summaryrefslogtreecommitdiff
path: root/frontend/gamma/tests/tests/Clipperz/Base.test.js
Side-by-side diff
Diffstat (limited to 'frontend/gamma/tests/tests/Clipperz/Base.test.js') (more/less context) (ignore whitespace changes)
-rw-r--r--frontend/gamma/tests/tests/Clipperz/Base.test.js367
1 files changed, 367 insertions, 0 deletions
diff --git a/frontend/gamma/tests/tests/Clipperz/Base.test.js b/frontend/gamma/tests/tests/Clipperz/Base.test.js
new file mode 100644
index 0000000..e5c7caf
--- a/dev/null
+++ b/frontend/gamma/tests/tests/Clipperz/Base.test.js
@@ -0,0 +1,367 @@
+/*
+
+Copyright 2008-2011 Clipperz Srl
+
+This file is part of Clipperz's Javascript Crypto Library.
+Javascript Crypto Library provides web developers with an extensive
+and efficient set of cryptographic functions. The library aims to
+obtain maximum execution speed while preserving modularity and
+reusability.
+For further information about its features and functionalities please
+refer to http://www.clipperz.com
+
+* Javascript Crypto Library is free software: you can redistribute
+ it and/or modify it under the terms of the GNU Affero General Public
+ License as published by the Free Software Foundation, either version
+ 3 of the License, or (at your option) any later version.
+
+* Javascript Crypto Library is distributed in the hope that it will
+ be useful, but WITHOUT ANY WARRANTY; without even the implied
+ warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ See the GNU Affero General Public License for more details.
+
+* You should have received a copy of the GNU Affero General Public
+ License along with Javascript Crypto Library. If not, see
+ <http://www.gnu.org/licenses/>.
+
+*/
+
+
+//=============================================================================
+
+testEvalJSON = function(aString, shouldFail, aDescription) {
+ var result;
+
+ if (shouldFail == true) {
+ try {
+ result = Clipperz.Base.evalJSON(aString);
+ is(true, false, aDescription + ": vulnerability not caught");
+//console.log(result);
+ } catch(exception) {
+ is(true, true, aDescription + ": vulnerability correctly caught");
+ }
+ } else {
+ try {
+ result = Clipperz.Base.evalJSON(aString);
+ is(true, true, aDescription + ": configuration correctly checked");
+ } catch(exception) {
+ is(true, false, aDescription + ": configuration wrongly caught as malicious");
+// console.log(exception);
+ }
+ }
+
+ return result;
+}
+
+//=============================================================================
+
+var tests = {
+
+ '001_test': function () {
+ var stringToSplit;
+ var splittedString;
+
+ stringToSplit = "stringToSplit";
+ splittedString = Clipperz.Base.splitStringAtFixedTokenSize(stringToSplit, 2);
+ is(splittedString.length, 7);
+ is(splittedString[0], 'st');
+ is(splittedString[1], 'ri');
+ is(splittedString[2], 'ng');
+ is(splittedString[3], 'To');
+ is(splittedString[4], 'Sp');
+ is(splittedString[5], 'li');
+ is(splittedString[6], 't', "test that should pass");
+
+ stringToSplit = "stringToSplit";
+ splittedString = Clipperz.Base.splitStringAtFixedTokenSize(stringToSplit, 20);
+ is(splittedString.length, 1);
+ is(splittedString[0], 'stringToSplit');
+
+ stringToSplit = null;
+ splittedString = Clipperz.Base.splitStringAtFixedTokenSize(stringToSplit, 20);
+ is(splittedString.length, 0);
+ },
+
+ //-------------------------------------------------------------------------
+
+ '002_test': function () {
+ var anObject;
+
+ anObject = "String";
+ is(Clipperz.Base.objectType(anObject), 'string', "test on strings (1)");
+ anObject = new String("String");
+ is(Clipperz.Base.objectType(anObject), 'string', "test on strings (2)");
+
+ anObject = 120;
+ is(Clipperz.Base.objectType(anObject), 'number', "test on numbers (1)");
+ anObject = new Number(120);
+ is(Clipperz.Base.objectType(anObject), 'number', "test on numbers (2)");
+
+ anObject = true;
+ is(Clipperz.Base.objectType(anObject), 'boolean', "test on booleans (1)");
+ anObject = new Boolean(true);
+ is(Clipperz.Base.objectType(anObject), 'boolean', "test on booleans (2)");
+
+ anObject = new Date;
+ is(Clipperz.Base.objectType(anObject), 'date', "test on dates");
+
+ anObject = new Error("test");
+ is(Clipperz.Base.objectType(anObject), 'error', "test on errors");
+
+ anObject = function() {};
+ is(Clipperz.Base.objectType(anObject), 'function', "test on functions");
+
+ anObject = new Object();
+ is(Clipperz.Base.objectType(anObject), 'object', "test on objects");
+
+
+ anObject = [1, 2, 3];
+ is(Clipperz.Base.objectType(anObject), 'array', "test on arrays");
+ },
+
+ //-------------------------------------------------------------------------
+
+ '003_test': function () {
+ var original, clone;
+
+ original = {
+ a: "a",
+ b: "b"
+ };
+
+ clone = Clipperz.Base.deepClone(original);
+ is(MochiKit.Base.compare(original, clone), 0, "simple cloning return two equal objects");
+
+ clone.c = "c";
+ is(MochiKit.Base.compare(original, clone), -1, "changing an object leave the original object unchanged");
+
+ original = {
+ a: "a",
+ b: "b",
+ nested: {
+ a1: "a1",
+ b1: "b1"
+ }
+ };
+
+ clone = Clipperz.Base.deepClone(original);
+ is(MochiKit.Base.compare(original, clone), 0, "cloning of an object with nested values return two equal objects");
+
+ clone.nested.c1 = "c1";
+ is(MochiKit.Base.compare(original, clone), -1, "changing a nested value leave the original object unchanged");
+ },
+
+ //-------------------------------------------------------------------------
+
+ '004_test': function () {
+ var jsonString;
+
+ jsonString = '{"page": {"title": "Example Attack"},"form": { "attributes": { "action": "javascript:opener.document.body.innerHTML = \'hacked!\';close();", "style": "-moz-binding:url(\'http://ha.ckers.org/xssmoz.xml#xss\')", "method": null }, "inputs": [{"type": "text", "name": "username", "value": ""}, {"type": "password", "name": "password", "value": ""}]},"version": "0.2.3" }';
+ testEvalJSON(jsonString, false, "");
+
+ // jsonString = '{"0":{"label":"<script>alert(\"Ciao Marco\")< /script>","key":"ebc9782019bf9aa757e9c4d716ab303e2050b60c4b9a06b18ab09a417e0ddf00"}, "1":{"label":"<iframe><script>alert(\\"Ciao ragazzi\\")< /script></iframe>", "key":"413cfb122a1601c50e0f9462978ba77a36fdcecb49dda7550ee129dc114ba328"}}';
+ jsonString = new Clipperz.ByteArray().appendBase64String("eyIwIjp7ImxhYmVsIjoiPHNjcmlwdD5hbGVydChcIkNpYW8gTWFyY29cIik8L3NjcmlwdD4iLCAia2V5IjoiZWJjOTc4MjAxOWJmOWFhNzU3ZTljNGQ3MTZhYjMwM2UyMDUwYjYwYzRiOWEwNmIxOGFiMDlhNDE3ZTBkZGYwMCJ9LCAiMSI6eyJsYWJlbCI6IjxpZnJhbWU+PHNjcmlwdD5hbGVydChcIkNpYW8gcmFnYXp6aVwiKTwvc2NyaXB0PjwvaWZyYW1lPiIsICJrZXkiOiI0MTNjZmIxMjJhMTYwMWM1MGUwZjk0NjI5NzhiYTc3YTM2ZmRjZWNiNDlkZGE3NTUwZWUxMjlkYzExNGJhMzI4In19").asString();
+ testEvalJSON(jsonString, false);
+
+ jsonString = 'alert("foobar");';
+ testEvalJSON(jsonString, true);
+
+ // jsonString = '<script>alert("foobar");< /script>';
+ jsonString = new Clipperz.ByteArray().appendBase64String("PHNjcmlwdD5hbGVydCgiZm9vYmFyIik7PC9zY3JpcHQ+").asString();
+ testEvalJSON(jsonString, true);
+
+ jsonString = '{"xss": alert("XSS!")}';
+ testEvalJSON(jsonString, true);
+
+ jsonString = '{"inner": {"xss": alert("XSS!")}}';
+ testEvalJSON(jsonString, true);
+ },
+
+ //-------------------------------------------------------------------------
+
+ 'Clipperz.Base.itemgetter_test': function () {
+ var anObject;
+
+ anObject = {
+ key1: 'value1',
+ key2: {
+ key2_1: 'value2_1',
+ key2_2: 'value2_2'
+ },
+ key3: {
+ key3_1: {
+ key3_1_1: 'value3_1_1',
+ key3_1_2: 'value3_1_2'
+ },
+ key3_2: {
+ key3_2_1: 'value3_2_1',
+ key3_2_2: 'value3_2_2'
+ }
+ }
+ };
+
+ SimpleTest.is(Clipperz.Base.itemgetter('key1')(anObject), "value1", "Clipperz.Base.itemgetter works as MochiKit.Base.itemgetter");
+ SimpleTest.is(Clipperz.Base.itemgetter('key2.key2_1')(anObject), "value2_1", "Clipperz.Base.itemgetter works also with keypaths");
+ SimpleTest.is(Clipperz.Base.itemgetter('key3.key3_2.key3_2_2')(anObject), "value3_2_2", "Clipperz.Base.itemgetter works also with 'long' keypaths");
+ },
+
+ //-------------------------------------------------------------------------
+
+ 'Clipperz.Base.caseInsensitiveCompare_test': function () {
+ var comparator;
+ var objects;
+
+ comparator = Clipperz.Base.caseInsensitiveCompare;
+ objects = [ 'ccc', 'aaa', 'bbb', 'eee', 'ddd'];
+ SimpleTest.isDeeply(['aaa', 'bbb', 'ccc', 'ddd', 'eee'], objects.sort(comparator), "caseInsensitiveCompare works with all lowercase values");
+
+ comparator = MochiKit.Base.compare;
+ objects = [ 'ccc', 'AAA', 'bbb', 'EEE', 'ddd'];
+ SimpleTest.isDeeply(['AAA', 'EEE', 'bbb', 'ccc', 'ddd'], objects.sort(comparator), "caseInsensitiveCompare works with all lowercase values");
+
+ comparator = Clipperz.Base.caseInsensitiveCompare;
+ objects = [ 'ccc', 'AAA', 'bbb', 'EEE', 'ddd'];
+ SimpleTest.isDeeply(['AAA', 'bbb', 'ccc', 'ddd', 'EEE'], objects.sort(comparator), "caseInsensitiveCompare works with all lowercase values");
+ },
+
+ //-------------------------------------------------------------------------
+
+ 'Clipperz.Base.reverseComparator_test': function () {
+ var comparator;
+ var objects;
+
+ comparator = MochiKit.Base.compare;
+ objects = [5, 3, 2, 4, 1];
+ SimpleTest.isDeeply([1, 2, 3, 4, 5], objects.sort(comparator), "a regular comparator works fine");
+
+ comparator = Clipperz.Base.reverseComparator(MochiKit.Base.compare);
+ objects = [5, 3, 2, 4, 1];
+ SimpleTest.isDeeply([5, 4, 3, 2 ,1], objects.sort(comparator), "a reversed comparator works fine");
+
+ comparator = MochiKit.Base.keyComparator('label');
+ objects = [ {label:"5"}, {label:"3"}, {label:"1"}, {label:"4"}, {label:"2"}];
+ SimpleTest.isDeeply([ {label:"1"}, {label:"2"}, {label:"3"}, {label:"4"}, {label:"5"}], objects.sort(comparator), "a regular keyComparator works fine");
+
+ comparator = Clipperz.Base.reverseComparator(MochiKit.Base.keyComparator('label'));
+ objects = [ {label:"5"}, {label:"3"}, {label:"1"}, {label:"4"}, {label:"2"}];
+ SimpleTest.isDeeply([ {label:"5"}, {label:"4"}, {label:"3"}, {label:"2"}, {label:"1"}], objects.sort(comparator), "a reversed keyComparator works fine");
+ },
+
+ //-------------------------------------------------------------------------
+
+ 'Clipperz.Base.map_test': function () {
+ var objects;
+ var computedObjecs;
+
+ objects = [5, 3, 2, 4, 1];
+ computedObjecs = Clipperz.Base.map(function (aValue) { return aValue * 2;}, objects);
+ SimpleTest.isDeeply(computedObjecs, [10, 6, 4, 8, 2], "the mapped values of the array do match");
+
+ objects = {
+ 'five': 5,
+ 'three': 3,
+ 'two': 2,
+ 'four': 4,
+ 'one': 1
+ };
+ computedObjecs = Clipperz.Base.map(function (aValue) { return aValue * 2;}, objects);
+ SimpleTest.isDeeply(computedObjecs, {
+ 'five': 10,
+ 'three': 6,
+ 'two': 4,
+ 'four': 8,
+ 'one': 2
+ }, "the mapped values of the object do match");
+ },
+
+ //-------------------------------------------------------------------------
+
+ 'Clipperz.Base.isUrl_test': function () {
+ var urlTestCases;
+
+ urlTestCases = [
+ {url:'http://foo.com/blah_blah', expectedResult:true},
+ {url:'http://foo.com/blah_blah', expectedResult:true},
+ {url:'http://foo.com/blah_blah/', expectedResult:true},
+ {url:'http://foo.com/blah_blah_(wikipedia)', expectedResult:true},
+ {url:'http://foo.com/blah_blah.', expectedResult:true},
+ {url:'http://foo.com/blah_blah/.', expectedResult:true},
+ {url:'http://foo.com/blah_blah,', expectedResult:true},
+ {url:'http://✪df.ws/123', expectedResult:true},
+ {url:'http://➡.ws/䨹', expectedResult:true},
+ {url:'www.➡.ws/䨹', expectedResult:true},
+ {url:'http://www.example.com/wpstyle/?p=364.', expectedResult:true},
+ {url:'www.clipperz.com', expectedResult:true},
+ {url:'http://www.clipperz.com', expectedResult:true},
+ {url:'http://clipperz.com', expectedResult:true},
+
+ {url:'clipperz.com', expectedResult:false},
+// {url:'www.clipperz', expectedResult:false},
+// {url:'www.abc', expectedResult:false},
+ {url:'joe@clipperz.com', expectedResult:false},
+ {url:'<http://foo.com/blah_blah>', expectedResult:false},
+ {url:'<http://foo.com/blah_blah/>', expectedResult:false},
+ {}
+ ];
+
+ MochiKit.Base.map(function (someValues) {
+ if (typeof(someValues['url']) != 'undefined') {
+ SimpleTest.is(Clipperz.Base.isUrl(someValues['url']), someValues['expectedResult'], "testing url '" + someValues['url'] + "' - expected result: " + someValues['expectedResult']);
+ }
+ }, urlTestCases);
+
+/*
+ // RegExp and test strings courtesy of John Gruber: http://daringfireball.net/2009/11/liberal_regex_for_matching_urls
+ SimpleTest.is(Clipperz.Base.isUrl('http://foo.com/blah_blah'), true, "url test +1");
+ SimpleTest.is(Clipperz.Base.isUrl('http://foo.com/blah_blah/'), true, "url test +2");
+ SimpleTest.is(Clipperz.Base.isUrl('http://foo.com/blah_blah_(wikipedia)'), true, "url test +3");
+ SimpleTest.is(Clipperz.Base.isUrl('http://foo.com/blah_blah.'), true, "url test +4");
+ SimpleTest.is(Clipperz.Base.isUrl('http://foo.com/blah_blah/.'), true, "url test +5");
+ SimpleTest.is(Clipperz.Base.isUrl('<http://foo.com/blah_blah>'), true, "url test +6");
+ SimpleTest.is(Clipperz.Base.isUrl('<http://foo.com/blah_blah/>'), true, "url test +7");
+ SimpleTest.is(Clipperz.Base.isUrl('http://foo.com/blah_blah,'), true, "url test +8");
+ SimpleTest.is(Clipperz.Base.isUrl('http://✪df.ws/123'), true, "url test +9");
+ SimpleTest.is(Clipperz.Base.isUrl('http://➡.ws/䨹'), true, "url test +10");
+ SimpleTest.is(Clipperz.Base.isUrl('www.➡.ws/䨹'), true, "url test +11");
+ SimpleTest.is(Clipperz.Base.isUrl('http://www.example.com/wpstyle/?p=364.'),true, "url test +12");
+ SimpleTest.is(Clipperz.Base.isUrl('www.clipperz.com'), true, "url test +13");
+ SimpleTest.is(Clipperz.Base.isUrl('http://www.clipperz.com'), true, "url test +14");
+
+// SimpleTest.is(Clipperz.Base.isUrl('http://userid@example.com'), true, "url test +13"); // FAIL
+// SimpleTest.is(Clipperz.Base.isUrl('http://userid@example.com:8080'), true, "url test +14"); // FAIL
+// SimpleTest.is(Clipperz.Base.isUrl('http://userid:password@example.com'), true, "url test +15"); // FAIL
+// SimpleTest.is(Clipperz.Base.isUrl('http://userid:password@example.com:8080'), true, "url test +16"); // FAIL
+
+
+ SimpleTest.is(Clipperz.Base.isUrl('joe@clipperz.com'), false, "url test -1");
+ SimpleTest.is(Clipperz.Base.isUrl('rdar://1234'), false, "url test -2");
+ SimpleTest.is(Clipperz.Base.isUrl('rdar:/1234'), false, "url test -3");
+ SimpleTest.is(Clipperz.Base.isUrl('http://example.com:8080 x-yojimbo-item://6303E4C1-xxxx-45A6-AB9D-3A908F59AE0E'), false, "url test -4");
+ SimpleTest.is(Clipperz.Base.isUrl('message://%3c330e7f8409726r6a4ba78dkf1fd71420c1bf6ff@mail.gmail.com%3e'), false, "url test -5");
+*/
+ },
+
+ //-------------------------------------------------------------------------
+
+ 'Clipperz.Base.isEmail_test': function () {
+ var emailTestCases;
+
+ emailTestCases = [
+ {email:'joe@clipperz.com', expectedResult:true},
+
+ {email:'http://foo.com/blah_blah', expectedResult:false}
+ ];
+
+ MochiKit.Base.map(function (someValues) {
+ SimpleTest.is(Clipperz.Base.isEmail(someValues['email']), someValues['expectedResult'], "testing email '" + someValues['email'] + "' - expected result: " + someValues['expectedResult']);
+ }, emailTestCases);
+ },
+
+ //-------------------------------------------------------------------------
+
+ 'syntaxFix': MochiKit.Base.noop
+}
+
+//=============================================================================
+
+SimpleTest.runDeferredTests("Clipperz.Base", tests, {trace:false});