[Phpmyadmin-git] [SCM] phpMyAdmin branch, master, updated. RELEASE_3_4_3_1-11920-g264829a
The branch, master has been updated via 264829a9914c67dcf533c338bd95f8bba2523267 (commit) from ffe203b09952de76eef527dec4a4c354bf90302e (commit)
- Log ----------------------------------------------------------------- commit 264829a9914c67dcf533c338bd95f8bba2523267 Author: Michal Čihař mcihar@suse.cz Date: Mon Jul 25 14:42:46 2011 +0200
Add documentation to testcases
-----------------------------------------------------------------------
Summary of changes: test/libraries/PMA_sanitize_test.php | 31 +++++++++++++++++++++++++++++-- 1 files changed, 29 insertions(+), 2 deletions(-)
diff --git a/test/libraries/PMA_sanitize_test.php b/test/libraries/PMA_sanitize_test.php index 55d5a77..d6f8556 100644 --- a/test/libraries/PMA_sanitize_test.php +++ b/test/libraries/PMA_sanitize_test.php @@ -15,12 +15,18 @@ require_once 'libraries/core.lib.php';
class PMA_sanitize_test extends PHPUnit_Framework_TestCase { + /** + * Tests for proper escaping of XSS. + */ public function testXssInHref() { $this->assertEquals('[a@javascript:alert('XSS');@target]link</a>', PMA_sanitize('[a@javascript:alert('XSS');@target]link[/a]')); }
+ /** + * Tests correct generating of link redirector. + */ public function testLink() { unset($GLOBALS['server']); @@ -29,42 +35,63 @@ class PMA_sanitize_test extends PHPUnit_Framework_TestCase PMA_sanitize('[a@http://www.phpmyadmin.net/@target%5Dlink%5B/a]')); }
+ /** + * Tests links to documentation. + */ public function testLinkDoc() { $this->assertEquals('<a href="./Documentation.html">doc</a>', PMA_sanitize('[a@./Documentation.html]doc[/a]')); }
- public function testLinkDocTarget() + /** + * Tests link target validation. + */ + public function testInvalidTarget() { $this->assertEquals('[a@./Documentation.html@INVALID9]doc</a>', PMA_sanitize('[a@./Documentation.html@INVALID9]doc[/a]')); }
+ /** + * Tests XSS escaping after valid link. + */ public function testLinkDocXss() { $this->assertEquals('[a@./Documentation.html" onmouseover="alert(foo)"]doc</a>', PMA_sanitize('[a@./Documentation.html" onmouseover="alert(foo)"]doc[/a]')); }
+ /** + * Tests proper handling of multi link code. + */ public function testLinkAndXssInHref() { $this->assertEquals('<a href="./Documentation.html">doc</a>[a@javascript:alert('XSS');@target]link</a>', PMA_sanitize('[a@./Documentation.html]doc[/a][a@javascript:alert('XSS');@target]link[/a]')); }
+ /** + * Test escaping of HTML tags + */ public function testHtmlTags() { $this->assertEquals('<div onclick="">', PMA_sanitize('<div onclick="">')); }
- public function testBbcoe() + /** + * Tests basic BB code. + */ + public function testBBCode() { $this->assertEquals('<strong>strong</strong>', PMA_sanitize('[b]strong[/b]')); }
+ /** + * Tests output escaping. + */ public function testEscape() { $this->assertEquals('<strong>strong</strong>',
hooks/post-receive
-
Michal Čihař