Mercurial > libervia-backend

comparison sat/test/test_plugin_misc_text_syntaxes.py @ 3028:ab2696e34d29

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Python 3 port: /!\ this is a huge commit /!\ starting from this commit, SàT is needs Python 3.6+ /!\ SàT maybe be instable or some feature may not work anymore, this will improve with time This patch port backend, bridge and frontends to Python 3. Roughly this has been done this way: - 2to3 tools has been applied (with python 3.7) - all references to python2 have been replaced with python3 (notably shebangs) - fixed files not handled by 2to3 (notably the shell script) - several manual fixes - fixed issues reported by Python 3 that where not handled in Python 2 - replaced "async" with "async_" when needed (it's a reserved word from Python 3.7) - replaced zope's "implements" with @implementer decorator - temporary hack to handle data pickled in database, as str or bytes may be returned, to be checked later - fixed hash comparison for password - removed some code which is not needed anymore with Python 3 - deactivated some code which needs to be checked (notably certificate validation) - tested with jp, fixed reported issues until some basic commands worked - ported Primitivus (after porting dependencies like urwid satext) - more manual fixes
author Goffi <goffi@goffi.org>
date Tue, 13 Aug 2019 19:08:41 +0200
parents 003b8b4b56a7
children 9d0df638c8b4
comparison
equal deleted inserted replaced
3027:ff5bcb12ae60 3028:ab2696e34d29
1 #!/usr/bin/env python2 1 #!/usr/bin/env python3
2 # -*- coding: utf-8 -*- 2 # -*- coding: utf-8 -*-
3 3
4 # SAT: a jabber client 4 # SAT: a jabber client
5 # Copyright (C) 2009-2019 Jérôme Poisson (goffi@goffi.org) 5 # Copyright (C) 2009-2019 Jérôme Poisson (goffi@goffi.org)
6 6
21 21
22 from sat.test import helpers 22 from sat.test import helpers
23 from sat.plugins import plugin_misc_text_syntaxes 23 from sat.plugins import plugin_misc_text_syntaxes
24 from twisted.trial.unittest import SkipTest 24 from twisted.trial.unittest import SkipTest
25 import re 25 import re
26 import importlib
26 27
27 28
28 class SanitisationTest(helpers.SatTestCase): 29 class SanitisationTest(helpers.SatTestCase):
29 30
30 EVIL_HTML1 = """ 31 EVIL_HTML1 = """
56 57
57 EVIL_HTML2 = """<p style='display: None; test: blah; background: url(: alert()); color: blue;'>test <strong>retest</strong><br><span style="background-color: (alert('bouh')); titi; color: #cf2828; font-size: 3px; direction: !important; color: red; color: red !important; font-size: 100px !important; font-size: 100px ! important; font-size: 100%; font-size: 100ox; font-size: 100px; font-size: 100;;;; font-size: 100 %; color: 100 px 1.7em; color: rgba(0, 0, 0, 0.1); color: rgb(35,79,255); background-color: no-repeat; background-color: :alert(1); color: (alert('XSS')); color: (window.location='http://example.org/'); color: url(:window.location='http://example.org/'); "> toto </span></p>""" 58 EVIL_HTML2 = """<p style='display: None; test: blah; background: url(: alert()); color: blue;'>test <strong>retest</strong><br><span style="background-color: (alert('bouh')); titi; color: #cf2828; font-size: 3px; direction: !important; color: red; color: red !important; font-size: 100px !important; font-size: 100px ! important; font-size: 100%; font-size: 100ox; font-size: 100px; font-size: 100;;;; font-size: 100 %; color: 100 px 1.7em; color: rgba(0, 0, 0, 0.1); color: rgb(35,79,255); background-color: no-repeat; background-color: :alert(1); color: (alert('XSS')); color: (window.location='http://example.org/'); color: url(:window.location='http://example.org/'); "> toto </span></p>"""
58 59
59 def setUp(self): 60 def setUp(self):
60 self.host = helpers.FakeSAT() 61 self.host = helpers.FakeSAT()
61 reload(plugin_misc_text_syntaxes) # reload the plugin to avoid conflict error 62 importlib.reload(plugin_misc_text_syntaxes) # reload the plugin to avoid conflict error
62 self.text_syntaxes = plugin_misc_text_syntaxes.TextSyntaxes(self.host) 63 self.text_syntaxes = plugin_misc_text_syntaxes.TextSyntaxes(self.host)
63 64
64 def test_xhtml_sanitise(self): 65 def test_xhtml_sanitise(self):
65 expected = u"""<div> 66 expected = """<div>
66 <style>/* deleted */</style> 67 <style>/* deleted */</style>
67 <body> 68 <body>
68 <a href="">a link</a> 69 <a href="">a link</a>
69 <a href="#">another link</a> 70 <a href="#">another link</a>
70 <p>a paragraph</p> 71 <p>a paragraph</p>
80 d = self.text_syntaxes.cleanXHTML(self.EVIL_HTML1) 81 d = self.text_syntaxes.cleanXHTML(self.EVIL_HTML1)
81 d.addCallback(self.assertEqualXML, expected, ignore_blank=True) 82 d.addCallback(self.assertEqualXML, expected, ignore_blank=True)
82 return d 83 return d
83 84
84 def test_styles_sanitise(self): 85 def test_styles_sanitise(self):
85 expected = u"""<p style="color: blue">test <strong>retest</strong><br/><span style="color: #cf2828; font-size: 3px; color: red; color: red !important; font-size: 100px !important; font-size: 100%; font-size: 100px; font-size: 100; font-size: 100 %; color: rgba(0, 0, 0, 0.1); color: rgb(35,79,255); background-color: no-repeat"> toto </span></p>""" 86 expected = """<p style="color: blue">test <strong>retest</strong><br/><span style="color: #cf2828; font-size: 3px; color: red; color: red !important; font-size: 100px !important; font-size: 100%; font-size: 100px; font-size: 100; font-size: 100 %; color: rgba(0, 0, 0, 0.1); color: rgb(35,79,255); background-color: no-repeat"> toto </span></p>"""
86 87
87 d = self.text_syntaxes.cleanXHTML(self.EVIL_HTML2) 88 d = self.text_syntaxes.cleanXHTML(self.EVIL_HTML2)
88 d.addCallback(self.assertEqualXML, expected) 89 d.addCallback(self.assertEqualXML, expected)
89 return d 90 return d
90 91
103 raise SkipTest("Markdown syntax is not available.") 104 raise SkipTest("Markdown syntax is not available.")
104 d.addCallback(self.assertEqual, expected) 105 d.addCallback(self.assertEqual, expected)
105 return d 106 return d
106 107
107 def test_removeXHTMLMarkups(self): 108 def test_removeXHTMLMarkups(self):
108 expected = u""" a link another link a paragraph secret EVIL! of EVIL! Password: annoying EVIL! spam spam SPAM! """ 109 expected = """ a link another link a paragraph secret EVIL! of EVIL! Password: annoying EVIL! spam spam SPAM! """
109 result = self.text_syntaxes._removeMarkups(self.EVIL_HTML1) 110 result = self.text_syntaxes._removeMarkups(self.EVIL_HTML1)
110 self.assertEqual(re.sub(r"\s+", " ", result).rstrip(), expected.rstrip()) 111 self.assertEqual(re.sub(r"\s+", " ", result).rstrip(), expected.rstrip())
111 112
112 expected = u"""test retest toto""" 113 expected = """test retest toto"""
113 result = self.text_syntaxes._removeMarkups(self.EVIL_HTML2) 114 result = self.text_syntaxes._removeMarkups(self.EVIL_HTML2)
114 self.assertEqual(re.sub(r"\s+", " ", result).rstrip(), expected.rstrip()) 115 self.assertEqual(re.sub(r"\s+", " ", result).rstrip(), expected.rstrip())