mirror of
https://github.com/phpbb/phpbb.git
synced 2025-07-31 22:10:45 +02:00
Merge branch 'ticket/security-203' into ticket/security-203-rhea
This commit is contained in:
@@ -51,8 +51,8 @@ class version_helper_remote_test extends \phpbb_test_case
|
||||
public function provider_get_versions()
|
||||
{
|
||||
return array(
|
||||
array('', false),
|
||||
array('foobar', false),
|
||||
array('', false, '', 'VERSIONCHECK_FAIL'),
|
||||
array('foobar', false, '', 'VERSIONCHECK_FAIL'),
|
||||
array('{
|
||||
"stable": {
|
||||
"1.0": {
|
||||
@@ -93,7 +93,7 @@ class version_helper_remote_test extends \phpbb_test_case
|
||||
"security": false
|
||||
}
|
||||
}
|
||||
}', false),
|
||||
}', false, '', 'VERSIONCHECK_FAIL'),
|
||||
array('{
|
||||
"stable": {
|
||||
"1.0": {
|
||||
@@ -104,26 +104,7 @@ class version_helper_remote_test extends \phpbb_test_case
|
||||
"security": "<script>alert(\'foo\');</script>"
|
||||
}
|
||||
}
|
||||
}', true, array (
|
||||
'stable' => array (
|
||||
'1.0' => array (
|
||||
'current' => '1.0.1<script>alert(\'foo\');</script>',
|
||||
'download' => 'https://www.phpbb.com/customise/db/download/104136<script>alert(\'foo\');</script>',
|
||||
'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/<script>alert(\'foo\');</script>',
|
||||
'eol' => '<script>alert(\'foo\');</script>',
|
||||
'security' => '<script>alert(\'foo\');</script>',
|
||||
),
|
||||
),
|
||||
'unstable' => array (
|
||||
'1.0' => array (
|
||||
'current' => '1.0.1<script>alert(\'foo\');</script>',
|
||||
'download' => 'https://www.phpbb.com/customise/db/download/104136<script>alert(\'foo\');</script>',
|
||||
'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/<script>alert(\'foo\');</script>',
|
||||
'eol' => '<script>alert(\'foo\');</script>',
|
||||
'security' => '<script>alert(\'foo\');</script>',
|
||||
),
|
||||
),
|
||||
)),
|
||||
}', false, null, 'VERSIONCHECK_INVALID_VERSION'),
|
||||
array('{
|
||||
"unstable": {
|
||||
"1.0": {
|
||||
@@ -134,25 +115,87 @@ class version_helper_remote_test extends \phpbb_test_case
|
||||
"security": "<script>alert(\'foo\');</script>"
|
||||
}
|
||||
}
|
||||
}', false, null, 'VERSIONCHECK_INVALID_VERSION'),
|
||||
array('{
|
||||
"unstable": {
|
||||
"1.0<script>alert(\'foo\');</script>": {
|
||||
"current": "1.0.1",
|
||||
"download": "https://www.phpbb.com/customise/db/download/104136",
|
||||
"announcement": "https://www.phpbb.com/customise/db/extension/boardrules/",
|
||||
"eol": "",
|
||||
"security": ""
|
||||
}
|
||||
}
|
||||
}', false, array('stable' => array(), 'unstable' => array()), 'VERSIONCHECK_INVALID_VERSION'),
|
||||
array('{
|
||||
"\"\n<script>alert(\'foo\');</script>\n": "test",
|
||||
"stable": {
|
||||
"1.0": {
|
||||
"current": "1.0.1",
|
||||
"download": "https://www.phpbb.com/customise/db/download/104136",
|
||||
"announcement": "https://www.phpbb.com/customise/db/extension/boardrules/",
|
||||
"eol": null,
|
||||
"security": false
|
||||
}
|
||||
}
|
||||
}', true, array (
|
||||
'unstable' => array (
|
||||
'stable' => array (
|
||||
'1.0' => array (
|
||||
'current' => '1.0.1<script>alert(\'foo\');</script>',
|
||||
'download' => 'https://www.phpbb.com/customise/db/download/104136<script>alert(\'foo\');</script>',
|
||||
'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/<script>alert(\'foo\');</script>',
|
||||
'eol' => '<script>alert(\'foo\');</script>',
|
||||
'security' => '<script>alert(\'foo\');</script>',
|
||||
'current' => '1.0.1',
|
||||
'download' => 'https://www.phpbb.com/customise/db/download/104136',
|
||||
'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/',
|
||||
'eol' => NULL,
|
||||
'security' => false,
|
||||
),
|
||||
),
|
||||
'unstable' => array (
|
||||
'1.0' => array (
|
||||
'current' => '1.0.1',
|
||||
'download' => 'https://www.phpbb.com/customise/db/download/104136',
|
||||
'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/',
|
||||
'eol' => NULL,
|
||||
'security' => false,
|
||||
),
|
||||
),
|
||||
'stable' => array(),
|
||||
)),
|
||||
array('{
|
||||
"unstable": {
|
||||
"1.0": {
|
||||
"current": "1.0.1",
|
||||
"download": "https://www.phpbb.com/customise/db/download/104136",
|
||||
"announcement": "https://www.phpbb.com/customise/db/extension/boardrules/",
|
||||
"eol": null,
|
||||
"security": false,
|
||||
"foobar": "<script>alert(\'test\');<script>"
|
||||
}
|
||||
}
|
||||
}', true, array('stable' => array(), 'unstable' => array('1.0' => array(
|
||||
'current' => '1.0.1',
|
||||
'download' => 'https://www.phpbb.com/customise/db/download/104136',
|
||||
'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/',
|
||||
'security' => false,
|
||||
))), 'VERSIONCHECK_INVALID_ENTRY'),
|
||||
array('{
|
||||
"unstable": {
|
||||
"1.0": {
|
||||
"current<script>alert(\'foo\');</script>": "1.0.1",
|
||||
"download2": "https://www.phpbb.com/customise/db/download/104136",
|
||||
"bannouncement": "https://www.phpbb.com/customise/db/extension/boardrules/",
|
||||
"eol": null,
|
||||
"security": false,
|
||||
"foobar": "<script>alert(\'test\');<script>"
|
||||
}
|
||||
}
|
||||
}', true, array('stable' => array(), 'unstable' => array('1.0' => array(
|
||||
'security' => false,
|
||||
))), 'VERSIONCHECK_INVALID_ENTRY'),
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider provider_get_versions
|
||||
*/
|
||||
public function test_get_versions($input, $valid_data, $expected_return = '')
|
||||
public function test_get_versions($input, $valid_data, $expected_return = '', $expected_exception = '')
|
||||
{
|
||||
$this->file_downloader->set($input);
|
||||
|
||||
@@ -161,7 +204,7 @@ class version_helper_remote_test extends \phpbb_test_case
|
||||
try {
|
||||
$return = $this->version_helper->get_versions();
|
||||
} catch (\phpbb\exception\runtime_exception $e) {
|
||||
$this->assertEquals((string)$e->getMessage(), 'VERSIONCHECK_FAIL');
|
||||
$this->assertEquals((string)$e->getMessage(), $expected_exception);
|
||||
}
|
||||
}
|
||||
else
|
||||
|
Reference in New Issue
Block a user