Browse Source

better tests

pull/132/head
Alexander Kampmann 9 years ago
parent
commit
185fcd0701
3 changed files with 265 additions and 144 deletions
  1. +48
    -4
      build.xml
  2. +217
    -0
      tests/xss_filter_test.php
  3. +0
    -140
      tests/xss_filter_tests.php

+ 48
- 4
build.xml View File

@ -1,14 +1,58 @@
<?xml version="1.0" encoding="UTF-8"?>
<project name="friendica" default="test">
<!-- set up include directories, this is necessary for the tests to work -->
<php>
set_include_path(
get_include_path() . PATH_SEPARATOR
. 'include' . PATH_SEPARATOR
. 'library' . PATH_SEPARATOR
. 'library/phpsec' . PATH_SEPARATOR
. '.' );
</php>
<!-- ====================================================== -->
<!-- Target: clean-test -->
<!-- deletes directories with old test reports -->
<!-- ====================================================== -->
<target name="clean-test">
<delete dir="report" />
</target>
<!-- ====================================================== -->
<!-- Target: prepare-test -->
<!-- creates directories for test reports -->
<!-- ====================================================== -->
<target name="prepare-test" depends="clean-test">
<mkdir dir="report" />
</target>
<!-- =================================== -->
<!-- Target: test -->
<!-- this target runs all test files -->
<!-- =================================== -->
<target name="test">
<!-- there are no tests by now, so, nothing to do -->
<target name="test" depends="prepare-test">
<coverage-setup database="./report/coverage-database">
<fileset dir=".">
<include name="**/*.php" />
<exclude name="*test.php"/>
<exclude name="./index.php"/>
<exclude name="./library/**"/>
<exclude name="doc/**"/>
</fileset>
</coverage-setup>
<phpunit printsummary="true" >
<batchtest>
<fileset dir="tests">
<include name="*test.php" />
</fileset>
</batchtest>
<formatter type="xml" todir="report" outfile="testlog.xml" />
</phpunit>
<phpunitreport infile="report/testlog.xml" todir="report" />
<coverage-report outfile="report/coverage-database">
<report todir="report" styledir="/home/phing/etc" />
</coverage-report>
</target>
<!-- ===================================================== -->


+ 217
- 0
tests/xss_filter_test.php View File

@ -0,0 +1,217 @@
<?php
/**
* Tests, without pHPUnit by now
* @package test.util
*/
require_once('include/text.php');
class AntiXSSTest extends PHPUnit_Framework_TestCase {
/**
* test no tags
*/
public function testEscapeTags() {
$invalidstring='<submit type="button" onclick="alert(\'failed!\');" />';
$validstring=notags($invalidstring);
$escapedString=escape_tags($invalidstring);
$this->assertEquals('[submit type="button" onclick="alert(\'failed!\');" /]', $validstring);
$this->assertEquals("&lt;submit type=&quot;button&quot; onclick=&quot;alert('failed!');&quot; /&gt;", $escapedString);
}
/**
*autonames should be random, even length
*/
public function testAutonameEven() {
$autoname1=autoname(10);
$autoname2=autoname(10);
$this->assertNotEquals($autoname1, $autoname2);
}
/**
*autonames should be random, odd length
*/
public function testAutonameOdd() {
$autoname1=autoname(9);
$autoname2=autoname(9);
$this->assertNotEquals($autoname1, $autoname2);
}
/**
* try to fail autonames
*/
public function testAutonameNoLength() {
$autoname1=autoname(0);
$this->assertEquals(0, count($autoname1));
}
public function testAutonameNegativeLength() {
$autoname1=autoname(-23);
$this->assertEquals(0, count($autoname1));
}
// public function testAutonameMaxLength() {
// $autoname2=autoname(PHP_INT_MAX);
// $this->assertEquals(PHP_INT_MAX, count($autoname2));
// }
public function testAutonameLength1() {
$autoname3=autoname(1);
$this->assertEquals(1, count($autoname3));
}
/**
*xmlify and unxmlify
*/
public function testXmlify() {
$text="<tag>I want to break\n this!11!<?hard?></tag>";
$xml=xmlify($text); //test whether it actually may be part of a xml document
$retext=unxmlify($text);
$this->assertEquals($text, $retext);
}
/**
* test hex2bin and reverse
*/
public function testHex2Bin() {
$this->assertEquals(-3, hex2bin(bin2hex(-3)));
$this->assertEquals(0, hex2bin(bin2hex(0)));
$this->assertEquals(12, hex2bin(bin2hex(12)));
$this->assertEquals(PHP_INT_MAX, hex2bin(bin2hex(PHP_INT_MAX)));
}
/**
* test expand_acl
*/
public function testExpandAclNormal() {
$text="<1><2><3>";
$this->assertEquals(array(1, 2, 3), expand_acl($text));
}
public function testExpandAclBigNumber() {
$text="<1><279012><15>";
$this->assertEquals(array(1, 279012, 15), expand_acl($text));
}
public function testExpandAclString() {
$text="<1><279012><tt>"; //maybe that's invalid
$this->assertEquals(array(1, 279012, 'tt'), expand_acl($text));
}
public function testExpandAclSpace() {
$text="<1><279 012><32>"; //maybe that's invalid
$this->assertEquals(array(1, "279 012", "32"), expand_acl($text));
}
public function testExpandAclEmpty() {
$text=""; //maybe that's invalid
$this->assertEquals(array(), expand_acl($text));
}
public function testExpandAclNoBrackets() {
$text="According to documentation, that's invalid. "; //should be invalid
$this->assertEquals(array(), expand_acl($text));
}
public function testExpandAclJustOneBracket1() {
$text="<Another invalid string"; //should be invalid
$this->assertEquals(array(), expand_acl($text));
}
public function testExpandAclJustOneBracket2() {
$text="Another invalid> string"; //should be invalid
$this->assertEquals(array(), expand_acl($text));
}
public function testExpandAclCloseOnly() {
$text="Another> invalid> string>"; //should be invalid
$this->assertEquals(array(), expand_acl($text));
}
public function testExpandAclOpenOnly() {
$text="<Another< invalid string<"; //should be invalid
$this->assertEquals(array(), expand_acl($text));
}
public function testExpandAclNoMatching1() {
$text="<Another<> invalid <string>"; //should be invalid
$this->assertEquals(array(), expand_acl($text));
}
public function testExpandAclNoMatching2() {
$text="<1>2><3>";
$this->assertEquals(array(), expand_acl($text));
}
/**
* test attribute contains
*/
public function testAttributeContains1() {
$testAttr="class1 notclass2 class3";
$this->assertTrue(attribute_contains($testAttr, "class3"));
$this->assertFalse(attribute_contains($testAttr, "class2"));
}
/**
* test attribute contains
*/
public function testAttributeContains2() {
$testAttr="class1 not-class2 class3";
$this->assertTrue(attribute_contains($testAttr, "class3"));
$this->assertFalse(attribute_contains($testAttr, "class2"));
}
public function testAttributeContainsEmpty() {
$testAttr="";
$this->assertFalse(attribute_contains($testAttr, "class2"));
}
public function testAttributeContainsSpecialChars() {
$testAttr="--... %\$ä() /(=?}";
$this->assertFalse(attribute_contains($testAttr, "class2"));
}
/**
* test get_tags
*/
public function testGetTags() {
$text="hi @Mike, I'm just writing #test_cases, "
." so @somebody@friendica.com may change #things. Of course I "
."look for a lot of #pitfalls, like #tags at the end of a sentence "
."@comment. I hope noone forgets about @fullstops.because that might"
." break #things. @Mike@campino@friendica.eu is also #nice, isn't it? "
."Now, add a @first_last tag. ";
//check whether this are all variants (no, auto-stuff is missing).
$tags=get_tags($text);
$this->assertEquals("@Mike", $tags[0]);
$this->assertEquals("#test_cases", $tags[1]);
$this->assertEquals("@somebody@friendica.com", $tags[2]);
$this->assertEquals("#things", $tags[3]);
$this->assertEquals("#pitfalls", $tags[4]);
$this->assertEquals("#tags", $tags[5]);
$this->assertEquals("@comment", $tags[6]);
$this->assertEquals("@fullstops", $tags[7]);
$this->assertEquals("#things", $tags[8]);
$this->assertEquals("@Mike", $tags[9]);
$this->assertEquals("@campino@friendica.eu", $tags[10]);
$this->assertEquals("#nice", $tags[11]);
$this->assertEquals("@first_last", $tags[12]);
}
public function testGetTagsEmpty() {
$tags=get_tags("");
$this->assertEquals(0, count($tags));
}
//function qp, quick and dirty??
//get_mentions
//get_contact_block, bis Zeile 538
}
?>

+ 0
- 140
tests/xss_filter_tests.php View File

@ -1,140 +0,0 @@
<?php
/**
* Tests, without pHPUnit by now
* @package test.util
*/
require_once(text.php);
/**
* test no tags
*/
$invalidstring='<submit type="button" onclick="alert(\'failed!\');" />'
$validstring=notags($invalidstring);
$escapedString=escape_tags($invalidstring);
assert("[submit type="button" onclick="alert(\'failed!\');" /]", $validstring);
assert("what ever", $escapedString);
/**
*autonames should be random, even length
*/
$autoname1=autoname(10);
$autoname2=autoname(10);
assertNotEquals($autoname1, $autoname2);
/**
*autonames should be random, odd length
*/
$autoname1=autoname(9);
$autoname2=autoname(9);
assertNotEquals($autoname1, $autoname2);
/**
* try to fail autonames
*/
$autoname1=autoname(0);
$autoname2=autoname(MAX_VALUE);
$autoname3=autoname(1);
assert(count($autoname1), 0);
assert(count($autoname2), MAX_VALUE);
assert(count($autoname3), 1);
/**
*xmlify and unxmlify
*/
$text="<tag>I want to break\n this!11!<?hard?></tag>"
$xml=xmlify($text); //test whether it actually may be part of a xml document
$retext=unxmlify($text);
assert($text, $retext);
/**
* test hex2bin and reverse
*/
assert(-3, hex2bin(bin2hex(-3)));
assert(0, hex2bin(bin2hex(0)));
assert(12, hex2bin(bin2hex(12)));
assert(MAX_INT, hex2bin(bin2hex(MAX_INT)));
/**
* test expand_acl
*/
$text="<1><2><3>";
assert(array(1, 2, 3), $text);
$text="<1><279012><15>";
assert(array(1, 279012, 15), $text);
$text="<1><279012><tt>"; //maybe that's invalid
assert(array(1, 279012, "tt"), $text);
$text="<1><279 012><tt>"; //maybe that's invalid
assert(array(1, "279 012", "tt"), $text);
$text=""; //maybe that's invalid
assert(array(), $text);
$text="According to documentation, that's invalid. "; //should be invalid
assert(array(), $text);
$text="<Another invalid string"; //should be invalid
assert(array(), $text);
$text="Another invalid> string"; //should be invalid
assert(array(), $text);
$text="Another> invalid> string>"; //should be invalid
assert(array(), $text);
/**
* test attribute contains
*/
$testAttr="class1 notclass2 class3";
assertTrue(attribute_contains($testAttr, "class3"));
assertFalse(attribute_contains($testAttr, "class2"));
$testAttr="";
assertFalse(attribute_contains($testAttr, "class2"));
$testAttr="--... %() /(=?}";
assertFalse(attribute_contains($testAttr, "class2"));
/**
* test get_tags
*/
$text="hi @Mike, I'm just writing #test_cases, ";
$text.=" so @somebody@friendica.com may change #things. Of course I ";
$text.="look for a lot of #pitfalls, like #tags at the end of a sentence ";
$text.="@comment. I hope noone forgets about @fullstops.because that might";
$text.=" break #things. @Mike@campino@friendica.eu is also #nice, isn't it? ";
$text.="Now, add a @first_last tag. "
//check whether this are all variants (no, auto-stuff is missing).
$tags=get_tags($text);
assert("@Mike", $tags[0]);
assert("#test_cases", $tags[1]);
assert("@somebody@friendica.com", $tags[2]);
assert("#things", $tags[3]);
assert("#pitfalls", $tags[4]);
assert("#tags", $tags[5]);
assert("@comment", $tags[6]);
assert("@fullstops", $tags[7]);
assert("#things", $tags[8]);
assert("@Mike", $tags[9]);
assert("@campino@friendica.eu", $tags[10]);
assert("#nice", $tags[11]);
assert("@first_last", $tags[12]);
$tags=get_tags("");
assert(0, count($tags));
//function qp, quick and dirty??
//get_mentions
//get_contact_block, bis Zeile 538
?>

Loading…
Cancel
Save