Feature #22666 » 14405.diff
tests/contrib/removexssTest.php Lokal neu | ||
---|---|---|
<?php
|
||
/***************************************************************
|
||
* Copyright notice
|
||
*
|
||
* (c) 2009 Steffen Kamper <info@sk-typo3.de>
|
||
* All rights reserved
|
||
*
|
||
* This script is part of the TYPO3 project. The TYPO3 project is
|
||
* free software; you can redistribute it and/or modify
|
||
* it under the terms of the GNU General Public License as published by
|
||
* the Free Software Foundation; either version 2 of the License, or
|
||
* (at your option) any later version.
|
||
*
|
||
* The GNU General Public License can be found at
|
||
* http://www.gnu.org/copyleft/gpl.html.
|
||
*
|
||
* This script is distributed in the hope that it will be useful,
|
||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
* GNU General Public License for more details.
|
||
*
|
||
* This copyright notice MUST APPEAR in all copies of the script!
|
||
***************************************************************/
|
||
require_once(PATH_typo3 . 'contrib/RemoveXSS/RemoveXSS.php');
|
||
/**
|
||
* Testcase for class RemoveXSS
|
||
*
|
||
* @author Steffen Kamper <info@sk-typo3.de>
|
||
* @package TYPO3
|
||
* @subpackage contrib
|
||
* @ see http://ha.ckers.org/xss.html
|
||
* @ examples from http://ha.ckers.org/xssAttacks.xml
|
||
*/
|
||
class RemoveXSSTest extends tx_phpunit_testcase {
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackScriptAlert() {
|
||
$testString = "<SCRIPT>alert('XSS')</SCRIPT>";
|
||
$expectedString = "<sc<x>ript>alert('XSS')</SCRIPT>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackScriptSrcJs() {
|
||
$testString = '<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>';
|
||
$expectedString = "<sc<x>ript SRC=http://ha.ckers.org/xss.js></SCRIPT>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackScriptAlertFromCharCode() {
|
||
$testString = '<SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>';
|
||
$expectedString = '<sc<x>ript>alert(String.fromCharCode(88,83,83))</SCRIPT>';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackBaseHref() {
|
||
$testString = "<BASE HREF=\"javascript:alert('XSS');//\">";
|
||
$expectedString = "<ba<x>se HREF=\"ja<x>vascript:alert('XSS');//\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackBgsound() {
|
||
$testString = "<BGSOUND SRC=\"javascript:alert('XSS');\">";
|
||
$expectedString = "<bg<x>sound SRC=\"ja<x>vascript:alert('XSS');\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackBodyBackground() {
|
||
$testString = "<BODY BACKGROUND=\"javascript:alert('XSS');\">";
|
||
$expectedString = "<BODY BACKGROUND=\"ja<x>vascript:alert('XSS');\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackBodyOnLoad() {
|
||
$testString = "<BODY ONLOAD=alert('XSS')>";
|
||
$expectedString = "<BODY on<x>load=alert('XSS')>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackStyleUrl() {
|
||
$testString = "<DIV STYLE=\"background-image: url(javascript:alert('XSS'))\">";
|
||
$expectedString = "<DIV st<x>yle=\"background-image: url(ja<x>vascript:alert('XSS'))\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackStyleWidth() {
|
||
$testString = "<DIV STYLE=\"width: expression(alert('XSS'));\">";
|
||
$expectedString = "<DIV st<x>yle=\"width: expression(alert('XSS'));\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackFrameset() {
|
||
$testString = "<FRAMESET><FRAME SRC=\"javascript:alert('XSS');\"></FRAMESET>";
|
||
$expectedString = "<fr<x>ameset><fr<x>ame SRC=\"ja<x>vascript:alert('XSS');\"></FRAMESET>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackIframe() {
|
||
$testString = "<IFRAME SRC=\"javascript:alert('XSS');\"></IFRAME>";
|
||
$expectedString = "<if<x>rame SRC=\"ja<x>vascript:alert('XSS');\"></IFRAME>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackInputImage() {
|
||
$testString = "<INPUT TYPE=\"IMAGE\" SRC=\"javascript:alert('XSS');\">";
|
||
$expectedString = "<INPUT TYPE=\"IMAGE\" SRC=\"ja<x>vascript:alert('XSS');\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackImageSrc() {
|
||
$testString = "<IMG SRC=\"javascript:alert('XSS');\">";
|
||
$expectedString = "<IMG SRC=\"ja<x>vascript:alert('XSS');\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackImageSrcNoQuotesNoSemicolon() {
|
||
$testString = "<IMG SRC=javascript:alert('XSS')>";
|
||
$expectedString = "<IMG SRC=ja<x>vascript:alert('XSS')>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackImageDynsrc() {
|
||
$testString = "<IMG DYNSRC=\"javascript:alert('XSS');\">";
|
||
$expectedString = "<IMG DYNSRC=\"ja<x>vascript:alert('XSS');\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackImageLowsrc() {
|
||
$testString = "<IMG LOWSRC=\"javascript:alert('XSS');\">";
|
||
$expectedString = "<IMG LOWSRC=\"ja<x>vascript:alert('XSS');\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackStyle() {
|
||
$testString = "<STYLE>li {list-style-image: url(\"javascript:alert('XSS')\");}</STYLE>";
|
||
$expectedString = "<st<x>yle>li {list-style-image: url(\"ja<x>vascript:alert('XSS')\");}</STYLE>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackImageVbscript() {
|
||
$testString = "<IMG SRC='vbscript:msgbox(\"XSS\")'>";
|
||
$expectedString = "<IMG SRC='vb<x>script:msgbox(\"XSS\")'>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackLayer() {
|
||
$testString = "<LAYER SRC=\"http://ha.ckers.org/scriptlet.html\"></LAYER>";
|
||
$expectedString = "<la<x>yer SRC=\"http://ha.ckers.org/scriptlet.html\"></LAYER>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackMeta() {
|
||
$testString = '<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert(\'XSS\');">';
|
||
$expectedString = '<me<x>ta HTTP-EQUIV="refresh" CONTENT="0;url=ja<x>vascript:alert(\'XSS\');">';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackMetaWithUrl() {
|
||
$testString = '<META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">';
|
||
$expectedString = '<me<x>ta HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackMetaWithUrlExtended() {
|
||
$testString = '<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert(\'XSS\');">';
|
||
$expectedString = '<me<x>ta HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=ja<x>vascript:alert(\'XSS\');">';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackObject() {
|
||
$testString = '<OBJECT TYPE="text/x-scriptlet" DATA="http://ha.ckers.org/scriptlet.html"></OBJECT>';
|
||
$expectedString = '<ob<x>ject TYPE="text/x-scriptlet" DATA="http://ha.ckers.org/scriptlet.html"></OBJECT>';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackObjectEmbeddedXss() {
|
||
$testString = '<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert(\'XSS\')></OBJECT>';
|
||
$expectedString = '<ob<x>ject classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=ja<x>vascript:alert(\'XSS\')></OBJECT>';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackEmbedFlash() {
|
||
$testString = '<EMBED SRC="http://ha.ckers.org/xss.swf" AllowScriptAccess="always"></EMBED>';
|
||
$expectedString = '<em<x>bed SRC="http://ha.ckers.org/xss.swf" AllowScriptAccess="always"></EMBED>';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackActionScriptEval() {
|
||
$testString = 'a="get";b="URL("";c="javascript:";d="alert(\'XSS\');")";eval(a+b+c+d);";';
|
||
$expectedString = 'a="get";b="URL("";c="ja<x>vascript:";d="alert(\'XSS\');")";eval(a+b+c+d);";';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackImageStyleWithComment() {
|
||
$testString = '<IMG STYLE="xss:expr/*XSS*/ession(alert(\'XSS\'))">';
|
||
$expectedString = '<IMG st<x>yle="xss:expr/*XSS*/ession(alert(\'XSS\'))">';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackStyleInAnonymousHtml() {
|
||
$testString = '<XSS STYLE="xss:expression(alert(\'XSS\'))">';
|
||
$expectedString = '<XSS st<x>yle="xss:expression(alert(\'XSS\'))">';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackStyleWithBackgroundImage() {
|
||
$testString = '<STYLE>.XSS{background-image:url("javascript:alert(\'XSS\')");}</STYLE><A CLASS=XSS></A>';
|
||
$expectedString = '<st<x>yle>.XSS{background-image:url("ja<x>vascript:alert(\'XSS\')");}</STYLE><A CLASS=XSS></A>';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackStyleWithBackground() {
|
||
$testString = '<STYLE type="text/css">BODY{background:url("javascript:alert(\'XSS\')")}</STYLE>';
|
||
$expectedString = '<st<x>yle type="text/css">BODY{background:url("ja<x>vascript:alert(\'XSS\')")}</STYLE>';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackStylesheet() {
|
||
$testString = '<LINK REL="stylesheet" HREF="javascript:alert(\'XSS\');">';
|
||
$expectedString = '<li<x>nk REL="stylesheet" HREF="ja<x>vascript:alert(\'XSS\');">';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackRemoteStylesheet() {
|
||
$testString = '<LINK REL="stylesheet" HREF="http://ha.ckers.org/xss.css">';
|
||
$expectedString = '<li<x>nk REL="stylesheet" HREF="http://ha.ckers.org/xss.css">';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackImportRemoteStylesheet() {
|
||
$testString = '<STYLE>@import\'http://ha.ckers.org/xss.css\';</STYLE>';
|
||
$expectedString = '<st<x>yle>@import\'http://ha.ckers.org/xss.css\';</STYLE>';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
}
|
||
?>
|
tests/contrib/removexss_testcase.php Lokal gelöscht | ||
---|---|---|
<?php
|
||
/***************************************************************
|
||
* Copyright notice
|
||
*
|
||
* (c) 2009 Steffen Kamper <info@sk-typo3.de>
|
||
* All rights reserved
|
||
*
|
||
* This script is part of the TYPO3 project. The TYPO3 project is
|
||
* free software; you can redistribute it and/or modify
|
||
* it under the terms of the GNU General Public License as published by
|
||
* the Free Software Foundation; either version 2 of the License, or
|
||
* (at your option) any later version.
|
||
*
|
||
* The GNU General Public License can be found at
|
||
* http://www.gnu.org/copyleft/gpl.html.
|
||
*
|
||
* This script is distributed in the hope that it will be useful,
|
||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
* GNU General Public License for more details.
|
||
*
|
||
* This copyright notice MUST APPEAR in all copies of the script!
|
||
***************************************************************/
|
||
require_once(PATH_typo3 . 'contrib/RemoveXSS/RemoveXSS.php');
|
||
/**
|
||
* Testcase for class RemoveXSS
|
||
*
|
||
* @author Steffen Kamper <info@sk-typo3.de>
|
||
* @package TYPO3
|
||
* @subpackage contrib
|
||
* @ see http://ha.ckers.org/xss.html
|
||
* @ examples from http://ha.ckers.org/xssAttacks.xml
|
||
*/
|
||
class RemoveXSS_testcase extends tx_phpunit_testcase {
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackScriptAlert() {
|
||
$testString = "<SCRIPT>alert('XSS')</SCRIPT>";
|
||
$expectedString = "<sc<x>ript>alert('XSS')</SCRIPT>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackScriptSrcJs() {
|
||
$testString = '<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>';
|
||
$expectedString = "<sc<x>ript SRC=http://ha.ckers.org/xss.js></SCRIPT>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackScriptAlertFromCharCode() {
|
||
$testString = '<SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>';
|
||
$expectedString = '<sc<x>ript>alert(String.fromCharCode(88,83,83))</SCRIPT>';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackBaseHref() {
|
||
$testString = "<BASE HREF=\"javascript:alert('XSS');//\">";
|
||
$expectedString = "<ba<x>se HREF=\"ja<x>vascript:alert('XSS');//\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackBgsound() {
|
||
$testString = "<BGSOUND SRC=\"javascript:alert('XSS');\">";
|
||
$expectedString = "<bg<x>sound SRC=\"ja<x>vascript:alert('XSS');\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackBodyBackground() {
|
||
$testString = "<BODY BACKGROUND=\"javascript:alert('XSS');\">";
|
||
$expectedString = "<BODY BACKGROUND=\"ja<x>vascript:alert('XSS');\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackBodyOnLoad() {
|
||
$testString = "<BODY ONLOAD=alert('XSS')>";
|
||
$expectedString = "<BODY on<x>load=alert('XSS')>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackStyleUrl() {
|
||
$testString = "<DIV STYLE=\"background-image: url(javascript:alert('XSS'))\">";
|
||
$expectedString = "<DIV st<x>yle=\"background-image: url(ja<x>vascript:alert('XSS'))\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackStyleWidth() {
|
||
$testString = "<DIV STYLE=\"width: expression(alert('XSS'));\">";
|
||
$expectedString = "<DIV st<x>yle=\"width: expression(alert('XSS'));\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackFrameset() {
|
||
$testString = "<FRAMESET><FRAME SRC=\"javascript:alert('XSS');\"></FRAMESET>";
|
||
$expectedString = "<fr<x>ameset><fr<x>ame SRC=\"ja<x>vascript:alert('XSS');\"></FRAMESET>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackIframe() {
|
||
$testString = "<IFRAME SRC=\"javascript:alert('XSS');\"></IFRAME>";
|
||
$expectedString = "<if<x>rame SRC=\"ja<x>vascript:alert('XSS');\"></IFRAME>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackInputImage() {
|
||
$testString = "<INPUT TYPE=\"IMAGE\" SRC=\"javascript:alert('XSS');\">";
|
||
$expectedString = "<INPUT TYPE=\"IMAGE\" SRC=\"ja<x>vascript:alert('XSS');\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackImageSrc() {
|
||
$testString = "<IMG SRC=\"javascript:alert('XSS');\">";
|
||
$expectedString = "<IMG SRC=\"ja<x>vascript:alert('XSS');\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackImageSrcNoQuotesNoSemicolon() {
|
||
$testString = "<IMG SRC=javascript:alert('XSS')>";
|
||
$expectedString = "<IMG SRC=ja<x>vascript:alert('XSS')>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackImageDynsrc() {
|
||
$testString = "<IMG DYNSRC=\"javascript:alert('XSS');\">";
|
||
$expectedString = "<IMG DYNSRC=\"ja<x>vascript:alert('XSS');\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackImageLowsrc() {
|
||
$testString = "<IMG LOWSRC=\"javascript:alert('XSS');\">";
|
||
$expectedString = "<IMG LOWSRC=\"ja<x>vascript:alert('XSS');\">";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackStyle() {
|
||
$testString = "<STYLE>li {list-style-image: url(\"javascript:alert('XSS')\");}</STYLE>";
|
||
$expectedString = "<st<x>yle>li {list-style-image: url(\"ja<x>vascript:alert('XSS')\");}</STYLE>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackImageVbscript() {
|
||
$testString = "<IMG SRC='vbscript:msgbox(\"XSS\")'>";
|
||
$expectedString = "<IMG SRC='vb<x>script:msgbox(\"XSS\")'>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackLayer() {
|
||
$testString = "<LAYER SRC=\"http://ha.ckers.org/scriptlet.html\"></LAYER>";
|
||
$expectedString = "<la<x>yer SRC=\"http://ha.ckers.org/scriptlet.html\"></LAYER>";
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackMeta() {
|
||
$testString = '<META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert(\'XSS\');">';
|
||
$expectedString = '<me<x>ta HTTP-EQUIV="refresh" CONTENT="0;url=ja<x>vascript:alert(\'XSS\');">';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackMetaWithUrl() {
|
||
$testString = '<META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">';
|
||
$expectedString = '<me<x>ta HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K">';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackMetaWithUrlExtended() {
|
||
$testString = '<META HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=javascript:alert(\'XSS\');">';
|
||
$expectedString = '<me<x>ta HTTP-EQUIV="refresh" CONTENT="0; URL=http://;URL=ja<x>vascript:alert(\'XSS\');">';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackObject() {
|
||
$testString = '<OBJECT TYPE="text/x-scriptlet" DATA="http://ha.ckers.org/scriptlet.html"></OBJECT>';
|
||
$expectedString = '<ob<x>ject TYPE="text/x-scriptlet" DATA="http://ha.ckers.org/scriptlet.html"></OBJECT>';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackObjectEmbeddedXss() {
|
||
$testString = '<OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert(\'XSS\')></OBJECT>';
|
||
$expectedString = '<ob<x>ject classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=ja<x>vascript:alert(\'XSS\')></OBJECT>';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackEmbedFlash() {
|
||
$testString = '<EMBED SRC="http://ha.ckers.org/xss.swf" AllowScriptAccess="always"></EMBED>';
|
||
$expectedString = '<em<x>bed SRC="http://ha.ckers.org/xss.swf" AllowScriptAccess="always"></EMBED>';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackActionScriptEval() {
|
||
$testString = 'a="get";b="URL("";c="javascript:";d="alert(\'XSS\');")";eval(a+b+c+d);";';
|
||
$expectedString = 'a="get";b="URL("";c="ja<x>vascript:";d="alert(\'XSS\');")";eval(a+b+c+d);";';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackImageStyleWithComment() {
|
||
$testString = '<IMG STYLE="xss:expr/*XSS*/ession(alert(\'XSS\'))">';
|
||
$expectedString = '<IMG st<x>yle="xss:expr/*XSS*/ession(alert(\'XSS\'))">';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackStyleInAnonymousHtml() {
|
||
$testString = '<XSS STYLE="xss:expression(alert(\'XSS\'))">';
|
||
$expectedString = '<XSS st<x>yle="xss:expression(alert(\'XSS\'))">';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackStyleWithBackgroundImage() {
|
||
$testString = '<STYLE>.XSS{background-image:url("javascript:alert(\'XSS\')");}</STYLE><A CLASS=XSS></A>';
|
||
$expectedString = '<st<x>yle>.XSS{background-image:url("ja<x>vascript:alert(\'XSS\')");}</STYLE><A CLASS=XSS></A>';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackStyleWithBackground() {
|
||
$testString = '<STYLE type="text/css">BODY{background:url("javascript:alert(\'XSS\')")}</STYLE>';
|
||
$expectedString = '<st<x>yle type="text/css">BODY{background:url("ja<x>vascript:alert(\'XSS\')")}</STYLE>';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackStylesheet() {
|
||
$testString = '<LINK REL="stylesheet" HREF="javascript:alert(\'XSS\');">';
|
||
$expectedString = '<li<x>nk REL="stylesheet" HREF="ja<x>vascript:alert(\'XSS\');">';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackRemoteStylesheet() {
|
||
$testString = '<LINK REL="stylesheet" HREF="http://ha.ckers.org/xss.css">';
|
||
$expectedString = '<li<x>nk REL="stylesheet" HREF="http://ha.ckers.org/xss.css">';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
/**
|
||
* @test
|
||
*/
|
||
public function checkAttackImportRemoteStylesheet() {
|
||
$testString = '<STYLE>@import\'http://ha.ckers.org/xss.css\';</STYLE>';
|
||
$expectedString = '<st<x>yle>@import\'http://ha.ckers.org/xss.css\';</STYLE>';
|
||
$actualString = RemoveXSS::process($testString);
|
||
$this->assertEquals($expectedString, $actualString);
|
||
}
|
||
}
|
||
?>
|
tests/t3lib/cache/backend/t3lib_cache_backend_abstractbackendTest.php Lokal neu | ||
---|---|---|
<?php
|
||
/***************************************************************
|
||
* Copyright notice
|
||
*
|
||
* (c) 2009 Ingo Renner <ingo@typo3.org>
|
||
* All rights reserved
|
||
*
|
||
* This script is part of the TYPO3 project. The TYPO3 project is
|
||
* free software; you can redistribute it and/or modify
|
||
* it under the terms of the GNU General Public License as published by
|
||
* the Free Software Foundation; either version 2 of the License, or
|
||
* (at your option) any later version.
|
||
*
|
||
* The GNU General Public License can be found at
|
||
* http://www.gnu.org/copyleft/gpl.html.
|
||
*
|
||
* This script is distributed in the hope that it will be useful,
|
||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
* GNU General Public License for more details.
|
||
*
|
||
* This copyright notice MUST APPEAR in all copies of the script!
|
||
***************************************************************/
|
||
/**
|
||
* Testcase for the abstract cache backend
|
||
*
|
||
* This file is a backport from FLOW3
|
||
*
|
||
* @author Ingo Renner <ingo@typo3.org>
|
||
* @package TYPO3
|
||
* @subpackage tests
|
||
* @version $Id: t3lib_cache_backend_abstractbackendtestcase.php 6536 2009-11-25 14:07:18Z stucki $
|
||
*/
|
||
class t3lib_cache_backend_AbstractBackendTestCase extends tx_phpunit_testcase {
|
||
/**
|
||
* @var t3lib_cache_backend_AbstractBackend
|
||
*/
|
||
protected $backend;
|
||
/**
|
||
* @return void
|
||
* @author Robert Lemke <robert@typo3.org>
|
||
* @author Ingo Renner <ingo@typo3.org>
|
||
*/
|
||
public function setUp() {
|
||
$className = uniqid('ConcreteBackend_');
|
||
eval('
|
||
class ' . $className. ' extends t3lib_cache_backend_AbstractBackend {
|
||
public function set($entryIdentifier, $data, array $tags = array(), $lifetime = NULL) {}
|
||
public function get($entryIdentifier) {}
|
||
public function has($entryIdentifier) {}
|
||
public function remove($entryIdentifier) {}
|
||
public function flush() {}
|
||
public function flushByTag($tag) {}
|
||
public function flushByTags(array $tags) {}
|
||
public function findIdentifiersByTag($tag) {}
|
||
public function findIdentifiersByTags(array $tags) {}
|
||
public function collectGarbage() {}
|
||
public function setSomeOption($value) {
|
||
$this->someOption = $value;
|
||
}
|
||
public function getSomeOption() {
|
||
return $this->someOption;
|
||
}
|
||
}
|
||
');
|
||
$this->backend = new $className();
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Robert Lemke <robert@typo3.org>
|
||
*/
|
||
public function theConstructorCallsSetterMethodsForAllSpecifiedOptions() {
|
||
$className = get_class($this->backend);
|
||
$backend = new $className(array('someOption' => 'someValue'));
|
||
$this->assertSame('someValue', $backend->getSomeOption());
|
||
}
|
||
}
|
||
?>
|
tests/t3lib/cache/backend/t3lib_cache_backend_abstractbackendtestcase.php Lokal gelöscht | ||
---|---|---|
<?php
|
||
/***************************************************************
|
||
* Copyright notice
|
||
*
|
||
* (c) 2009 Ingo Renner <ingo@typo3.org>
|
||
* All rights reserved
|
||
*
|
||
* This script is part of the TYPO3 project. The TYPO3 project is
|
||
* free software; you can redistribute it and/or modify
|
||
* it under the terms of the GNU General Public License as published by
|
||
* the Free Software Foundation; either version 2 of the License, or
|
||
* (at your option) any later version.
|
||
*
|
||
* The GNU General Public License can be found at
|
||
* http://www.gnu.org/copyleft/gpl.html.
|
||
*
|
||
* This script is distributed in the hope that it will be useful,
|
||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
* GNU General Public License for more details.
|
||
*
|
||
* This copyright notice MUST APPEAR in all copies of the script!
|
||
***************************************************************/
|
||
/**
|
||
* Testcase for the abstract cache backend
|
||
*
|
||
* This file is a backport from FLOW3
|
||
*
|
||
* @author Ingo Renner <ingo@typo3.org>
|
||
* @package TYPO3
|
||
* @subpackage tests
|
||
* @version $Id: t3lib_cache_backend_abstractbackendtestcase.php 6536 2009-11-25 14:07:18Z stucki $
|
||
*/
|
||
class t3lib_cache_backend_AbstractBackendTestCase extends tx_phpunit_testcase {
|
||
/**
|
||
* @var t3lib_cache_backend_AbstractBackend
|
||
*/
|
||
protected $backend;
|
||
/**
|
||
* @return void
|
||
* @author Robert Lemke <robert@typo3.org>
|
||
* @author Ingo Renner <ingo@typo3.org>
|
||
*/
|
||
public function setUp() {
|
||
$className = uniqid('ConcreteBackend_');
|
||
eval('
|
||
class ' . $className. ' extends t3lib_cache_backend_AbstractBackend {
|
||
public function set($entryIdentifier, $data, array $tags = array(), $lifetime = NULL) {}
|
||
public function get($entryIdentifier) {}
|
||
public function has($entryIdentifier) {}
|
||
public function remove($entryIdentifier) {}
|
||
public function flush() {}
|
||
public function flushByTag($tag) {}
|
||
public function flushByTags(array $tags) {}
|
||
public function findIdentifiersByTag($tag) {}
|
||
public function findIdentifiersByTags(array $tags) {}
|
||
public function collectGarbage() {}
|
||
public function setSomeOption($value) {
|
||
$this->someOption = $value;
|
||
}
|
||
public function getSomeOption() {
|
||
return $this->someOption;
|
||
}
|
||
}
|
||
');
|
||
$this->backend = new $className();
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Robert Lemke <robert@typo3.org>
|
||
*/
|
||
public function theConstructorCallsSetterMethodsForAllSpecifiedOptions() {
|
||
$className = get_class($this->backend);
|
||
$backend = new $className(array('someOption' => 'someValue'));
|
||
$this->assertSame('someValue', $backend->getSomeOption());
|
||
}
|
||
}
|
||
?>
|
tests/t3lib/cache/backend/t3lib_cache_backend_apcbackendTest.php Lokal neu | ||
---|---|---|
<?php
|
||
/***************************************************************
|
||
* Copyright notice
|
||
*
|
||
* (c) 2009 Ingo Renner <ingo@typo3.org>
|
||
* All rights reserved
|
||
*
|
||
* This script is part of the TYPO3 project. The TYPO3 project is
|
||
* free software; you can redistribute it and/or modify
|
||
* it under the terms of the GNU General Public License as published by
|
||
* the Free Software Foundation; either version 2 of the License, or
|
||
* (at your option) any later version.
|
||
*
|
||
* The GNU General Public License can be found at
|
||
* http://www.gnu.org/copyleft/gpl.html.
|
||
*
|
||
* This script is distributed in the hope that it will be useful,
|
||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
* GNU General Public License for more details.
|
||
*
|
||
* This copyright notice MUST APPEAR in all copies of the script!
|
||
***************************************************************/
|
||
// TODO implement autoloading so that we only require stuff we really need
|
||
require_once(PATH_t3lib . 'class.t3lib_cache.php');
|
||
require_once(PATH_t3lib . 'cache/backend/interfaces/interface.t3lib_cache_backend_backend.php');
|
||
require_once(PATH_t3lib . 'cache/frontend/interfaces/interface.t3lib_cache_frontend_frontend.php');
|
||
require_once(PATH_t3lib . 'cache/backend/class.t3lib_cache_backend_abstractbackend.php');
|
||
require_once(PATH_t3lib . 'cache/frontend/class.t3lib_cache_frontend_abstractfrontend.php');
|
||
require_once(PATH_t3lib . 'cache/class.t3lib_cache_exception.php');
|
||
require_once(PATH_t3lib . 'cache/class.t3lib_cache_factory.php');
|
||
require_once(PATH_t3lib . 'cache/class.t3lib_cache_manager.php');
|
||
require_once(PATH_t3lib . 'cache/frontend/class.t3lib_cache_frontend_variablefrontend.php');
|
||
require_once(PATH_t3lib . 'cache/exception/class.t3lib_cache_exception_classalreadyloaded.php');
|
||
require_once(PATH_t3lib . 'cache/exception/class.t3lib_cache_exception_duplicateidentifier.php');
|
||
require_once(PATH_t3lib . 'cache/exception/class.t3lib_cache_exception_invalidbackend.php');
|
||
require_once(PATH_t3lib . 'cache/exception/class.t3lib_cache_exception_invalidcache.php');
|
||
require_once(PATH_t3lib . 'cache/exception/class.t3lib_cache_exception_invaliddata.php');
|
||
require_once(PATH_t3lib . 'cache/exception/class.t3lib_cache_exception_nosuchcache.php');
|
||
require_once(PATH_t3lib . 'cache/backend/class.t3lib_cache_backend_apcbackend.php');
|
||
/**
|
||
* Testcase for the APC cache backend
|
||
*
|
||
* This file is a backport from FLOW3
|
||
*
|
||
* @author Ingo Renner <ingo@typo3.org>
|
||
* @package TYPO3
|
||
* @subpackage tests
|
||
* @version $Id: t3lib_cache_backend_apcbackendtestcase.php 6536 2009-11-25 14:07:18Z stucki $
|
||
*/
|
||
class t3lib_cache_backend_ApcBackendTestCase extends tx_phpunit_testcase {
|
||
/**
|
||
* Sets up this testcase
|
||
*
|
||
* @return void
|
||
* @author Karsten Dambekalns <karsten@typo3.org>
|
||
* @author Ingo Renner <ingo@typo3.org>
|
||
*/
|
||
public function setUp() {
|
||
if (!extension_loaded('apc')) {
|
||
$this->markTestSkipped('APC extension was not available');
|
||
}
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Christian Jul Jensen <julle@typo3.org>
|
||
* @author Karsten Dambekalns <karsten@typo3.org>
|
||
* @expectedException t3lib_cache_Exception
|
||
*/
|
||
public function setThrowsExceptionIfNoFrontEndHasBeenSet() {
|
||
$backend = new t3lib_cache_backend_ApcBackend();
|
||
$data = 'Some data';
|
||
$identifier = 'MyIdentifier';
|
||
$backend->set($identifier, $data);
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Christian Jul Jensen <julle@typo3.org>
|
||
*/
|
||
public function itIsPossibleToSetAndCheckExistenceInCache() {
|
||
$backend = $this->setUpBackend();
|
||
$data = 'Some data';
|
||
$identifier = 'MyIdentifier';
|
||
$backend->set($identifier, $data);
|
||
$inCache = $backend->has($identifier);
|
||
$this->assertTrue($inCache, 'APC backend failed to set and check entry');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Christian Jul Jensen <julle@typo3.org>
|
||
*/
|
||
public function itIsPossibleToSetAndGetEntry() {
|
||
$backend = $this->setUpBackend();
|
||
$data = 'Some data';
|
||
$identifier = 'MyIdentifier';
|
||
$backend->set($identifier, $data);
|
||
$fetchedData = $backend->get($identifier);
|
||
$this->assertEquals($data, $fetchedData, 'APC backend failed to set and retrieve data');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Christian Jul Jensen <julle@typo3.org>
|
||
*/
|
||
public function itIsPossibleToRemoveEntryFromCache() {
|
||
$backend = $this->setUpBackend();
|
||
$data = 'Some data';
|
||
$identifier = 'MyIdentifier';
|
||
$backend->set($identifier, $data);
|
||
$backend->remove($identifier);
|
||
$inCache = $backend->has($identifier);
|
||
$this->assertFalse($inCache, 'Failed to set and remove data from APC backend');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Christian Jul Jensen <julle@typo3.org>
|
||
*/
|
||
public function itIsPossibleToOverwriteAnEntryInTheCache() {
|
||
$backend = $this->setUpBackend();
|
||
$data = 'Some data';
|
||
$identifier = 'MyIdentifier';
|
||
$backend->set($identifier, $data);
|
||
$otherData = 'some other data';
|
||
$backend->set($identifier, $otherData);
|
||
$fetchedData = $backend->get($identifier);
|
||
$this->assertEquals($otherData, $fetchedData, 'APC backend failed to overwrite and retrieve data');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Karsten Dambekalns <karsten@typo3.org>
|
||
*/
|
||
public function findIdentifiersByTagFindsSetEntries() {
|
||
$backend = $this->setUpBackend();
|
||
$data = 'Some data';
|
||
$entryIdentifier = 'MyIdentifier';
|
||
$backend->set($entryIdentifier, $data, array('UnitTestTag%tag1', 'UnitTestTag%tag2'));
|
||
$retrieved = $backend->findIdentifiersByTag('UnitTestTag%tag1');
|
||
$this->assertEquals($entryIdentifier, $retrieved[0], 'Could not retrieve expected entry by tag.');
|
||
$retrieved = $backend->findIdentifiersByTag('UnitTestTag%tag2');
|
||
$this->assertEquals($entryIdentifier, $retrieved[0], 'Could not retrieve expected entry by tag.');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Karsten Dambekalns <karsten@typo3.org>
|
||
*/
|
||
public function setRemovesTagsFromPreviousSet() {
|
||
$backend = $this->setUpBackend();
|
||
$data = 'Some data';
|
||
$entryIdentifier = 'MyIdentifier';
|
||
$backend->set($entryIdentifier, $data, array('UnitTestTag%tag1', 'UnitTestTag%tag2'));
|
||
$backend->set($entryIdentifier, $data, array('UnitTestTag%tag3'));
|
||
$retrieved = $backend->findIdentifiersByTag('UnitTestTag%tag2');
|
||
$this->assertEquals(array(), $retrieved, 'Found entry which should no longer exist.');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Christian Jul Jensen <julle@typo3.org>
|
||
*/
|
||
public function hasReturnsFalseIfTheEntryDoesntExist() {
|
||
$backend = $this->setUpBackend();
|
||
$identifier = 'NonExistingIdentifier';
|
||
$inCache = $backend->has($identifier);
|
||
$this->assertFalse($inCache,'"has" did not return false when checking on non existing identifier');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Christian Jul Jensen <julle@typo3.org>
|
||
*/
|
||
public function removeReturnsFalseIfTheEntryDoesntExist() {
|
||
$backend = $this->setUpBackend();
|
||
$identifier = 'NonExistingIdentifier';
|
||
$inCache = $backend->remove($identifier);
|
||
$this->assertFalse($inCache,'"remove" did not return false when checking on non existing identifier');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Robert Lemke <robert@typo3.org>
|
||
* @author Karsten Dambekalns <karsten@typo3.org>
|
||
*/
|
||
public function flushByTagRemovesCacheEntriesWithSpecifiedTag() {
|
||
$backend = $this->setUpBackend();
|
||
$data = 'some data' . microtime();
|
||
$backend->set('BackendMemcacheTest1', $data, array('UnitTestTag%test', 'UnitTestTag%boring'));
|
||
$backend->set('BackendMemcacheTest2', $data, array('UnitTestTag%test', 'UnitTestTag%special'));
|
||
$backend->set('BackendMemcacheTest3', $data, array('UnitTestTag%test'));
|
||
$backend->flushByTag('UnitTestTag%special');
|
||
$this->assertTrue($backend->has('BackendMemcacheTest1'), 'BackendMemcacheTest1');
|
||
$this->assertFalse($backend->has('BackendMemcacheTest2'), 'BackendMemcacheTest2');
|
||
$this->assertTrue($backend->has('BackendMemcacheTest3'), 'BackendMemcacheTest3');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Karsten Dambekalns <karsten@typo3.org>
|
||
*/
|
||
public function flushRemovesAllCacheEntries() {
|
||
$backend = $this->setUpBackend();
|
||
$data = 'some data' . microtime();
|
||
$backend->set('BackendMemcacheTest1', $data);
|
||
$backend->set('BackendMemcacheTest2', $data);
|
||
$backend->set('BackendMemcacheTest3', $data);
|
||
$backend->flush();
|
||
$this->assertFalse($backend->has('BackendMemcacheTest1'), 'BackendMemcacheTest1');
|
||
$this->assertFalse($backend->has('BackendMemcacheTest2'), 'BackendMemcacheTest2');
|
||
$this->assertFalse($backend->has('BackendMemcacheTest3'), 'BackendMemcacheTest3');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Karsten Dambekalns <karsten@typo3.org>
|
||
* @author Ingo Renner <ingo@typo3.org>
|
||
*/
|
||
public function flushRemovesOnlyOwnEntries() {
|
||
$thisCache = $this->getMock('t3lib_cache_frontend_Frontend', array(), array(), '', FALSE);
|
||
$thisCache->expects($this->any())->method('getIdentifier')->will($this->returnValue('thisCache'));
|
||
$thisBackend = new t3lib_cache_backend_ApcBackend();
|
||
$thisBackend->setCache($thisCache);
|
||
$thatCache = $this->getMock('t3lib_cache_frontend_Frontend', array(), array(), '', FALSE);
|
||
$thatCache->expects($this->any())->method('getIdentifier')->will($this->returnValue('thatCache'));
|
||
$thatBackend = new t3lib_cache_backend_ApcBackend();
|
||
$thatBackend->setCache($thatCache);
|
||
$thisBackend->set('thisEntry', 'Hello');
|
||
$thatBackend->set('thatEntry', 'World!');
|
||
$thatBackend->flush();
|
||
$this->assertEquals('Hello', $thisBackend->get('thisEntry'));
|
||
$this->assertFalse($thatBackend->has('thatEntry'));
|
||
}
|
||
/**
|
||
* Check if we can store ~5 MB of data
|
||
*
|
||
* @test
|
||
* @author Karsten Dambekalns <karsten@typo3.org>
|
||
*/
|
||
public function largeDataIsStored() {
|
||
$backend = $this->setUpBackend();
|
||
$data = str_repeat('abcde', 1024 * 1024);
|
||
$backend->set('tooLargeData', $data);
|
||
$this->assertTrue($backend->has('tooLargeData'));
|
||
$this->assertEquals($backend->get('tooLargeData'), $data);
|
||
}
|
||
/**
|
||
* Sets up the memcached backend used for testing
|
||
*
|
||
* @param array $backendOptions Options for the memcache backend
|
||
* @return t3lib_cache_backend_ApcBackend
|
||
* @author Karsten Dambekalns <karsten@typo3.org>
|
||
* @author Ingo Renner <ingo@typo3.org>
|
||
*/
|
||
protected function setUpBackend(array $backendOptions = array()) {
|
||
$cache = $this->getMock('t3lib_cache_frontend_Frontend', array(), array(), '', FALSE);
|
||
$backend = new t3lib_cache_backend_ApcBackend();
|
||
$backend->setCache($cache);
|
||
return $backend;
|
||
}
|
||
}
|
||
?>
|
tests/t3lib/cache/backend/t3lib_cache_backend_apcbackendtestcase.php Lokal gelöscht | ||
---|---|---|
<?php
|
||
/***************************************************************
|
||
* Copyright notice
|
||
*
|
||
* (c) 2009 Ingo Renner <ingo@typo3.org>
|
||
* All rights reserved
|
||
*
|
||
* This script is part of the TYPO3 project. The TYPO3 project is
|
||
* free software; you can redistribute it and/or modify
|
||
* it under the terms of the GNU General Public License as published by
|
||
* the Free Software Foundation; either version 2 of the License, or
|
||
* (at your option) any later version.
|
||
*
|
||
* The GNU General Public License can be found at
|
||
* http://www.gnu.org/copyleft/gpl.html.
|
||
*
|
||
* This script is distributed in the hope that it will be useful,
|
||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
* GNU General Public License for more details.
|
||
*
|
||
* This copyright notice MUST APPEAR in all copies of the script!
|
||
***************************************************************/
|
||
// TODO implement autoloading so that we only require stuff we really need
|
||
require_once(PATH_t3lib . 'class.t3lib_cache.php');
|
||
require_once(PATH_t3lib . 'cache/backend/interfaces/interface.t3lib_cache_backend_backend.php');
|
||
require_once(PATH_t3lib . 'cache/frontend/interfaces/interface.t3lib_cache_frontend_frontend.php');
|
||
require_once(PATH_t3lib . 'cache/backend/class.t3lib_cache_backend_abstractbackend.php');
|
||
require_once(PATH_t3lib . 'cache/frontend/class.t3lib_cache_frontend_abstractfrontend.php');
|
||
require_once(PATH_t3lib . 'cache/class.t3lib_cache_exception.php');
|
||
require_once(PATH_t3lib . 'cache/class.t3lib_cache_factory.php');
|
||
require_once(PATH_t3lib . 'cache/class.t3lib_cache_manager.php');
|
||
require_once(PATH_t3lib . 'cache/frontend/class.t3lib_cache_frontend_variablefrontend.php');
|
||
require_once(PATH_t3lib . 'cache/exception/class.t3lib_cache_exception_classalreadyloaded.php');
|
||
require_once(PATH_t3lib . 'cache/exception/class.t3lib_cache_exception_duplicateidentifier.php');
|
||
require_once(PATH_t3lib . 'cache/exception/class.t3lib_cache_exception_invalidbackend.php');
|
||
require_once(PATH_t3lib . 'cache/exception/class.t3lib_cache_exception_invalidcache.php');
|
||
require_once(PATH_t3lib . 'cache/exception/class.t3lib_cache_exception_invaliddata.php');
|
||
require_once(PATH_t3lib . 'cache/exception/class.t3lib_cache_exception_nosuchcache.php');
|
||
require_once(PATH_t3lib . 'cache/backend/class.t3lib_cache_backend_apcbackend.php');
|
||
/**
|
||
* Testcase for the APC cache backend
|
||
*
|
||
* This file is a backport from FLOW3
|
||
*
|
||
* @author Ingo Renner <ingo@typo3.org>
|
||
* @package TYPO3
|
||
* @subpackage tests
|
||
* @version $Id: t3lib_cache_backend_apcbackendtestcase.php 6536 2009-11-25 14:07:18Z stucki $
|
||
*/
|
||
class t3lib_cache_backend_ApcBackendTestCase extends tx_phpunit_testcase {
|
||
/**
|
||
* Sets up this testcase
|
||
*
|
||
* @return void
|
||
* @author Karsten Dambekalns <karsten@typo3.org>
|
||
* @author Ingo Renner <ingo@typo3.org>
|
||
*/
|
||
public function setUp() {
|
||
if (!extension_loaded('apc')) {
|
||
$this->markTestSkipped('APC extension was not available');
|
||
}
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Christian Jul Jensen <julle@typo3.org>
|
||
* @author Karsten Dambekalns <karsten@typo3.org>
|
||
* @expectedException t3lib_cache_Exception
|
||
*/
|
||
public function setThrowsExceptionIfNoFrontEndHasBeenSet() {
|
||
$backend = new t3lib_cache_backend_ApcBackend();
|
||
$data = 'Some data';
|
||
$identifier = 'MyIdentifier';
|
||
$backend->set($identifier, $data);
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Christian Jul Jensen <julle@typo3.org>
|
||
*/
|
||
public function itIsPossibleToSetAndCheckExistenceInCache() {
|
||
$backend = $this->setUpBackend();
|
||
$data = 'Some data';
|
||
$identifier = 'MyIdentifier';
|
||
$backend->set($identifier, $data);
|
||
$inCache = $backend->has($identifier);
|
||
$this->assertTrue($inCache, 'APC backend failed to set and check entry');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Christian Jul Jensen <julle@typo3.org>
|
||
*/
|
||
public function itIsPossibleToSetAndGetEntry() {
|
||
$backend = $this->setUpBackend();
|
||
$data = 'Some data';
|
||
$identifier = 'MyIdentifier';
|
||
$backend->set($identifier, $data);
|
||
$fetchedData = $backend->get($identifier);
|
||
$this->assertEquals($data, $fetchedData, 'APC backend failed to set and retrieve data');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Christian Jul Jensen <julle@typo3.org>
|
||
*/
|
||
public function itIsPossibleToRemoveEntryFromCache() {
|
||
$backend = $this->setUpBackend();
|
||
$data = 'Some data';
|
||
$identifier = 'MyIdentifier';
|
||
$backend->set($identifier, $data);
|
||
$backend->remove($identifier);
|
||
$inCache = $backend->has($identifier);
|
||
$this->assertFalse($inCache, 'Failed to set and remove data from APC backend');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Christian Jul Jensen <julle@typo3.org>
|
||
*/
|
||
public function itIsPossibleToOverwriteAnEntryInTheCache() {
|
||
$backend = $this->setUpBackend();
|
||
$data = 'Some data';
|
||
$identifier = 'MyIdentifier';
|
||
$backend->set($identifier, $data);
|
||
$otherData = 'some other data';
|
||
$backend->set($identifier, $otherData);
|
||
$fetchedData = $backend->get($identifier);
|
||
$this->assertEquals($otherData, $fetchedData, 'APC backend failed to overwrite and retrieve data');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Karsten Dambekalns <karsten@typo3.org>
|
||
*/
|
||
public function findIdentifiersByTagFindsSetEntries() {
|
||
$backend = $this->setUpBackend();
|
||
$data = 'Some data';
|
||
$entryIdentifier = 'MyIdentifier';
|
||
$backend->set($entryIdentifier, $data, array('UnitTestTag%tag1', 'UnitTestTag%tag2'));
|
||
$retrieved = $backend->findIdentifiersByTag('UnitTestTag%tag1');
|
||
$this->assertEquals($entryIdentifier, $retrieved[0], 'Could not retrieve expected entry by tag.');
|
||
$retrieved = $backend->findIdentifiersByTag('UnitTestTag%tag2');
|
||
$this->assertEquals($entryIdentifier, $retrieved[0], 'Could not retrieve expected entry by tag.');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Karsten Dambekalns <karsten@typo3.org>
|
||
*/
|
||
public function setRemovesTagsFromPreviousSet() {
|
||
$backend = $this->setUpBackend();
|
||
$data = 'Some data';
|
||
$entryIdentifier = 'MyIdentifier';
|
||
$backend->set($entryIdentifier, $data, array('UnitTestTag%tag1', 'UnitTestTag%tag2'));
|
||
$backend->set($entryIdentifier, $data, array('UnitTestTag%tag3'));
|
||
$retrieved = $backend->findIdentifiersByTag('UnitTestTag%tag2');
|
||
$this->assertEquals(array(), $retrieved, 'Found entry which should no longer exist.');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Christian Jul Jensen <julle@typo3.org>
|
||
*/
|
||
public function hasReturnsFalseIfTheEntryDoesntExist() {
|
||
$backend = $this->setUpBackend();
|
||
$identifier = 'NonExistingIdentifier';
|
||
$inCache = $backend->has($identifier);
|
||
$this->assertFalse($inCache,'"has" did not return false when checking on non existing identifier');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Christian Jul Jensen <julle@typo3.org>
|
||
*/
|
||
public function removeReturnsFalseIfTheEntryDoesntExist() {
|
||
$backend = $this->setUpBackend();
|
||
$identifier = 'NonExistingIdentifier';
|
||
$inCache = $backend->remove($identifier);
|
||
$this->assertFalse($inCache,'"remove" did not return false when checking on non existing identifier');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Robert Lemke <robert@typo3.org>
|
||
* @author Karsten Dambekalns <karsten@typo3.org>
|
||
*/
|
||
public function flushByTagRemovesCacheEntriesWithSpecifiedTag() {
|
||
$backend = $this->setUpBackend();
|
||
$data = 'some data' . microtime();
|
||
$backend->set('BackendMemcacheTest1', $data, array('UnitTestTag%test', 'UnitTestTag%boring'));
|
||
$backend->set('BackendMemcacheTest2', $data, array('UnitTestTag%test', 'UnitTestTag%special'));
|
||
$backend->set('BackendMemcacheTest3', $data, array('UnitTestTag%test'));
|
||
$backend->flushByTag('UnitTestTag%special');
|
||
$this->assertTrue($backend->has('BackendMemcacheTest1'), 'BackendMemcacheTest1');
|
||
$this->assertFalse($backend->has('BackendMemcacheTest2'), 'BackendMemcacheTest2');
|
||
$this->assertTrue($backend->has('BackendMemcacheTest3'), 'BackendMemcacheTest3');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Karsten Dambekalns <karsten@typo3.org>
|
||
*/
|
||
public function flushRemovesAllCacheEntries() {
|
||
$backend = $this->setUpBackend();
|
||
$data = 'some data' . microtime();
|
||
$backend->set('BackendMemcacheTest1', $data);
|
||
$backend->set('BackendMemcacheTest2', $data);
|
||
$backend->set('BackendMemcacheTest3', $data);
|
||
$backend->flush();
|
||
$this->assertFalse($backend->has('BackendMemcacheTest1'), 'BackendMemcacheTest1');
|
||
$this->assertFalse($backend->has('BackendMemcacheTest2'), 'BackendMemcacheTest2');
|
||
$this->assertFalse($backend->has('BackendMemcacheTest3'), 'BackendMemcacheTest3');
|
||
}
|
||
/**
|
||
* @test
|
||
* @author Karsten Dambekalns <karsten@typo3.org>
|
||
* @author Ingo Renner <ingo@typo3.org>
|
||
*/
|
||
public function flushRemovesOnlyOwnEntries() {
|
||
$thisCache = $this->getMock('t3lib_cache_frontend_Frontend', array(), array(), '', FALSE);
|
||
$thisCache->expects($this->any())->method('getIdentifier')->will($this->returnValue('thisCache'));
|
||
$thisBackend = new t3lib_cache_backend_ApcBackend();
|
||
$thisBackend->setCache($thisCache);
|
||
$thatCache = $this->getMock('t3lib_cache_frontend_Frontend', array(), array(), '', FALSE);
|
||
$thatCache->expects($this->any())->method('getIdentifier')->will($this->returnValue('thatCache'));
|
||
$thatBackend = new t3lib_cache_backend_ApcBackend();
|
||
$thatBackend->setCache($thatCache);
|
||
$thisBackend->set('thisEntry', 'Hello');
|
||
$thatBackend->set('thatEntry', 'World!');
|
||
$thatBackend->flush();
|
||
$this->assertEquals('Hello', $thisBackend->get('thisEntry'));
|
||
$this->assertFalse($thatBackend->has('thatEntry'));
|
||
}
|
||
/**
|
||
* Check if we can store ~5 MB of data
|
||
*
|