aboutsummaryrefslogtreecommitdiffhomepage
path: root/tests/Url
diff options
context:
space:
mode:
authorArthurHoaro <arthur@hoa.ro>2018-07-28 11:07:55 +0200
committerArthurHoaro <arthur@hoa.ro>2018-07-28 11:07:55 +0200
commit83faedadff76c5bdca036f39f13943f63b27e164 (patch)
tree6f44cede16ec6a60f10b9699e211e0818f06d2c8 /tests/Url
parent1d9eb22a3df85b67fe6652c0876cd7382c2fb525 (diff)
parent658988f3aeba7a5a938783249ccf2765251e5597 (diff)
downloadShaarli-83faedadff76c5bdca036f39f13943f63b27e164.tar.gz
Shaarli-83faedadff76c5bdca036f39f13943f63b27e164.tar.zst
Shaarli-83faedadff76c5bdca036f39f13943f63b27e164.zip
Merge tag 'v0.9.7' into stable
Release v0.9.7
Diffstat (limited to 'tests/Url')
-rw-r--r--tests/Url/CleanupUrlTest.php102
-rw-r--r--tests/Url/UrlTest.php8
-rw-r--r--tests/Url/WhitelistProtocolsTest.php63
3 files changed, 135 insertions, 38 deletions
diff --git a/tests/Url/CleanupUrlTest.php b/tests/Url/CleanupUrlTest.php
index ba9a0437..1407d7d2 100644
--- a/tests/Url/CleanupUrlTest.php
+++ b/tests/Url/CleanupUrlTest.php
@@ -8,7 +8,13 @@ require_once 'application/Url.php';
8class CleanupUrlTest extends PHPUnit_Framework_TestCase 8class CleanupUrlTest extends PHPUnit_Framework_TestCase
9{ 9{
10 /** 10 /**
11 * Clean empty UrlThanks for building nothing 11 * @var string reference URL
12 */
13 protected $ref = 'http://domain.tld:3000';
14
15
16 /**
17 * Clean empty URL
12 */ 18 */
13 public function testCleanupUrlEmpty() 19 public function testCleanupUrlEmpty()
14 { 20 {
@@ -16,59 +22,87 @@ class CleanupUrlTest extends PHPUnit_Framework_TestCase
16 } 22 }
17 23
18 /** 24 /**
19 * Clean an already cleaned Url 25 * Clean an already cleaned URL
20 */ 26 */
21 public function testCleanupUrlAlreadyClean() 27 public function testCleanupUrlAlreadyClean()
22 { 28 {
23 $ref = 'http://domain.tld:3000'; 29 $this->assertEquals($this->ref, cleanup_url($this->ref));
24 $this->assertEquals($ref, cleanup_url($ref)); 30 $this->ref2 = $this->ref.'/path/to/dir/';
25 $ref = $ref.'/path/to/dir/'; 31 $this->assertEquals($this->ref2, cleanup_url($this->ref2));
26 $this->assertEquals($ref, cleanup_url($ref)); 32 }
33
34 /**
35 * Clean URL fragments
36 */
37 public function testCleanupUrlFragment()
38 {
39 $this->assertEquals($this->ref, cleanup_url($this->ref.'#tk.rss_all'));
40 $this->assertEquals($this->ref, cleanup_url($this->ref.'#xtor=RSS-'));
41 $this->assertEquals($this->ref, cleanup_url($this->ref.'#xtor=RSS-U3ht0tkc4b'));
42 }
43
44 /**
45 * Clean URL query - single annoying parameter
46 */
47 public function testCleanupUrlQuerySingle()
48 {
49 $this->assertEquals($this->ref, cleanup_url($this->ref.'?action_object_map=junk'));
50 $this->assertEquals($this->ref, cleanup_url($this->ref.'?action_ref_map=Cr4p!'));
51 $this->assertEquals($this->ref, cleanup_url($this->ref.'?action_type_map=g4R84g3'));
52
53 $this->assertEquals($this->ref, cleanup_url($this->ref.'?fb_stuff=v41u3'));
54 $this->assertEquals($this->ref, cleanup_url($this->ref.'?fb=71m3w4573'));
55
56 $this->assertEquals($this->ref, cleanup_url($this->ref.'?utm_campaign=zomg'));
57 $this->assertEquals($this->ref, cleanup_url($this->ref.'?utm_medium=numnum'));
58 $this->assertEquals($this->ref, cleanup_url($this->ref.'?utm_source=c0d3'));
59 $this->assertEquals($this->ref, cleanup_url($this->ref.'?utm_term=1n4l'));
60
61 $this->assertEquals($this->ref, cleanup_url($this->ref.'?xtor=some-url'));
62
63 $this->assertEquals($this->ref, cleanup_url($this->ref.'?campaign_name=junk'));
64 $this->assertEquals($this->ref, cleanup_url($this->ref.'?campaign_start=junk'));
65 $this->assertEquals($this->ref, cleanup_url($this->ref.'?campaign_item_index=junk'));
27 } 66 }
28 67
29 /** 68 /**
30 * Clean Url needing cleaning 69 * Clean URL query - multiple annoying parameters
31 */ 70 */
32 public function testCleanupUrlNeedClean() 71 public function testCleanupUrlQueryMultiple()
33 { 72 {
34 $ref = 'http://domain.tld:3000'; 73 $this->assertEquals($this->ref, cleanup_url($this->ref.'?xtor=some-url&fb=som3th1ng'));
35 $this->assertEquals($ref, cleanup_url($ref.'#tk.rss_all')); 74
36 $this->assertEquals($ref, cleanup_url($ref.'#xtor=RSS-')); 75 $this->assertEquals($this->ref, cleanup_url(
37 $this->assertEquals($ref, cleanup_url($ref.'#xtor=RSS-U3ht0tkc4b')); 76 $this->ref.'?fb=stuff&utm_campaign=zomg&utm_medium=numnum&utm_source=c0d3'
38 $this->assertEquals($ref, cleanup_url($ref.'?action_object_map=junk'));
39 $this->assertEquals($ref, cleanup_url($ref.'?action_ref_map=Cr4p!'));
40 $this->assertEquals($ref, cleanup_url($ref.'?action_type_map=g4R84g3'));
41
42 $this->assertEquals($ref, cleanup_url($ref.'?fb_stuff=v41u3'));
43 $this->assertEquals($ref, cleanup_url($ref.'?fb=71m3w4573'));
44
45 $this->assertEquals($ref, cleanup_url($ref.'?utm_campaign=zomg'));
46 $this->assertEquals($ref, cleanup_url($ref.'?utm_medium=numnum'));
47 $this->assertEquals($ref, cleanup_url($ref.'?utm_source=c0d3'));
48 $this->assertEquals($ref, cleanup_url($ref.'?utm_term=1n4l'));
49
50 $this->assertEquals($ref, cleanup_url($ref.'?xtor=some-url'));
51 $this->assertEquals($ref, cleanup_url($ref.'?xtor=some-url&fb=som3th1ng'));
52 $this->assertEquals($ref, cleanup_url(
53 $ref.'?fb=stuff&utm_campaign=zomg&utm_medium=numnum&utm_source=c0d3'
54 )); 77 ));
55 $this->assertEquals($ref, cleanup_url( 78
56 $ref.'?xtor=some-url&fb=som3th1ng#tk.rss_all' 79 $this->assertEquals($this->ref, cleanup_url(
80 $this->ref.'?campaign_start=zomg&campaign_name=numnum'
81 ));
82 }
83
84 /**
85 * Clean URL query - multiple annoying parameters and fragment
86 */
87 public function testCleanupUrlQueryFragment()
88 {
89 $this->assertEquals($this->ref, cleanup_url(
90 $this->ref.'?xtor=some-url&fb=som3th1ng#tk.rss_all'
57 )); 91 ));
58 92
59 // ditch annoying query params and fragment, keep useful params 93 // ditch annoying query params and fragment, keep useful params
60 $this->assertEquals( 94 $this->assertEquals(
61 $ref.'?my=stuff&is=kept', 95 $this->ref.'?my=stuff&is=kept',
62 cleanup_url( 96 cleanup_url(
63 $ref.'?fb=zomg&my=stuff&utm_medium=numnum&is=kept#tk.rss_all' 97 $this->ref.'?fb=zomg&my=stuff&utm_medium=numnum&is=kept#tk.rss_all'
64 ) 98 )
65 ); 99 );
66 100
67 // ditch annoying query params, keep useful params and fragment 101 // ditch annoying query params, keep useful params and fragment
68 $this->assertEquals( 102 $this->assertEquals(
69 $ref.'?my=stuff&is=kept#again', 103 $this->ref.'?my=stuff&is=kept#again',
70 cleanup_url( 104 cleanup_url(
71 $ref.'?fb=zomg&my=stuff&utm_medium=numnum&is=kept#again' 105 $this->ref.'?fb=zomg&my=stuff&utm_medium=numnum&is=kept#again'
72 ) 106 )
73 ); 107 );
74 } 108 }
diff --git a/tests/Url/UrlTest.php b/tests/Url/UrlTest.php
index 05862372..aa2f2234 100644
--- a/tests/Url/UrlTest.php
+++ b/tests/Url/UrlTest.php
@@ -157,7 +157,7 @@ class UrlTest extends PHPUnit_Framework_TestCase
157 /** 157 /**
158 * Test add trailing slash. 158 * Test add trailing slash.
159 */ 159 */
160 function testAddTrailingSlash() 160 public function testAddTrailingSlash()
161 { 161 {
162 $strOn = 'http://randomstr.com/test/'; 162 $strOn = 'http://randomstr.com/test/';
163 $strOff = 'http://randomstr.com/test'; 163 $strOff = 'http://randomstr.com/test';
@@ -168,7 +168,7 @@ class UrlTest extends PHPUnit_Framework_TestCase
168 /** 168 /**
169 * Test valid HTTP url. 169 * Test valid HTTP url.
170 */ 170 */
171 function testUrlIsHttp() 171 public function testUrlIsHttp()
172 { 172 {
173 $url = new Url(self::$baseUrl); 173 $url = new Url(self::$baseUrl);
174 $this->assertTrue($url->isHttp()); 174 $this->assertTrue($url->isHttp());
@@ -177,7 +177,7 @@ class UrlTest extends PHPUnit_Framework_TestCase
177 /** 177 /**
178 * Test non HTTP url. 178 * Test non HTTP url.
179 */ 179 */
180 function testUrlIsNotHttp() 180 public function testUrlIsNotHttp()
181 { 181 {
182 $url = new Url('ftp://save.tld/mysave'); 182 $url = new Url('ftp://save.tld/mysave');
183 $this->assertFalse($url->isHttp()); 183 $this->assertFalse($url->isHttp());
@@ -186,7 +186,7 @@ class UrlTest extends PHPUnit_Framework_TestCase
186 /** 186 /**
187 * Test International Domain Name to ASCII conversion 187 * Test International Domain Name to ASCII conversion
188 */ 188 */
189 function testIdnToAscii() 189 public function testIdnToAscii()
190 { 190 {
191 $ind = 'http://www.académie-française.fr/'; 191 $ind = 'http://www.académie-française.fr/';
192 $expected = 'http://www.xn--acadmie-franaise-npb1a.fr/'; 192 $expected = 'http://www.xn--acadmie-franaise-npb1a.fr/';
diff --git a/tests/Url/WhitelistProtocolsTest.php b/tests/Url/WhitelistProtocolsTest.php
new file mode 100644
index 00000000..a3156804
--- /dev/null
+++ b/tests/Url/WhitelistProtocolsTest.php
@@ -0,0 +1,63 @@
1<?php
2
3require_once 'application/Url.php';
4
5use Shaarli\Config\ConfigManager;
6
7/**
8 * Class WhitelistProtocolsTest
9 *
10 * Test whitelist_protocols() function of Url.
11 */
12class WhitelistProtocolsTest extends PHPUnit_Framework_TestCase
13{
14 /**
15 * Test whitelist_protocols() on a note (relative URL).
16 */
17 public function testWhitelistProtocolsRelative()
18 {
19 $whitelist = ['ftp', 'magnet'];
20 $url = '?12443564';
21 $this->assertEquals($url, whitelist_protocols($url, $whitelist));
22 $url = '/path.jpg';
23 $this->assertEquals($url, whitelist_protocols($url, $whitelist));
24 }
25
26 /**
27 * Test whitelist_protocols() on a note (relative URL).
28 */
29 public function testWhitelistProtocolMissing()
30 {
31 $whitelist = ['ftp', 'magnet'];
32 $url = 'test.tld/path/?query=value#hash';
33 $this->assertEquals('http://'. $url, whitelist_protocols($url, $whitelist));
34 }
35
36 /**
37 * Test whitelist_protocols() with allowed protocols.
38 */
39 public function testWhitelistAllowedProtocol()
40 {
41 $whitelist = ['ftp', 'magnet'];
42 $url = 'http://test.tld/path/?query=value#hash';
43 $this->assertEquals($url, whitelist_protocols($url, $whitelist));
44 $url = 'https://test.tld/path/?query=value#hash';
45 $this->assertEquals($url, whitelist_protocols($url, $whitelist));
46 $url = 'ftp://test.tld/path/?query=value#hash';
47 $this->assertEquals($url, whitelist_protocols($url, $whitelist));
48 $url = 'magnet:test.tld/path/?query=value#hash';
49 $this->assertEquals($url, whitelist_protocols($url, $whitelist));
50 }
51
52 /**
53 * Test whitelist_protocols() with allowed protocols.
54 */
55 public function testWhitelistDisallowedProtocol()
56 {
57 $whitelist = ['ftp', 'magnet'];
58 $url = 'javascript:alert("xss");';
59 $this->assertEquals('http://alert("xss");', whitelist_protocols($url, $whitelist));
60 $url = 'other://test.tld/path/?query=value#hash';
61 $this->assertEquals('http://test.tld/path/?query=value#hash', whitelist_protocols($url, $whitelist));
62 }
63}