags=get_tags($text); - - $this->assertEquals("@Mike", $tags[0]); - } - - public function testGetTagsShortTag() { - $text="This is a #test_case"; - - $tags=get_tags($text); - - $this->assertEquals("#test_case", $tags[0]); - } - - public function testGetTagsShortTagAndPerson() { - $text="hi @Mike This is a #test_case"; - - $tags=get_tags($text); - - $this->assertEquals("@Mike", $tags[0]); - $this->assertEquals("#test_case", $tags[1]); - } - - public function testGetTagsShortTagAndPersonSpecialChars() { - $text="hi @Mike, This is a #test_case."; - - $tags=get_tags($text); - - $this->assertEquals("@Mike", $tags[0]); - $this->assertEquals("#test_case", $tags[1]); - } - - public function testGetTagsPersonOnly() { - $text="@Test I saw the Theme Dev group was created."; - - $tags=get_tags($text); - - $this->assertEquals("@Test", $tags[0]); - } - - public function testGetTags2Persons1TagSpecialChars() { - $text="hi @Mike, I'm just writing #test_cases, so" - ." so @somebody@friendica.com may change #things."; - - $tags=get_tags($text); - - $this->assertEquals("@Mike", $tags[0]); - $this->assertEquals("#test_cases", $tags[1]); - $this->assertEquals("@somebody@friendica.com", $tags[2]); - $this->assertEquals("#things", $tags[3]); - } - - public function testGetTags() { - $text="hi @Mike, I'm just writing #test_cases, " - ." so @somebody@friendica.com may change #things. Of course I " - ."look for a lot of #pitfalls, like #tags at the end of a sentence " - ."@comment. I hope noone forgets about @fullstops.because that might" - ." break #things. @Mike@campino@friendica.eu is also #nice, isn't it? " - ."Now, add a @first_last tag. "; - //check whether this are all variants (no, auto-stuff is missing). - - $tags=get_tags($text); - - $this->assertEquals("@Mike", $tags[0]); - $this->assertEquals("#test_cases", $tags[1]); - $this->assertEquals("@somebody@friendica.com", $tags[2]); - $this->assertEquals("#things", $tags[3]); - $this->assertEquals("#pitfalls", $tags[4]); - $this->assertEquals("#tags", $tags[5]); - $this->assertEquals("@comment", $tags[6]); - $this->assertEquals("@fullstops", $tags[7]); - $this->assertEquals("#things", $tags[8]); - $this->assertEquals("@Mike", $tags[9]); - $this->assertEquals("@campino@friendica.eu", $tags[10]); - $this->assertEquals("#nice", $tags[11]); - $this->assertEquals("@first_last", $tags[12]); - } - - public function testGetTagsEmpty() { - $tags=get_tags(""); - $this->assertEquals(0, count($tags)); - } //function qp, quick and dirty?? //get_mentions //get_contact_block, bis Zeile 538 -- cgit v1.2.3 From 509ed2604fe6860b83e02984f8b4a280496a22a8 Mon Sep 17 00:00:00 2001 From: Alexander Kampmann Date: Wed, 14 Mar 2012 12:54:49 +0100 Subject: splitted tests into several files --- tests/xss_filter_test.php | 149 +--------------------------------------------- 1 file changed, 3 insertions(+), 146 deletions(-) (limited to 'tests/xss_filter_test.php') diff --git a/tests/xss_filter_test.php b/tests/xss_filter_test.php index fe944c2a7..d7dcf0472 100644 --- a/tests/xss_filter_test.php +++ b/tests/xss_filter_test.php @@ -1,24 +1,16 @@ '; @@ -30,49 +22,6 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { $this->assertEquals("<submit type="button" onclick="alert('failed!');" />", $escapedString); } - /** - *autonames should be random, even length - */ - public function testAutonameEven() { - $autoname1=autoname(10); - $autoname2=autoname(10); - - $this->assertNotEquals($autoname1, $autoname2); - } - - /** - *autonames should be random, odd length - */ - public function testAutonameOdd() { - $autoname1=autoname(9); - $autoname2=autoname(9); - - $this->assertNotEquals($autoname1, $autoname2); - } - - /** - * try to fail autonames - */ - public function testAutonameNoLength() { - $autoname1=autoname(0); - $this->assertEquals(0, count($autoname1)); - } - - public function testAutonameNegativeLength() { - $autoname1=autoname(-23); - $this->assertEquals(0, count($autoname1)); - } - - // public function testAutonameMaxLength() { - // $autoname2=autoname(PHP_INT_MAX); - // $this->assertEquals(PHP_INT_MAX, count($autoname2)); - // } - - public function testAutonameLength1() { - $autoname3=autoname(1); - $this->assertEquals(1, count($autoname3)); - } - /** *xmlify and unxmlify */ @@ -87,7 +36,6 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { /** * test hex2bin and reverse */ - public function testHex2Bin() { $this->assertEquals(-3, hex2bin(bin2hex(-3))); $this->assertEquals(0, hex2bin(bin2hex(0))); @@ -95,97 +43,6 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase { $this->assertEquals(PHP_INT_MAX, hex2bin(bin2hex(PHP_INT_MAX))); } - /** - * test expand_acl - */ - public function testExpandAclNormal() { - $text="<1><2><3>"; - $this->assertEquals(array(1, 2, 3), expand_acl($text)); - } - - public function testExpandAclBigNumber() { - $text="<1><279012><15>"; - $this->assertEquals(array(1, 279012, 15), expand_acl($text)); - } - - public function testExpandAclString() { - $text="<1><279012>"; //maybe that's invalid - $this->assertEquals(array(1, 279012, 'tt'), expand_acl($text)); - } - - public function testExpandAclSpace() { - $text="<1><279 012><32>"; //maybe that's invalid - $this->assertEquals(array(1, "279 012", "32"), expand_acl($text)); - } - - public function testExpandAclEmpty() { - $text=""; //maybe that's invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclNoBrackets() { - $text="According to documentation, that's invalid. "; //should be invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclJustOneBracket1() { - $text="assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclJustOneBracket2() { - $text="Another invalid> string"; //should be invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclCloseOnly() { - $text="Another> invalid> string>"; //should be invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclOpenOnly() { - $text="assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclNoMatching1() { - $text=" invalid "; //should be invalid - $this->assertEquals(array(), expand_acl($text)); - } - - public function testExpandAclNoMatching2() { - $text="<1>2><3>"; - $this->assertEquals(array(), expand_acl($text)); - } - - /** - * test attribute contains - */ - public function testAttributeContains1() { - $testAttr="class1 notclass2 class3"; - $this->assertTrue(attribute_contains($testAttr, "class3")); - $this->assertFalse(attribute_contains($testAttr, "class2")); - } - - /** - * test attribute contains - */ - public function testAttributeContains2() { - $testAttr="class1 not-class2 class3"; - $this->assertTrue(attribute_contains($testAttr, "class3")); - $this->assertFalse(attribute_contains($testAttr, "class2")); - } - - public function testAttributeContainsEmpty() { - $testAttr=""; - $this->assertFalse(attribute_contains($testAttr, "class2")); - } - - public function testAttributeContainsSpecialChars() { - $testAttr="--... %\$ä() /(=?}"; - $this->assertFalse(attribute_contains($testAttr, "class2")); - } - //function qp, quick and dirty?? //get_mentions //get_contact_block, bis Zeile 538 -- cgit v1.2.3