diff options
author | Marc Alexander <admin@m-a-styles.de> | 2016-12-28 22:53:59 +0100 |
---|---|---|
committer | Marc Alexander <admin@m-a-styles.de> | 2016-12-28 22:53:59 +0100 |
commit | d63b644b2b976b6b067f779af91cc7699c4bd522 (patch) | |
tree | b7f19ef4f4dbe16156a99428b19f3dee6423d612 /tests/version/version_helper_remote_test.php | |
parent | 442d21ace2b5d33e328917d7e7ac536709ba4d5c (diff) | |
parent | 90a77ba9d3e97718e9da7d1ee95ece4e756d26b7 (diff) | |
download | forums-d63b644b2b976b6b067f779af91cc7699c4bd522.tar forums-d63b644b2b976b6b067f779af91cc7699c4bd522.tar.gz forums-d63b644b2b976b6b067f779af91cc7699c4bd522.tar.bz2 forums-d63b644b2b976b6b067f779af91cc7699c4bd522.tar.xz forums-d63b644b2b976b6b067f779af91cc7699c4bd522.zip |
Merge branch 'ticket/security-203' into ticket/security-203-rhea
Diffstat (limited to 'tests/version/version_helper_remote_test.php')
-rw-r--r-- | tests/version/version_helper_remote_test.php | 105 |
1 files changed, 74 insertions, 31 deletions
diff --git a/tests/version/version_helper_remote_test.php b/tests/version/version_helper_remote_test.php index fa383d487f..35c3d92a3a 100644 --- a/tests/version/version_helper_remote_test.php +++ b/tests/version/version_helper_remote_test.php @@ -51,8 +51,8 @@ class version_helper_remote_test extends \phpbb_test_case public function provider_get_versions() { return array( - array('', false), - array('foobar', false), + array('', false, '', 'VERSIONCHECK_FAIL'), + array('foobar', false, '', 'VERSIONCHECK_FAIL'), array('{ "stable": { "1.0": { @@ -93,7 +93,7 @@ class version_helper_remote_test extends \phpbb_test_case "security": false } } -}', false), +}', false, '', 'VERSIONCHECK_FAIL'), array('{ "stable": { "1.0": { @@ -104,26 +104,7 @@ class version_helper_remote_test extends \phpbb_test_case "security": "<script>alert(\'foo\');</script>" } } -}', true, array ( - 'stable' => array ( - '1.0' => array ( - 'current' => '1.0.1<script>alert(\'foo\');</script>', - 'download' => 'https://www.phpbb.com/customise/db/download/104136<script>alert(\'foo\');</script>', - 'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/<script>alert(\'foo\');</script>', - 'eol' => '<script>alert(\'foo\');</script>', - 'security' => '<script>alert(\'foo\');</script>', - ), - ), - 'unstable' => array ( - '1.0' => array ( - 'current' => '1.0.1<script>alert(\'foo\');</script>', - 'download' => 'https://www.phpbb.com/customise/db/download/104136<script>alert(\'foo\');</script>', - 'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/<script>alert(\'foo\');</script>', - 'eol' => '<script>alert(\'foo\');</script>', - 'security' => '<script>alert(\'foo\');</script>', - ), - ), - )), +}', false, null, 'VERSIONCHECK_INVALID_VERSION'), array('{ "unstable": { "1.0": { @@ -134,25 +115,87 @@ class version_helper_remote_test extends \phpbb_test_case "security": "<script>alert(\'foo\');</script>" } } +}', false, null, 'VERSIONCHECK_INVALID_VERSION'), + array('{ + "unstable": { + "1.0<script>alert(\'foo\');</script>": { + "current": "1.0.1", + "download": "https://www.phpbb.com/customise/db/download/104136", + "announcement": "https://www.phpbb.com/customise/db/extension/boardrules/", + "eol": "", + "security": "" + } + } +}', false, array('stable' => array(), 'unstable' => array()), 'VERSIONCHECK_INVALID_VERSION'), + array('{ + "\"\n<script>alert(\'foo\');</script>\n": "test", + "stable": { + "1.0": { + "current": "1.0.1", + "download": "https://www.phpbb.com/customise/db/download/104136", + "announcement": "https://www.phpbb.com/customise/db/extension/boardrules/", + "eol": null, + "security": false + } + } }', true, array ( + 'stable' => array ( + '1.0' => array ( + 'current' => '1.0.1', + 'download' => 'https://www.phpbb.com/customise/db/download/104136', + 'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/', + 'eol' => NULL, + 'security' => false, + ), + ), 'unstable' => array ( '1.0' => array ( - 'current' => '1.0.1<script>alert(\'foo\');</script>', - 'download' => 'https://www.phpbb.com/customise/db/download/104136<script>alert(\'foo\');</script>', - 'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/<script>alert(\'foo\');</script>', - 'eol' => '<script>alert(\'foo\');</script>', - 'security' => '<script>alert(\'foo\');</script>', + 'current' => '1.0.1', + 'download' => 'https://www.phpbb.com/customise/db/download/104136', + 'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/', + 'eol' => NULL, + 'security' => false, ), ), - 'stable' => array(), )), + array('{ + "unstable": { + "1.0": { + "current": "1.0.1", + "download": "https://www.phpbb.com/customise/db/download/104136", + "announcement": "https://www.phpbb.com/customise/db/extension/boardrules/", + "eol": null, + "security": false, + "foobar": "<script>alert(\'test\');<script>" + } + } +}', true, array('stable' => array(), 'unstable' => array('1.0' => array( + 'current' => '1.0.1', + 'download' => 'https://www.phpbb.com/customise/db/download/104136', + 'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/', + 'security' => false, + ))), 'VERSIONCHECK_INVALID_ENTRY'), + array('{ + "unstable": { + "1.0": { + "current<script>alert(\'foo\');</script>": "1.0.1", + "download2": "https://www.phpbb.com/customise/db/download/104136", + "bannouncement": "https://www.phpbb.com/customise/db/extension/boardrules/", + "eol": null, + "security": false, + "foobar": "<script>alert(\'test\');<script>" + } + } +}', true, array('stable' => array(), 'unstable' => array('1.0' => array( + 'security' => false, + ))), 'VERSIONCHECK_INVALID_ENTRY'), ); } /** * @dataProvider provider_get_versions */ - public function test_get_versions($input, $valid_data, $expected_return = '') + public function test_get_versions($input, $valid_data, $expected_return = '', $expected_exception = '') { $this->file_downloader->set($input); @@ -161,7 +204,7 @@ class version_helper_remote_test extends \phpbb_test_case try { $return = $this->version_helper->get_versions(); } catch (\phpbb\exception\runtime_exception $e) { - $this->assertEquals((string)$e->getMessage(), 'VERSIONCHECK_FAIL'); + $this->assertEquals((string)$e->getMessage(), $expected_exception); } } else |