diff options
| author | Nils Adermann <naderman@naderman.de> | 2010-03-10 16:24:19 +0100 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2010-03-10 16:24:19 +0100 |
| commit | 60bd1edcb5e5992e6e693d0f68db47e678f7d54a (patch) | |
| tree | dffc10407f0ef6a85d034415d7e30407ccf3f21a /tests/security/redirect.php | |
| parent | d9567f121b11d3f5b068b85e7c862c27fc495005 (diff) | |
| download | forums-60bd1edcb5e5992e6e693d0f68db47e678f7d54a.tar forums-60bd1edcb5e5992e6e693d0f68db47e678f7d54a.tar.gz forums-60bd1edcb5e5992e6e693d0f68db47e678f7d54a.tar.bz2 forums-60bd1edcb5e5992e6e693d0f68db47e678f7d54a.tar.xz forums-60bd1edcb5e5992e6e693d0f68db47e678f7d54a.zip | |
[develop-olympus] Backported 3.1 unit tests to 3.0.
Start adding unit tests for bugs you fix! Tests for anything are
welcome really. We have to work on these a lot.
Diffstat (limited to 'tests/security/redirect.php')
| -rw-r--r-- | tests/security/redirect.php | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/tests/security/redirect.php b/tests/security/redirect.php new file mode 100644 index 0000000000..37b0a5bb41 --- /dev/null +++ b/tests/security/redirect.php @@ -0,0 +1,58 @@ +<?php +/** +* +* @package testing +* @copyright (c) 2008 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +require_once 'test_framework/framework.php'; + +require_once '../phpBB/includes/functions.php'; +require_once '../phpBB/includes/session.php'; + +class phpbb_security_redirect_test extends phpbb_test_case +{ + public static function provider() + { + // array(Input -> redirect(), expected triggered error (else false), expected returned result url (else false)) + return array( + array('data://x', false, 'http://localhost/phpBB'), + array('bad://localhost/phpBB/index.php', 'Tried to redirect to potentially insecure url.', false), + array('http://www.otherdomain.com/somescript.php', false, 'http://localhost/phpBB'), + array("http://localhost/phpBB/memberlist.php\n\rConnection: close", 'Tried to redirect to potentially insecure url.', false), + array('javascript:test', false, 'http://localhost/phpBB/../tests/javascript:test'), + array('http://localhost/phpBB/index.php;url=', 'Tried to redirect to potentially insecure url.', false), + ); + } + + protected function setUp() + { + $GLOBALS['config'] = array( + 'force_server_vars' => '0', + ); + } + + /** + * @dataProvider provider + */ + public function test_redirect($test, $expected_error, $expected_result) + { + global $user; + + if ($expected_error !== false) + { + $this->setExpectedTriggerError(E_USER_ERROR, $expected_error); + } + + $result = redirect($test, true); + + // only verify result if we did not expect an error + if ($expected_error === false) + { + $this->assertEquals($expected_result, $result); + } + } +} + |