diff options
Diffstat (limited to 'tests/codeigniter')
-rw-r--r-- | tests/codeigniter/core/Input_test.php | 64 | ||||
-rw-r--r-- | tests/codeigniter/core/Security_test.php | 20 |
2 files changed, 71 insertions, 13 deletions
diff --git a/tests/codeigniter/core/Input_test.php b/tests/codeigniter/core/Input_test.php index 21ff6d81f..c56900d22 100644 --- a/tests/codeigniter/core/Input_test.php +++ b/tests/codeigniter/core/Input_test.php @@ -134,6 +134,14 @@ class Input_test extends CI_TestCase { $this->assertEquals('bar', $foo); $this->assertEquals("Hello, i try to <script>alert('Hack');</script> your site", $harm); $this->assertEquals("Hello, i try to [removed]alert('Hack');[removed] your site", $harmless); + + $_SERVER['REQUEST_METHOD'] = 'POST'; + $_POST['foo']['bar'] = 'baz'; + $barArray = array('bar' => 'baz'); + + $this->assertEquals('baz', $this->input->post('foo[bar]')); + $this->assertEquals($barArray, $this->input->post('foo[]')); + $this->assertNull($this->input->post('foo[baz]')); } // -------------------------------------------------------------------- @@ -198,9 +206,22 @@ class Input_test extends CI_TestCase { $this->markTestSkipped('TODO: Find a way to test HTTP headers'); } + // -------------------------------------------------------------------- + + public function test_get_request_header() + { + $this->markTestSkipped('TODO: Find a way to test HTTP headers'); + } + + // -------------------------------------------------------------------- + public function test_ip_address() { + $this->input->ip_address = '127.0.0.1'; + $this->assertEquals('127.0.0.1', $this->input->ip_address()); + // 127.0.0.1 is set in our Bootstrap file + $this->input->ip_address = FALSE; $this->assertEquals('127.0.0.1', $this->input->ip_address()); // Invalid @@ -208,10 +229,47 @@ class Input_test extends CI_TestCase { $this->input->ip_address = FALSE; // reset cached value $this->assertEquals('0.0.0.0', $this->input->ip_address()); - // TODO: Add proxy_ips tests + $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; - // Back to reality + // Proxy_ips tests + $this->input->ip_address = FALSE; + $this->ci_set_config('proxy_ips', '127.0.0.3, 127.0.0.4, 127.0.0.2'); + $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.2'; + $this->assertEquals('127.0.0.1', $this->input->ip_address()); + + // Invalid spoof + $this->input->ip_address = FALSE; + $this->ci_set_config('proxy_ips', 'invalid_ip_address'); + $_SERVER['HTTP_CLIENT_IP'] = 'invalid_ip_address'; + $this->assertEquals('127.0.0.1', $this->input->ip_address()); + + $this->input->ip_address = FALSE; + $this->ci_set_config('proxy_ips', 'http://foo/bar/baz, 127.0.0.1/1'); + $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.1'; + $this->assertEquals('127.0.0.1', $this->input->ip_address()); + + $this->input->ip_address = FALSE; + $this->ci_set_config('proxy_ips', 'http://foo/bar/baz, 127.0.0.2'); + $_SERVER['HTTP_CLIENT_IP'] = '127.0.0.2'; + $_SERVER['REMOTE_ADDR'] = '127.0.0.2'; + $this->assertEquals('127.0.0.2', $this->input->ip_address()); + + //IPv6 + $this->input->ip_address = FALSE; + $this->ci_set_config('proxy_ips', 'FE80:0000:0000:0000:0202:B3FF:FE1E:8329/1, FE80:0000:0000:0000:0202:B3FF:FE1E:8300/2'); + $_SERVER['HTTP_CLIENT_IP'] = 'FE80:0000:0000:0000:0202:B3FF:FE1E:8300'; + $_SERVER['REMOTE_ADDR'] = 'FE80:0000:0000:0000:0202:B3FF:FE1E:8329'; + $this->assertEquals('FE80:0000:0000:0000:0202:B3FF:FE1E:8300', $this->input->ip_address()); + + $this->input->ip_address = FALSE; $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; // back to reality } -}
\ No newline at end of file + // -------------------------------------------------------------------- + + public function test_user_agent() + { + $_SERVER['HTTP_USER_AGENT'] = 'test'; + $this->assertEquals('test', $this->input->user_agent()); + } +} diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index 7f467fb1b..b5524da0f 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -138,12 +138,12 @@ class Security_test extends CI_TestCase { public function test_remove_evil_attributes() { - $this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo onAttribute="bar">', false)); - $this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo onAttributeNoQuotes=bar>', false)); - $this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo onAttributeWithSpaces = bar>', false)); - $this->assertEquals('<foo prefixOnAttribute="bar">', $this->security->remove_evil_attributes('<foo prefixOnAttribute="bar">', false)); - $this->assertEquals('<foo>onOutsideOfTag=test</foo>', $this->security->remove_evil_attributes('<foo>onOutsideOfTag=test</foo>', false)); - $this->assertEquals('onNoTagAtAll = true', $this->security->remove_evil_attributes('onNoTagAtAll = true', false)); + $this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo onAttribute="bar">', FALSE)); + $this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo onAttributeNoQuotes=bar>', FALSE)); + $this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo onAttributeWithSpaces = bar>', FALSE)); + $this->assertEquals('<foo prefixOnAttribute="bar">', $this->security->remove_evil_attributes('<foo prefixOnAttribute="bar">', FALSE)); + $this->assertEquals('<foo>onOutsideOfTag=test</foo>', $this->security->remove_evil_attributes('<foo>onOutsideOfTag=test</foo>', FALSE)); + $this->assertEquals('onNoTagAtAll = true', $this->security->remove_evil_attributes('onNoTagAtAll = true', FALSE)); } // -------------------------------------------------------------------- @@ -199,7 +199,7 @@ class Security_test extends CI_TestCase { public function test_strip_image_tags() { - $imgtags = Array( + $imgtags = array( '<img src="smiley.gif" alt="Smiley face" height="42" width="42">', '<img alt="Smiley face" height="42" width="42" src="smiley.gif">', '<img src="http://www.w3schools.com/images/w3schools_green.jpg">', @@ -210,7 +210,7 @@ class Security_test extends CI_TestCase { '<img srcq="/img/sunset.gif" height="100%" width="100%">' ); - $urls = Array( + $urls = array( 'smiley.gif', 'smiley.gif', 'http://www.w3schools.com/images/w3schools_green.jpg', @@ -221,7 +221,7 @@ class Security_test extends CI_TestCase { '<img srcq="/img/sunset.gif" height="100%" width="100%">' ); - for($i = 0; $i < count($imgtags); $i++) + for ($i = 0; $i < count($imgtags); $i++) { $this->assertEquals($urls[$i], $this->security->strip_image_tags($imgtags[$i])); } @@ -245,4 +245,4 @@ class Security_test extends CI_TestCase { $this->assertNotEmpty($this->security->get_csrf_hash()); } -}
\ No newline at end of file +} |