oci/zeronet
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #884 from MuxZeroNet/patch-15

Browse source 
Update TestWeb.py tests
This commit is contained in:
ZeroNet 2017-04-09 16:28:36 +02:00 committed by GitHub
commit 279e2ae865
1 changed files with 17 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
src/Test/TestWeb.py
View file

@ -21,18 +21,27 @@ class WaitForPageLoad(object):
WebDriverWait(self.browser, 5).until(staleness_of(self.old_page)) WebDriverWait(self.browser, 5).until(staleness_of(self.old_page))
def wget(url):
content = urllib.urlopen(url).read()
assert "server error" not in content.lower(), "Got a server error! " + repr(url)
return content
@pytest.mark.usefixtures("resetSettings") @pytest.mark.usefixtures("resetSettings")
@pytest.mark.webtest @pytest.mark.webtest
class TestWeb: class TestWeb:
def testFileSecurity(self, site_url): def testFileSecurity(self, site_url):
assert "Not Found" in urllib.urlopen("%s/media/./sites.json" % site_url).read() assert "Not Found" in wget("%s/media/./sites.json" % site_url)
assert "Forbidden" in urllib.urlopen("%s/media/../config.py" % site_url).read() assert "Forbidden" in wget("%s/media/../config.py" % site_url)
assert "Forbidden" in urllib.urlopen("%s/media/1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr/../sites.json" % site_url).read() assert "Forbidden" in wget("%s/media/1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr/../sites.json" % site_url)
assert "Forbidden" in urllib.urlopen("%s/media/1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr/..//sites.json" % site_url).read() assert "Forbidden" in wget("%s/media/1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr/..//sites.json" % site_url)
assert "Forbidden" in urllib.urlopen("%s/media/1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr/../../zeronet.py" % site_url).read() assert "Forbidden" in wget("%s/media/1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr/../../zeronet.py" % site_url)
assert "Forbidden" in urllib.urlopen("%s/1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr/../sites.json" % site_url).read() assert "Forbidden" in wget("%s/1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr/../sites.json" % site_url)
assert "Forbidden" in urllib.urlopen("%s/1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr/..//sites.json" % site_url).read() assert "Forbidden" in wget("%s/1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr/..//sites.json" % site_url)
assert "Forbidden" in urllib.urlopen("%s/1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr/../../zeronet.py" % site_url).read() assert "Forbidden" in wget("%s/1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr/../../zeronet.py" % site_url)
assert "Not Found" in wget("%s/content.db" % site_url)
assert "Not Found" in wget("%s/./key-rsa.pem" % site_url)
assert "Not Found" in wget("%s/././././././././././//////sites.json" % site_url)
def testLinkSecurity(self, browser, site_url): def testLinkSecurity(self, browser, site_url):
browser.get("%s/1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr/test/security.html" % site_url) browser.get("%s/1EU1tbG9oC1A8jz2ouVwGZyQ5asrNsE4Vr/test/security.html" % site_url)