banananetwork
/
roundcubemail
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
bnet/additions
master
release-1.4
release-1.3
release-1.2
release-1.1
dev/push
release-1.0
dev-fontawesome
dev-zenmode
release-0.9
release-0.8
release-0.7
release-0.6
release-2020-06-30-13-12
1.3.13
1.4.6
1.3.12
1.4.5
1.4.4
1.3.11
1.2.10
1.4.3
1.4.2
1.4.1
1.4.0
1.4-rc2
1.3.10
1.3.9
1.4-rc1
1.3.8
1.4-beta
1.3.7
1.2.9
1.1.12
1.1.11
1.2.8
1.3.6
1.3.5
1.3.4
1.3.3
1.2.7
1.1.10
1.0.12
1.3.2
1.2.6
1.3.1
1.3.0
1.0.11
1.1.9
1.2.5
1.3-rc
1.0.10
1.1.8
1.2.4
1.3-beta
1.1.7
1.2.3
1.1.6
1.2.2
1.2.1
1.2.0
1.0.9
1.1.5
1.2-rc
1.1.2
1.0.6
v0.9.5
v0.8.7
v0.9.4
v0.9.3
v0.9.2
v0.9.1
v0.9.0
0.7.4
v0.7.4
0.8.6
v0.8.6
0.9-rc2
v0.9-rc2
v0.9-rc
v0.8.5
v0.9-beta
v0.8.4
v0.8.3
v0.8.2
v0.8.1
v0.7.3
v0.8.0
v0.8-rc
v0.7.2
v0.8-beta
v0.7.1
v0.7
v0.7-beta2
v0.7-beta1
v0.6
v0.6-rc
v0.6-beta
v0.5.4
v0.5.4@5065
v0.5.4@5062
v0.5.3
v0.5.3@4832
v0.5.2
v0.5.2@4679
v0.5.1
v0.5.1@4518
v0.5
v0.5@4408
v0.5-rc
v0.5-rc@4349
v0.5-beta
v0.5-beta@4347
v0.4.2
v0.4.2@4050
v0.4.1
v0.4.1@4045
v0.4-beta
v0.4-beta@3548
v0.3.1
v0.3.1@3081
v0.3-stable
v0.3-stable@2921
v0.3-rc1
v0.3-beta
v0.3-beta@2799
v0.2.2
v0.2.2@2495
v0.2.1
v0.2.1@2348
v0.2.2@2481
v0.2-stable
v0.2-stable@2204
v0.2-beta
v0.2-beta@1878
v0.2-beta@1877
v0.2-alpha
v0.2-alpha@1499
v0.1.1
v0.1.1@1258
v0.1-stable
v0.1-stable@1183
v0.1-rc2
v0.1-rc2@900
v0.1-rc1
v0.1-rc1@582
v0.1-beta2
1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.0.5
1.0.7
1.0.8
1.1-beta
1.1-rc
1.1.0
1.1.1
1.1.3
1.1.4
1.2-beta
v1.0-beta
v1.0-rc
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e377ed30d2'
${ noResults }
roundcubemail/tests/Framework/Utils.php

197 lines
7.4 KiB
PHP
Raw Blame History

<?php
/**
* Test class to test rcube_utils class
*
* @package Tests
*/
class Framework_Utils extends PHPUnit_Framework_TestCase
{
/**
* Valid email addresses for test_valid_email()
*/
function data_valid_email()
{
return array(
array('email@domain.com', 'Valid email'),
array('firstname.lastname@domain.com', 'Email contains dot in the address field'),
array('email@subdomain.domain.com', 'Email contains dot with subdomain'),
array('firstname+lastname@domain.com', 'Plus sign is considered valid character'),
array('email@[123.123.123.123]', 'Square bracket around IP address'),
array('email@[IPv6:::1]', 'Square bracket around IPv6 address (1)'),
array('email@[IPv6:::1.2.3.4]', 'Square bracket around IPv6 address (2)'),
array('email@[IPv6:2001:2d12:c4fe:5afe::1]', 'Square bracket around IPv6 address (3)'),
array('"email"@domain.com', 'Quotes around email is considered valid'),
array('1234567890@domain.com', 'Digits in address are valid'),
array('email@domain-one.com', 'Dash in domain name is valid'),
array('_______@domain.com', 'Underscore in the address field is valid'),
array('email@domain.name', '.name is valid Top Level Domain name'),
array('email@domain.co.jp', 'Dot in Top Level Domain name also considered valid (use co.jp as example here)'),
array('firstname-lastname@domain.com', 'Dash in address field is valid'),
);
}
/**
* Invalid email addresses for test_invalid_email()
*/
function data_invalid_email()
{
return array(
array('plainaddress', 'Missing @ sign and domain'),
array('#@%^%#$@#$@#.com', 'Garbage'),
array('@domain.com', 'Missing username'),
array('Joe Smith <email@domain.com>', 'Encoded html within email is invalid'),
array('email.domain.com', 'Missing @'),
array('email@domain@domain.com', 'Two @ sign'),
array('.email@domain.com', 'Leading dot in address is not allowed'),
array('email.@domain.com', 'Trailing dot in address is not allowed'),
array('email..email@domain.com', 'Multiple dots'),
array('あいうえお@domain.com', 'Unicode char as address'),
array('email@domain.com (Joe Smith)', 'Text followed email is not allowed'),
array('email@domain', 'Missing top level domain (.com/.net/.org/etc)'),
array('email@-domain.com', 'Leading dash in front of domain is invalid'),
// array('email@domain.web', '.web is not a valid top level domain'),
array('email@123.123.123.123', 'IP address without brackets'),
array('email@2001:2d12:c4fe:5afe::1', 'IPv6 address without brackets'),
array('email@IPv6:2001:2d12:c4fe:5afe::1', 'IPv6 address without brackets (2)'),
array('email@[111.222.333.44444]', 'Invalid IP format'),
array('email@[111.222.255.257]', 'Invalid IP format (2)'),
array('email@[.222.255.257]', 'Invalid IP format (3)'),
array('email@[::1]', 'Invalid IPv6 format (1)'),
array('email@[IPv6:2001:23x2:1]', 'Invalid IPv6 format (2)'),
array('email@[IPv6:1111:2222:33333::4444:5555]', 'Invalid IPv6 format (3)'),
array('email@[IPv6:1111::3333::4444:5555]', 'Invalid IPv6 format (4)'),
array('email@domain..com', 'Multiple dot in the domain portion is invalid'),
);
}
/**
* @dataProvider data_valid_email
*/
function test_valid_email($email, $title)
{
$this->assertTrue(rcube_utils::check_email($email, false), $title);
}
/**
* @dataProvider data_invalid_email
*/
function test_invalid_email($email, $title)
{
$this->assertFalse(rcube_utils::check_email($email, false), $title);
}
/**
* Valid IP addresses for test_valid_ip()
*/
function data_valid_ip()
{
return array(
array('0.0.0.0'),
array('123.123.123.123'),
array('::'),
array('::1'),
array('::1.2.3.4'),
array('2001:2d12:c4fe:5afe::1'),
);
}
/**
* Valid IP addresses for test_invalid_ip()
*/
function data_invalid_ip()
{
return array(
array(''),
array(0),
array('123.123.123.1234'),
array('1.1.1.1.1'),
array('::1.2.3.260'),
array('::1.0'),
array('2001::c4fe:5afe::1'),
);
}
/**
* @dataProvider data_valid_ip
*/
function test_valid_ip($ip)
{
$this->assertTrue(rcube_utils::check_ip($ip));
}
/**
* @dataProvider data_invalid_ip
*/
function test_invalid_ip($ip)
{
$this->assertFalse(rcube_utils::check_ip($ip));
}
/**
* Data for test_rep_specialchars_output()
*/
function data_rep_specialchars_output()
{
return array(
array('', '', 'abc', 'abc'),
array('', '', '?', '?'),
array('', '', '"', '&quot;'),
array('', '', '<', '&lt;'),
array('', '', '>', '&gt;'),
array('', '', '&', '&amp;'),
array('', '', '&amp;', '&amp;amp;'),
array('', '', '<a>', '&lt;a&gt;'),
array('', 'remove', '<a>', ''),
);
}
/**
* Test for rep_specialchars_output
* @dataProvider data_rep_specialchars_output
*/
function test_rep_specialchars_output($type, $mode, $str, $res)
{
$result = rcube_utils::rep_specialchars_output(
$str, $type ? $type : 'html', $mode ? $mode : 'strict');
$this->assertEquals($result, $res);
}
/**
* rcube_utils::mod_css_styles()
*/
function test_mod_css_styles()
{
$css = file_get_contents(TESTS_DIR . 'src/valid.css');
$mod = rcube_utils::mod_css_styles($css, 'rcmbody');
$this->assertRegExp('/#rcmbody\s+\{/', $mod, "Replace body style definition");
$this->assertRegExp('/#rcmbody h1\s\{/', $mod, "Prefix tag styles (single)");
$this->assertRegExp('/#rcmbody h1, #rcmbody h2, #rcmbody h3, #rcmbody textarea\s+\{/', $mod, "Prefix tag styles (multiple)");
$this->assertRegExp('/#rcmbody \.noscript\s+\{/', $mod, "Prefix class styles");
}
/**
* rcube_utils::mod_css_styles()
*/
function test_mod_css_styles_xss()
{
$mod = rcube_utils::mod_css_styles("body.main2cols { background-image: url('../images/leftcol.png'); }", 'rcmbody');
$this->assertEquals("/* evil! */", $mod, "No url() values allowed");
$mod = rcube_utils::mod_css_styles("@import url('http://localhost/somestuff/css/master.css');", 'rcmbody');
$this->assertEquals("/* evil! */", $mod, "No import statements");
$mod = rcube_utils::mod_css_styles("left:expression(document.body.offsetWidth-20)", 'rcmbody');
$this->assertEquals("/* evil! */", $mod, "No expression properties");
$mod = rcube_utils::mod_css_styles("left:exp/* */ression( alert(&#039;xss3&#039;) )", 'rcmbody');
$this->assertEquals("/* evil! */", $mod, "Don't allow encoding quirks");
$mod = rcube_utils::mod_css_styles("background:\\0075\\0072\\006c( javascript:alert(&#039;xss&#039;) )", 'rcmbody');
$this->assertEquals("/* evil! */", $mod, "Don't allow encoding quirks (2)");
}
}
Reference in New Issue View Git Blame Copy Permalink