diff options
author | Heesung Ahn <ahn.heesung@gmail.com> | 2015-03-10 00:36:29 +0100 |
---|---|---|
committer | Heesung Ahn <ahn.heesung@gmail.com> | 2015-03-10 00:36:29 +0100 |
commit | 34eca8aa7ffbbacd18a54809a25e63db389eacd3 (patch) | |
tree | d98a50110147f857f33c3419369e56067c32780a /tests | |
parent | 22ade0ddd55fe76a39be529eab05fff3209170da (diff) |
Update Security Unit test
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/codeigniter/core/Security_test.php | 36 |
1 files changed, 18 insertions, 18 deletions
diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index 7d415131b..8faf1b58a 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -45,7 +45,7 @@ class Security_test extends CI_TestCase { $this->assertInstanceOf('CI_Security', $this->security->csrf_verify()); } - + // -------------------------------------------------------------------- public function test_get_csrf_hash() @@ -70,7 +70,7 @@ class Security_test extends CI_TestCase { $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless_string); } - + // -------------------------------------------------------------------- public function test_xss_clean_string_array() @@ -87,9 +87,9 @@ class Security_test extends CI_TestCase { $this->assertEquals("Simple clean string", $harmless_strings[1]); $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless_strings[2]); } - + // -------------------------------------------------------------------- - + public function test_xss_clean_image_valid() { $harm_string = '<img src="test.png">'; @@ -98,9 +98,9 @@ class Security_test extends CI_TestCase { $this->assertTrue($xss_clean_return); } - + // -------------------------------------------------------------------- - + public function test_xss_clean_image_invalid() { $harm_string = '<img src=javascript:alert(String.fromCharCode(88,83,83))>'; @@ -109,31 +109,31 @@ class Security_test extends CI_TestCase { $this->assertFalse($xss_clean_return); } - + // -------------------------------------------------------------------- - + public function test_xss_clean_entity_double_encoded() { $input = '<a href="&#106&#97&#118&#97&#115&#99&#114&#105&#112&#116&#58&#99&#111&#110&#102&#105&#114&#109&#40&#49&#41">Clickhere</a>'; $this->assertEquals('<a >Clickhere</a>', $this->security->xss_clean($input)); } - + // -------------------------------------------------------------------- - + public function test_xss_clean_js_img_removal() { $input = '<img src="&#106&#97&#118&#97&#115&#99&#114&#105&#112&#116&#58&#99&#111&#110&#102&#105&#114&#109&#40&#49&#41">Clickhere'; $this->assertEquals('<img >', $this->security->xss_clean($input)); } - + // -------------------------------------------------------------------- - + public function test_xss_clean_sanitize_naughty_html() { $input = '<blink>'; $this->assertEquals('<blink>', $this->security->xss_clean($input)); } - + // -------------------------------------------------------------------- public function test_remove_evil_attributes() @@ -159,7 +159,7 @@ class Security_test extends CI_TestCase { } // -------------------------------------------------------------------- - + public function test_get_random_bytes() { $length = "invalid"; @@ -169,7 +169,7 @@ class Security_test extends CI_TestCase { $length = 10; $this->assertNotEmpty($this->security->get_random_bytes($length)); } - + // -------------------------------------------------------------------- public function test_entity_decode() @@ -195,7 +195,7 @@ class Security_test extends CI_TestCase { $this->assertEquals('foo', $safe_filename); } - + // -------------------------------------------------------------------- public function test_strip_image_tags() @@ -227,9 +227,9 @@ class Security_test extends CI_TestCase { $this->assertEquals($urls[$i], $this->security->strip_image_tags($imgtags[$i])); } } - + // -------------------------------------------------------------------- - + public function test_csrf_set_hash() { // Set cookie for security test |