diff options
author | ArthurHoaro <arthur@hoa.ro> | 2018-07-28 11:07:55 +0200 |
---|---|---|
committer | ArthurHoaro <arthur@hoa.ro> | 2018-07-28 11:07:55 +0200 |
commit | 83faedadff76c5bdca036f39f13943f63b27e164 (patch) | |
tree | 6f44cede16ec6a60f10b9699e211e0818f06d2c8 /tests/Url | |
parent | 1d9eb22a3df85b67fe6652c0876cd7382c2fb525 (diff) | |
parent | 658988f3aeba7a5a938783249ccf2765251e5597 (diff) | |
download | Shaarli-83faedadff76c5bdca036f39f13943f63b27e164.tar.gz Shaarli-83faedadff76c5bdca036f39f13943f63b27e164.tar.zst Shaarli-83faedadff76c5bdca036f39f13943f63b27e164.zip |
Merge tag 'v0.9.7' into stable
Release v0.9.7
Diffstat (limited to 'tests/Url')
-rw-r--r-- | tests/Url/CleanupUrlTest.php | 102 | ||||
-rw-r--r-- | tests/Url/UrlTest.php | 8 | ||||
-rw-r--r-- | tests/Url/WhitelistProtocolsTest.php | 63 |
3 files changed, 135 insertions, 38 deletions
diff --git a/tests/Url/CleanupUrlTest.php b/tests/Url/CleanupUrlTest.php index ba9a0437..1407d7d2 100644 --- a/tests/Url/CleanupUrlTest.php +++ b/tests/Url/CleanupUrlTest.php | |||
@@ -8,7 +8,13 @@ require_once 'application/Url.php'; | |||
8 | class CleanupUrlTest extends PHPUnit_Framework_TestCase | 8 | class CleanupUrlTest extends PHPUnit_Framework_TestCase |
9 | { | 9 | { |
10 | /** | 10 | /** |
11 | * Clean empty UrlThanks for building nothing | 11 | * @var string reference URL |
12 | */ | ||
13 | protected $ref = 'http://domain.tld:3000'; | ||
14 | |||
15 | |||
16 | /** | ||
17 | * Clean empty URL | ||
12 | */ | 18 | */ |
13 | public function testCleanupUrlEmpty() | 19 | public function testCleanupUrlEmpty() |
14 | { | 20 | { |
@@ -16,59 +22,87 @@ class CleanupUrlTest extends PHPUnit_Framework_TestCase | |||
16 | } | 22 | } |
17 | 23 | ||
18 | /** | 24 | /** |
19 | * Clean an already cleaned Url | 25 | * Clean an already cleaned URL |
20 | */ | 26 | */ |
21 | public function testCleanupUrlAlreadyClean() | 27 | public function testCleanupUrlAlreadyClean() |
22 | { | 28 | { |
23 | $ref = 'http://domain.tld:3000'; | 29 | $this->assertEquals($this->ref, cleanup_url($this->ref)); |
24 | $this->assertEquals($ref, cleanup_url($ref)); | 30 | $this->ref2 = $this->ref.'/path/to/dir/'; |
25 | $ref = $ref.'/path/to/dir/'; | 31 | $this->assertEquals($this->ref2, cleanup_url($this->ref2)); |
26 | $this->assertEquals($ref, cleanup_url($ref)); | 32 | } |
33 | |||
34 | /** | ||
35 | * Clean URL fragments | ||
36 | */ | ||
37 | public function testCleanupUrlFragment() | ||
38 | { | ||
39 | $this->assertEquals($this->ref, cleanup_url($this->ref.'#tk.rss_all')); | ||
40 | $this->assertEquals($this->ref, cleanup_url($this->ref.'#xtor=RSS-')); | ||
41 | $this->assertEquals($this->ref, cleanup_url($this->ref.'#xtor=RSS-U3ht0tkc4b')); | ||
42 | } | ||
43 | |||
44 | /** | ||
45 | * Clean URL query - single annoying parameter | ||
46 | */ | ||
47 | public function testCleanupUrlQuerySingle() | ||
48 | { | ||
49 | $this->assertEquals($this->ref, cleanup_url($this->ref.'?action_object_map=junk')); | ||
50 | $this->assertEquals($this->ref, cleanup_url($this->ref.'?action_ref_map=Cr4p!')); | ||
51 | $this->assertEquals($this->ref, cleanup_url($this->ref.'?action_type_map=g4R84g3')); | ||
52 | |||
53 | $this->assertEquals($this->ref, cleanup_url($this->ref.'?fb_stuff=v41u3')); | ||
54 | $this->assertEquals($this->ref, cleanup_url($this->ref.'?fb=71m3w4573')); | ||
55 | |||
56 | $this->assertEquals($this->ref, cleanup_url($this->ref.'?utm_campaign=zomg')); | ||
57 | $this->assertEquals($this->ref, cleanup_url($this->ref.'?utm_medium=numnum')); | ||
58 | $this->assertEquals($this->ref, cleanup_url($this->ref.'?utm_source=c0d3')); | ||
59 | $this->assertEquals($this->ref, cleanup_url($this->ref.'?utm_term=1n4l')); | ||
60 | |||
61 | $this->assertEquals($this->ref, cleanup_url($this->ref.'?xtor=some-url')); | ||
62 | |||
63 | $this->assertEquals($this->ref, cleanup_url($this->ref.'?campaign_name=junk')); | ||
64 | $this->assertEquals($this->ref, cleanup_url($this->ref.'?campaign_start=junk')); | ||
65 | $this->assertEquals($this->ref, cleanup_url($this->ref.'?campaign_item_index=junk')); | ||
27 | } | 66 | } |
28 | 67 | ||
29 | /** | 68 | /** |
30 | * Clean Url needing cleaning | 69 | * Clean URL query - multiple annoying parameters |
31 | */ | 70 | */ |
32 | public function testCleanupUrlNeedClean() | 71 | public function testCleanupUrlQueryMultiple() |
33 | { | 72 | { |
34 | $ref = 'http://domain.tld:3000'; | 73 | $this->assertEquals($this->ref, cleanup_url($this->ref.'?xtor=some-url&fb=som3th1ng')); |
35 | $this->assertEquals($ref, cleanup_url($ref.'#tk.rss_all')); | 74 | |
36 | $this->assertEquals($ref, cleanup_url($ref.'#xtor=RSS-')); | 75 | $this->assertEquals($this->ref, cleanup_url( |
37 | $this->assertEquals($ref, cleanup_url($ref.'#xtor=RSS-U3ht0tkc4b')); | 76 | $this->ref.'?fb=stuff&utm_campaign=zomg&utm_medium=numnum&utm_source=c0d3' |
38 | $this->assertEquals($ref, cleanup_url($ref.'?action_object_map=junk')); | ||
39 | $this->assertEquals($ref, cleanup_url($ref.'?action_ref_map=Cr4p!')); | ||
40 | $this->assertEquals($ref, cleanup_url($ref.'?action_type_map=g4R84g3')); | ||
41 | |||
42 | $this->assertEquals($ref, cleanup_url($ref.'?fb_stuff=v41u3')); | ||
43 | $this->assertEquals($ref, cleanup_url($ref.'?fb=71m3w4573')); | ||
44 | |||
45 | $this->assertEquals($ref, cleanup_url($ref.'?utm_campaign=zomg')); | ||
46 | $this->assertEquals($ref, cleanup_url($ref.'?utm_medium=numnum')); | ||
47 | $this->assertEquals($ref, cleanup_url($ref.'?utm_source=c0d3')); | ||
48 | $this->assertEquals($ref, cleanup_url($ref.'?utm_term=1n4l')); | ||
49 | |||
50 | $this->assertEquals($ref, cleanup_url($ref.'?xtor=some-url')); | ||
51 | $this->assertEquals($ref, cleanup_url($ref.'?xtor=some-url&fb=som3th1ng')); | ||
52 | $this->assertEquals($ref, cleanup_url( | ||
53 | $ref.'?fb=stuff&utm_campaign=zomg&utm_medium=numnum&utm_source=c0d3' | ||
54 | )); | 77 | )); |
55 | $this->assertEquals($ref, cleanup_url( | 78 | |
56 | $ref.'?xtor=some-url&fb=som3th1ng#tk.rss_all' | 79 | $this->assertEquals($this->ref, cleanup_url( |
80 | $this->ref.'?campaign_start=zomg&campaign_name=numnum' | ||
81 | )); | ||
82 | } | ||
83 | |||
84 | /** | ||
85 | * Clean URL query - multiple annoying parameters and fragment | ||
86 | */ | ||
87 | public function testCleanupUrlQueryFragment() | ||
88 | { | ||
89 | $this->assertEquals($this->ref, cleanup_url( | ||
90 | $this->ref.'?xtor=some-url&fb=som3th1ng#tk.rss_all' | ||
57 | )); | 91 | )); |
58 | 92 | ||
59 | // ditch annoying query params and fragment, keep useful params | 93 | // ditch annoying query params and fragment, keep useful params |
60 | $this->assertEquals( | 94 | $this->assertEquals( |
61 | $ref.'?my=stuff&is=kept', | 95 | $this->ref.'?my=stuff&is=kept', |
62 | cleanup_url( | 96 | cleanup_url( |
63 | $ref.'?fb=zomg&my=stuff&utm_medium=numnum&is=kept#tk.rss_all' | 97 | $this->ref.'?fb=zomg&my=stuff&utm_medium=numnum&is=kept#tk.rss_all' |
64 | ) | 98 | ) |
65 | ); | 99 | ); |
66 | 100 | ||
67 | // ditch annoying query params, keep useful params and fragment | 101 | // ditch annoying query params, keep useful params and fragment |
68 | $this->assertEquals( | 102 | $this->assertEquals( |
69 | $ref.'?my=stuff&is=kept#again', | 103 | $this->ref.'?my=stuff&is=kept#again', |
70 | cleanup_url( | 104 | cleanup_url( |
71 | $ref.'?fb=zomg&my=stuff&utm_medium=numnum&is=kept#again' | 105 | $this->ref.'?fb=zomg&my=stuff&utm_medium=numnum&is=kept#again' |
72 | ) | 106 | ) |
73 | ); | 107 | ); |
74 | } | 108 | } |
diff --git a/tests/Url/UrlTest.php b/tests/Url/UrlTest.php index 05862372..aa2f2234 100644 --- a/tests/Url/UrlTest.php +++ b/tests/Url/UrlTest.php | |||
@@ -157,7 +157,7 @@ class UrlTest extends PHPUnit_Framework_TestCase | |||
157 | /** | 157 | /** |
158 | * Test add trailing slash. | 158 | * Test add trailing slash. |
159 | */ | 159 | */ |
160 | function testAddTrailingSlash() | 160 | public function testAddTrailingSlash() |
161 | { | 161 | { |
162 | $strOn = 'http://randomstr.com/test/'; | 162 | $strOn = 'http://randomstr.com/test/'; |
163 | $strOff = 'http://randomstr.com/test'; | 163 | $strOff = 'http://randomstr.com/test'; |
@@ -168,7 +168,7 @@ class UrlTest extends PHPUnit_Framework_TestCase | |||
168 | /** | 168 | /** |
169 | * Test valid HTTP url. | 169 | * Test valid HTTP url. |
170 | */ | 170 | */ |
171 | function testUrlIsHttp() | 171 | public function testUrlIsHttp() |
172 | { | 172 | { |
173 | $url = new Url(self::$baseUrl); | 173 | $url = new Url(self::$baseUrl); |
174 | $this->assertTrue($url->isHttp()); | 174 | $this->assertTrue($url->isHttp()); |
@@ -177,7 +177,7 @@ class UrlTest extends PHPUnit_Framework_TestCase | |||
177 | /** | 177 | /** |
178 | * Test non HTTP url. | 178 | * Test non HTTP url. |
179 | */ | 179 | */ |
180 | function testUrlIsNotHttp() | 180 | public function testUrlIsNotHttp() |
181 | { | 181 | { |
182 | $url = new Url('ftp://save.tld/mysave'); | 182 | $url = new Url('ftp://save.tld/mysave'); |
183 | $this->assertFalse($url->isHttp()); | 183 | $this->assertFalse($url->isHttp()); |
@@ -186,7 +186,7 @@ class UrlTest extends PHPUnit_Framework_TestCase | |||
186 | /** | 186 | /** |
187 | * Test International Domain Name to ASCII conversion | 187 | * Test International Domain Name to ASCII conversion |
188 | */ | 188 | */ |
189 | function testIdnToAscii() | 189 | public function testIdnToAscii() |
190 | { | 190 | { |
191 | $ind = 'http://www.académie-française.fr/'; | 191 | $ind = 'http://www.académie-française.fr/'; |
192 | $expected = 'http://www.xn--acadmie-franaise-npb1a.fr/'; | 192 | $expected = 'http://www.xn--acadmie-franaise-npb1a.fr/'; |
diff --git a/tests/Url/WhitelistProtocolsTest.php b/tests/Url/WhitelistProtocolsTest.php new file mode 100644 index 00000000..a3156804 --- /dev/null +++ b/tests/Url/WhitelistProtocolsTest.php | |||
@@ -0,0 +1,63 @@ | |||
1 | <?php | ||
2 | |||
3 | require_once 'application/Url.php'; | ||
4 | |||
5 | use Shaarli\Config\ConfigManager; | ||
6 | |||
7 | /** | ||
8 | * Class WhitelistProtocolsTest | ||
9 | * | ||
10 | * Test whitelist_protocols() function of Url. | ||
11 | */ | ||
12 | class WhitelistProtocolsTest extends PHPUnit_Framework_TestCase | ||
13 | { | ||
14 | /** | ||
15 | * Test whitelist_protocols() on a note (relative URL). | ||
16 | */ | ||
17 | public function testWhitelistProtocolsRelative() | ||
18 | { | ||
19 | $whitelist = ['ftp', 'magnet']; | ||
20 | $url = '?12443564'; | ||
21 | $this->assertEquals($url, whitelist_protocols($url, $whitelist)); | ||
22 | $url = '/path.jpg'; | ||
23 | $this->assertEquals($url, whitelist_protocols($url, $whitelist)); | ||
24 | } | ||
25 | |||
26 | /** | ||
27 | * Test whitelist_protocols() on a note (relative URL). | ||
28 | */ | ||
29 | public function testWhitelistProtocolMissing() | ||
30 | { | ||
31 | $whitelist = ['ftp', 'magnet']; | ||
32 | $url = 'test.tld/path/?query=value#hash'; | ||
33 | $this->assertEquals('http://'. $url, whitelist_protocols($url, $whitelist)); | ||
34 | } | ||
35 | |||
36 | /** | ||
37 | * Test whitelist_protocols() with allowed protocols. | ||
38 | */ | ||
39 | public function testWhitelistAllowedProtocol() | ||
40 | { | ||
41 | $whitelist = ['ftp', 'magnet']; | ||
42 | $url = 'http://test.tld/path/?query=value#hash'; | ||
43 | $this->assertEquals($url, whitelist_protocols($url, $whitelist)); | ||
44 | $url = 'https://test.tld/path/?query=value#hash'; | ||
45 | $this->assertEquals($url, whitelist_protocols($url, $whitelist)); | ||
46 | $url = 'ftp://test.tld/path/?query=value#hash'; | ||
47 | $this->assertEquals($url, whitelist_protocols($url, $whitelist)); | ||
48 | $url = 'magnet:test.tld/path/?query=value#hash'; | ||
49 | $this->assertEquals($url, whitelist_protocols($url, $whitelist)); | ||
50 | } | ||
51 | |||
52 | /** | ||
53 | * Test whitelist_protocols() with allowed protocols. | ||
54 | */ | ||
55 | public function testWhitelistDisallowedProtocol() | ||
56 | { | ||
57 | $whitelist = ['ftp', 'magnet']; | ||
58 | $url = 'javascript:alert("xss");'; | ||
59 | $this->assertEquals('http://alert("xss");', whitelist_protocols($url, $whitelist)); | ||
60 | $url = 'other://test.tld/path/?query=value#hash'; | ||
61 | $this->assertEquals('http://test.tld/path/?query=value#hash', whitelist_protocols($url, $whitelist)); | ||
62 | } | ||
63 | } | ||