]> git.mxchange.org Git - friendica.git/blob - tests/xss_filter_test.php
projects / friendica.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
added some tests
[friendica.git] / tests / xss_filter_test.php
1 <?php
2 /**
3  * Tests, without pHPUnit by now
4  * @package test.util
5  */
6
7 require_once("include/template_processor.php");
8 require_once('include/text.php');
9
10 class AntiXSSTest extends PHPUnit_Framework_TestCase {
11
12         public function setUp() {
13                 set_include_path(\r
14                                 get_include_path() . PATH_SEPARATOR\r
15                                 . 'include' . PATH_SEPARATOR\r
16                                 . 'library' . PATH_SEPARATOR\r
17                                 . 'library/phpsec' . PATH_SEPARATOR\r
18                                 . '.' );
19         }
20
21         /**
22          * test no tags
23          */
24         public function testEscapeTags() {
25                 $invalidstring='<submit type="button" onclick="alert(\'failed!\');" />';
26
27                 $validstring=notags($invalidstring);
28                 $escapedString=escape_tags($invalidstring);
29
30                 $this->assertEquals('[submit type="button" onclick="alert(\'failed!\');" /]', $validstring);
31                 $this->assertEquals("&lt;submit type=&quot;button&quot; onclick=&quot;alert('failed!');&quot; /&gt;", $escapedString);
32         }
33
34         /**
35          *autonames should be random, even length
36          */
37         public function testAutonameEven() {
38                 $autoname1=autoname(10);
39                 $autoname2=autoname(10);
40
41                 $this->assertNotEquals($autoname1, $autoname2);
42         }
43
44         /**
45          *autonames should be random, odd length
46          */
47         public function testAutonameOdd() {
48                 $autoname1=autoname(9);
49                 $autoname2=autoname(9);
50
51                 $this->assertNotEquals($autoname1, $autoname2);
52         }
53
54         /**
55          * try to fail autonames
56          */
57         public function testAutonameNoLength() {
58                 $autoname1=autoname(0);
59                 $this->assertEquals(0, count($autoname1));
60         }
61
62         public function testAutonameNegativeLength() {
63                 $autoname1=autoname(-23);
64                 $this->assertEquals(0, count($autoname1));
65         }
66
67         //      public function testAutonameMaxLength() {
68         //              $autoname2=autoname(PHP_INT_MAX);
69         //              $this->assertEquals(PHP_INT_MAX, count($autoname2));
70         //      }
71
72         public function testAutonameLength1() {
73                 $autoname3=autoname(1);
74                 $this->assertEquals(1, count($autoname3));
75         }
76
77         /**
78          *xmlify and unxmlify
79          */
80         public function testXmlify() {
81                 $text="<tag>I want to break\n this!11!<?hard?></tag>";
82                 $xml=xmlify($text); //test whether it actually may be part of a xml document
83                 $retext=unxmlify($text);
84
85                 $this->assertEquals($text, $retext);
86         }
87
88         /**
89          * test hex2bin and reverse
90          */
91
92         public function testHex2Bin() {
93                 $this->assertEquals(-3, hex2bin(bin2hex(-3)));
94                 $this->assertEquals(0, hex2bin(bin2hex(0)));
95                 $this->assertEquals(12, hex2bin(bin2hex(12)));
96                 $this->assertEquals(PHP_INT_MAX, hex2bin(bin2hex(PHP_INT_MAX)));
97         }
98
99         /**
100          * test expand_acl
101          */
102         public function testExpandAclNormal() {
103                 $text="<1><2><3>";
104                 $this->assertEquals(array(1, 2, 3), expand_acl($text));
105         }
106
107         public function testExpandAclBigNumber() {
108                 $text="<1><279012><15>";
109                 $this->assertEquals(array(1, 279012, 15), expand_acl($text));
110         }
111
112         public function testExpandAclString() {
113                 $text="<1><279012><tt>"; //maybe that's invalid
114                 $this->assertEquals(array(1, 279012, 'tt'), expand_acl($text));
115         }
116
117         public function testExpandAclSpace() {
118                 $text="<1><279 012><32>"; //maybe that's invalid
119                 $this->assertEquals(array(1, "279 012", "32"), expand_acl($text));
120         }
121
122         public function testExpandAclEmpty() {
123                 $text=""; //maybe that's invalid
124                 $this->assertEquals(array(), expand_acl($text));
125         }
126
127         public function testExpandAclNoBrackets() {
128                 $text="According to documentation, that's invalid. "; //should be invalid
129                 $this->assertEquals(array(), expand_acl($text));
130         }
131
132         public function testExpandAclJustOneBracket1() {
133                 $text="<Another invalid string"; //should be invalid
134                 $this->assertEquals(array(), expand_acl($text));
135         }
136
137         public function testExpandAclJustOneBracket2() {
138                 $text="Another invalid> string"; //should be invalid
139                 $this->assertEquals(array(), expand_acl($text));
140         }
141
142         public function testExpandAclCloseOnly() {
143                 $text="Another> invalid> string>"; //should be invalid
144                 $this->assertEquals(array(), expand_acl($text));
145         }
146
147         public function testExpandAclOpenOnly() {
148                 $text="<Another< invalid string<"; //should be invalid
149                 $this->assertEquals(array(), expand_acl($text));
150         }
151
152         public function testExpandAclNoMatching1() {
153                 $text="<Another<> invalid <string>"; //should be invalid
154                 $this->assertEquals(array(), expand_acl($text));
155         }
156
157         public function testExpandAclNoMatching2() {
158                 $text="<1>2><3>";
159                 $this->assertEquals(array(), expand_acl($text));
160         }
161
162         /**
163          * test attribute contains
164          */
165         public function testAttributeContains1() {
166                 $testAttr="class1 notclass2 class3";
167                 $this->assertTrue(attribute_contains($testAttr, "class3"));
168                 $this->assertFalse(attribute_contains($testAttr, "class2"));
169         }
170
171         /**
172          * test attribute contains
173          */
174         public function testAttributeContains2() {
175                 $testAttr="class1 not-class2 class3";
176                 $this->assertTrue(attribute_contains($testAttr, "class3"));
177                 $this->assertFalse(attribute_contains($testAttr, "class2"));
178         }
179
180         public function testAttributeContainsEmpty() {
181                 $testAttr="";
182                 $this->assertFalse(attribute_contains($testAttr, "class2"));
183         }
184
185         public function testAttributeContainsSpecialChars() {
186                 $testAttr="--... %\$รค() /(=?}";
187                 $this->assertFalse(attribute_contains($testAttr, "class2"));
188         }
189
190         /**
191          * test get_tags
192          */
193         public function testGetTagsShortPerson() {
194                 $text="hi @Mike"; 
195                 
196                 $tags=get_tags($text);
197                 
198                 $this->assertEquals("@Mike", $tags[0]);
199         }
200         
201         public function testGetTagsShortTag() {\r
202                 $text="This is a #test_case";\r
203         \r
204                 $tags=get_tags($text);\r
205         \r
206                 $this->assertEquals("#test_case", $tags[0]);\r
207         }
208         
209         public function testGetTagsShortTagAndPerson() {\r
210                 $text="hi @Mike This is a #test_case";\r
211         \r
212                 $tags=get_tags($text);\r
213         
214                 $this->assertEquals("@Mike", $tags[0]);\r
215                 $this->assertEquals("#test_case", $tags[1]);\r
216         }
217         
218         public function testGetTagsShortTagAndPersonSpecialChars() {\r
219                 $text="hi @Mike, This is a #test_case.";\r
220         \r
221                 $tags=get_tags($text);\r
222         \r
223                 $this->assertEquals("@Mike", $tags[0]);\r
224                 $this->assertEquals("#test_case", $tags[1]);\r
225         }
226         
227         public function testGetTagsPersonOnly() {
228                 $text="@Mike I saw the Theme Dev group was created."; 
229                 
230                 $tags=get_tags($text);\r
231                 \r
232                 $this->assertEquals("@Mike", $tags[0]);
233         }
234         
235         public function testGetTags2Persons1TagSpecialChars() {\r
236                 $text="hi @Mike, I'm just writing #test_cases, so"
237                 ." so @somebody@friendica.com may change #things.";\r
238         \r
239                 $tags=get_tags($text);\r
240         \r
241                 $this->assertEquals("@Mike", $tags[0]);\r
242                 $this->assertEquals("#test_cases", $tags[1]);
243                 $this->assertEquals("@somebody@friendica.com", $tags[2]);
244                 $this->assertEquals("#things", $tags[3]);\r
245         }
246         
247         public function testGetTags() {
248                 $text="hi @Mike, I'm just writing #test_cases, "
249                 ." so @somebody@friendica.com may change #things. Of course I "
250                 ."look for a lot of #pitfalls, like #tags at the end of a sentence "
251                 ."@comment. I hope noone forgets about @fullstops.because that might"
252                 ." break #things. @Mike@campino@friendica.eu is also #nice, isn't it? "
253                 ."Now, add a @first_last tag. ";
254                 //check whether this are all variants (no, auto-stuff is missing).
255
256                 $tags=get_tags($text);
257
258                 $this->assertEquals("@Mike", $tags[0]);
259                 $this->assertEquals("#test_cases", $tags[1]);
260                 $this->assertEquals("@somebody@friendica.com", $tags[2]);
261                 $this->assertEquals("#things", $tags[3]);
262                 $this->assertEquals("#pitfalls", $tags[4]);
263                 $this->assertEquals("#tags", $tags[5]);
264                 $this->assertEquals("@comment", $tags[6]);
265                 $this->assertEquals("@fullstops", $tags[7]);
266                 $this->assertEquals("#things", $tags[8]);
267                 $this->assertEquals("@Mike", $tags[9]);
268                 $this->assertEquals("@campino@friendica.eu", $tags[10]);
269                 $this->assertEquals("#nice", $tags[11]);
270                 $this->assertEquals("@first_last", $tags[12]);
271         }
272
273         public function testGetTagsEmpty() {
274                 $tags=get_tags("");
275                 $this->assertEquals(0, count($tags));
276         }
277         //function qp, quick and dirty??
278         //get_mentions
279         //get_contact_block, bis Zeile 538
280 }
281 ?>
Unnamed repository; edit this file 'description' to name the repository.