mirror of
https://github.com/Lastorder-DC/rhymix.git
synced 2026-04-24 12:52:19 +09:00
Clean up namespaces
This commit is contained in:
Kijin Sung
parent
4407af2b0f
commit
cb229c2d66
26 changed files with 205 additions and 200 deletions
|
|
@ -35,7 +35,7 @@ class FilenameFilterTest extends \Codeception\TestCase\Test
|
|||
|
||||
foreach ($tests as $from => $to)
|
||||
{
|
||||
$result = Rhymix\Framework\Security\FilenameFilter::clean($from);
|
||||
$result = Rhymix\Framework\Filters\FilenameFilter::clean($from);
|
||||
$this->assertEquals($to, $result);
|
||||
}
|
||||
}
|
||||
|
|
@ -61,7 +61,7 @@ class HTMLFilterTest extends \Codeception\TestCase\Test
|
|||
|
||||
foreach ($tests as $test)
|
||||
{
|
||||
$this->assertEquals($test[1], Rhymix\Framework\Security\HTMLFilter::clean($test[0]));
|
||||
$this->assertEquals($test[1], Rhymix\Framework\Filters\HTMLFilter::clean($test[0]));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -69,41 +69,41 @@ class HTMLFilterTest extends \Codeception\TestCase\Test
|
|||
{
|
||||
$source = '<div><audio autoplay="autoplay" src="./foo/bar.mp3"></audio></div>';
|
||||
$target = '<div><audio src="./foo/bar.mp3"></audio></div>';
|
||||
$this->assertEquals($target, Rhymix\Framework\Security\HTMLFilter::clean($source));
|
||||
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
|
||||
|
||||
$source = '<video autoplay="autoplay" width="320" height="240"><source src="./foo/bar.mp4" type="video/mp4" /></video>';
|
||||
$target = '<video width="320" height="240"><source src="./foo/bar.mp4" type="video/mp4" /></video>';
|
||||
$this->assertEquals($target, Rhymix\Framework\Security\HTMLFilter::clean($source));
|
||||
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
|
||||
|
||||
$source = '<nav>123</nav><section>456</section><article>789</article><aside>0</aside>';
|
||||
$target = '<nav>123</nav><section>456</section><article>789</article><aside>0</aside>';
|
||||
$this->assertEquals($target, Rhymix\Framework\Security\HTMLFilter::clean($source));
|
||||
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
|
||||
}
|
||||
|
||||
public function testHTMLFilterCSS3()
|
||||
{
|
||||
$source = '<div style="display:flex;border-radius:1px 2px 3px 4px;"></div>';
|
||||
$target = '<div style="display:flex;border-radius:1px 2px 3px 4px;"></div>';
|
||||
$this->assertEquals($target, Rhymix\Framework\Security\HTMLFilter::clean($source));
|
||||
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
|
||||
|
||||
$source = '<div style="box-sizing:border-box;box-shadow:5px 5px 2px #123456;"></div>';
|
||||
$target = '<div style="box-sizing:border-box;box-shadow:5px 5px 2px #123456;"></div>';
|
||||
$this->assertEquals($target, Rhymix\Framework\Security\HTMLFilter::clean($source));
|
||||
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
|
||||
|
||||
$source = '<div style="overflow-x:auto;overflow-y:scroll;left:-500px;"></div>';
|
||||
$target = '<div style="overflow-x:auto;overflow-y:scroll;"></div>';
|
||||
$this->assertEquals($target, Rhymix\Framework\Security\HTMLFilter::clean($source));
|
||||
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
|
||||
}
|
||||
|
||||
public function testHTMLFilterEmbeddedMedia()
|
||||
{
|
||||
$source = '<iframe title="Video Test" width="640" height="360" src="http://videofarm.daum.net/controller/video/viewer/Video.html?vid=s474b7BR2zzREo0g7OT7EKo&play_loc=undefined&alert=true" frameborder="0" scrolling="no"></iframe>';
|
||||
$target = '<iframe title="Video Test" width="640" height="360" src="http://videofarm.daum.net/controller/video/viewer/Video.html?vid=s474b7BR2zzREo0g7OT7EKo&play_loc=undefined&alert=true" frameborder="0" scrolling="no"></iframe>';
|
||||
$this->assertEquals($target, Rhymix\Framework\Security\HTMLFilter::clean($source));
|
||||
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
|
||||
|
||||
$source = '<iframe title="Video Test" width="640" height="360" src="http://not-allowed.com/whatever-video.mp4" frameborder="0" scrolling="no"></iframe>';
|
||||
$target = '<iframe title="Video Test" width="640" height="360" frameborder="0" scrolling="no"></iframe>';
|
||||
$this->assertEquals($target, Rhymix\Framework\Security\HTMLFilter::clean($source));
|
||||
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
|
||||
|
||||
$source = '<object type="application/x-shockwave-flash" id="DaumVodPlayer_s474b7BR2zzREo0g7OT7EKo" width="640px" height="360px" align="middle" classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=10,3,0,0">' .
|
||||
'<param name="movie" value="http://videofarm.daum.net/controller/player/VodPlayer.swf" />' .
|
||||
|
|
@ -123,33 +123,33 @@ class HTMLFilterTest extends \Codeception\TestCase\Test
|
|||
'<param name="flashvars" value="vid=s474b7BR2zzREo0g7OT7EKo&playLoc=undefined&alert=true" />' .
|
||||
'<embed src="http://videofarm.daum.net/controller/player/VodPlayer.swf" width="640" height="360" type="application/x-shockwave-flash" flashvars="vid=s474b7BR2zzREo0g7OT7EKo&playLoc=undefined&alert=true" allowscriptaccess="never" allownetworking="internal" />' .
|
||||
'</object>';
|
||||
$this->assertEquals($target, Rhymix\Framework\Security\HTMLFilter::clean($source));
|
||||
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
|
||||
|
||||
$source = '<audio src="https://www.youtube.com/whatever"></audio>';
|
||||
$target = '<audio src="https://www.youtube.com/whatever"></audio>';
|
||||
$this->assertEquals($target, Rhymix\Framework\Security\HTMLFilter::clean($source));
|
||||
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
|
||||
|
||||
$source = '<audio src="https://www-youtube.com/whatever"></audio>';
|
||||
$target = '<audio src=""></audio>';
|
||||
$this->assertEquals($target, Rhymix\Framework\Security\HTMLFilter::clean($source));
|
||||
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
|
||||
|
||||
$source = '<video width="320" height="240"><source src="http://api.v.daum.net/something" type="video/mp4" /></video>';
|
||||
$target = '<video width="320" height="240"><source src="http://api.v.daum.net/something" type="video/mp4" /></video>';
|
||||
$this->assertEquals($target, Rhymix\Framework\Security\HTMLFilter::clean($source));
|
||||
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
|
||||
|
||||
$source = '<video width="320" height="240"><source src="http://wrong-site.net/" type="video/mp4" /></video>';
|
||||
$target = '<video width="320" height="240"><source src="" type="video/mp4" /></video>';
|
||||
$this->assertEquals($target, Rhymix\Framework\Security\HTMLFilter::clean($source));
|
||||
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
|
||||
}
|
||||
|
||||
public function testHTMLFilterEditorComponent()
|
||||
{
|
||||
$source = '<img somekey="somevalue" otherkey="othervalue" onmouseover="alert(\'xss\');" editor_component="component_name" src="./foo/bar.jpg" alt="My Picture" style="width:320px;height:240px;" width="320" height="240" />';
|
||||
$target = '<img somekey="somevalue" otherkey="othervalue" editor_component="component_name" src="./foo/bar.jpg" alt="My Picture" style="width:320px;height:240px;" width="320" height="240" />';
|
||||
$this->assertEquals($target, Rhymix\Framework\Security\HTMLFilter::clean($source));
|
||||
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
|
||||
|
||||
$source = '<img somekey="somevalue" otherkey="othervalue" onkeypress="alert(\'xss\');" editor_component="component_name" />';
|
||||
$target = '<img somekey="somevalue" otherkey="othervalue" src="" editor_component="component_name" alt="" />';
|
||||
$this->assertEquals($target, Rhymix\Framework\Security\HTMLFilter::clean($source));
|
||||
$this->assertEquals($target, Rhymix\Framework\Filters\HTMLFilter::clean($source));
|
||||
}
|
||||
}
|
||||
77
tests/unit/framework/filters/IpFilterTest.php
Normal file
77
tests/unit/framework/filters/IpFilterTest.php
Normal file
|
|
@ -0,0 +1,77 @@
|
|||
<?php
|
||||
|
||||
class IpFilterTest extends \Codeception\TestCase\Test
|
||||
{
|
||||
public function testIPv4CIDR()
|
||||
{
|
||||
$this->assertTrue(Rhymix\Framework\Filters\IpFilter::inRange('10.0.127.191', '10.0.127.191'));
|
||||
$this->assertFalse(Rhymix\Framework\Filters\IpFilter::inRange('10.1.131.177', '10.1.131.178'));
|
||||
$this->assertTrue(Rhymix\Framework\Filters\IpFilter::inRange('127.0.0.1', '127.0.0.0/8'));
|
||||
$this->assertFalse(Rhymix\Framework\Filters\IpFilter::inRange('172.34.0.0', '172.16.0.0/12'));
|
||||
$this->assertTrue(Rhymix\Framework\Filters\IpFilter::inRange('192.168.18.214', '192.168.16.0/22'));
|
||||
$this->assertFalse(Rhymix\Framework\Filters\IpFilter::inRange('192.168.18.214', '192.168.16.0/23'));
|
||||
}
|
||||
|
||||
public function testIPv6CIDR()
|
||||
{
|
||||
$this->assertTrue(Rhymix\Framework\Filters\IpFilter::inRange('::1', '::1/128'));
|
||||
$this->assertFalse(Rhymix\Framework\Filters\IpFilter::inRange('::1', '::2'));
|
||||
$this->assertTrue(Rhymix\Framework\Filters\IpFilter::inRange('2400:cb00::1234', '2400:cb00::/32'));
|
||||
$this->assertFalse(Rhymix\Framework\Filters\IpFilter::inRange('2405:8100::1234', '2400:cb00::/32'));
|
||||
}
|
||||
|
||||
public function testIPv4Wildcard()
|
||||
{
|
||||
$this->assertTrue(Rhymix\Framework\Filters\IpFilter::inRange('192.168.134.241', '192.168.134.*'));
|
||||
$this->assertTrue(Rhymix\Framework\Filters\IpFilter::inRange('192.168.134.241', '192.168.*.*'));
|
||||
$this->assertFalse(Rhymix\Framework\Filters\IpFilter::inRange('192.168.134.241', '192.168.136.*'));
|
||||
$this->assertFalse(Rhymix\Framework\Filters\IpFilter::inRange('192.168.134.241', '192.172.*.*'));
|
||||
}
|
||||
|
||||
public function testIPv4Hyphen()
|
||||
{
|
||||
$this->assertTrue(Rhymix\Framework\Filters\IpFilter::inRange('192.168.134.241', '192.168.134.0-192.168.134.255'));
|
||||
$this->assertTrue(Rhymix\Framework\Filters\IpFilter::inRange('192.168.134.241', '192.168.128.16-192.168.145.0'));
|
||||
$this->assertFalse(Rhymix\Framework\Filters\IpFilter::inRange('192.168.134.241', '192.168.134.242-192.168.244.7'));
|
||||
$this->assertFalse(Rhymix\Framework\Filters\IpFilter::inRange('192.168.134.241', '192.168.100.255-192.168.133.19'));
|
||||
}
|
||||
|
||||
public function testValidator()
|
||||
{
|
||||
$this->assertTrue(Rhymix\Framework\Filters\IpFilter::validateRange('192.168.0.1'));
|
||||
$this->assertTrue(Rhymix\Framework\Filters\IpFilter::validateRange('192.168.0.0/16'));
|
||||
$this->assertTrue(Rhymix\Framework\Filters\IpFilter::validateRange('192.168.*.*'));
|
||||
$this->assertTrue(Rhymix\Framework\Filters\IpFilter::validateRange('192.168.*'));
|
||||
$this->assertTrue(Rhymix\Framework\Filters\IpFilter::validateRange('192.168.0.0-192.168.255.255'));
|
||||
$this->assertTrue(Rhymix\Framework\Filters\IpFilter::validateRange('2400:cb00::/32'));
|
||||
$this->assertFalse(Rhymix\Framework\Filters\IpFilter::validateRange('192.168.0.0~192.168.255.255'));
|
||||
}
|
||||
|
||||
public function testLegacy()
|
||||
{
|
||||
$this->assertTrue(\IpFilter::filter(array('192.168.134.241'), '192.168.134.241'));
|
||||
$this->assertTrue(\IpFilter::filter(array('192.168.134.0-192.168.134.255'), '192.168.134.241'));
|
||||
$this->assertTrue(\IpFilter::filter(array('127.0.0.1', '192.168.134.241'), '192.168.134.241'));
|
||||
$this->assertTrue(\IpFilter::filter(array('192.168.134.*'), '192.168.134.241'));
|
||||
$this->assertTrue(\IpFilter::filter(array('192.168.*'), '192.168.134.241'));
|
||||
$this->assertFalse(\IpFilter::filter(array('127.0.0.1'), '192.168.134.241'));
|
||||
}
|
||||
|
||||
public function testCloudFlareRealIP()
|
||||
{
|
||||
$_SERVER['HTTP_CF_CONNECTING_IP'] = '192.168.134.241';
|
||||
|
||||
$_SERVER['REMOTE_ADDR'] = '192.168.10.1';
|
||||
$this->assertFalse(Rhymix\Framework\Filters\IpFilter::getCloudFlareRealIP());
|
||||
$this->assertEquals('192.168.10.1', $_SERVER['REMOTE_ADDR']);
|
||||
|
||||
$_SERVER['REMOTE_ADDR'] = '108.162.192.121';
|
||||
$this->assertEquals('192.168.134.241', Rhymix\Framework\Filters\IpFilter::getCloudFlareRealIP());
|
||||
$this->assertEquals('192.168.134.241', $_SERVER['REMOTE_ADDR']);
|
||||
|
||||
unset($_SERVER['HTTP_CF_CONNECTING_IP']);
|
||||
$_SERVER['REMOTE_ADDR'] = '192.168.10.1';
|
||||
$this->assertFalse(Rhymix\Framework\Filters\IpFilter::getCloudFlareRealIP());
|
||||
$this->assertEquals('192.168.10.1', $_SERVER['REMOTE_ADDR']);
|
||||
}
|
||||
}
|
||||
58
tests/unit/framework/filters/MediaFilterTest.php
Normal file
58
tests/unit/framework/filters/MediaFilterTest.php
Normal file
|
|
@ -0,0 +1,58 @@
|
|||
<?php
|
||||
|
||||
class MediaFilterTest extends \Codeception\TestCase\Test
|
||||
{
|
||||
public function testWhitelists()
|
||||
{
|
||||
// iframe whitelist as array.
|
||||
$this->assertTrue(in_array('www.youtube.com/', Rhymix\Framework\Filters\MediaFilter::getIframeWhitelist()));
|
||||
$this->assertFalse(in_array('random-website.com/', Rhymix\Framework\Filters\MediaFilter::getIframeWhitelist()));
|
||||
|
||||
// iframe whitelist as regex.
|
||||
$this->assertTrue(strpos(Rhymix\Framework\Filters\MediaFilter::getIframeWhitelistRegex(), '|www\.youtube\.com/') !== false);
|
||||
$this->assertFalse(strpos(Rhymix\Framework\Filters\MediaFilter::getIframeWhitelistRegex(), 'www.youtube.com/') !== false);
|
||||
|
||||
// Match individual URL against iframe whitelist.
|
||||
$this->assertTrue(Rhymix\Framework\Filters\MediaFilter::matchIframeWhitelist('https://www.youtube.com/v'));
|
||||
$this->assertFalse(Rhymix\Framework\Filters\MediaFilter::matchIframeWhitelist('http://www-youtube.com/v'));
|
||||
|
||||
// object whitelist as array.
|
||||
$this->assertTrue(in_array('www.youtube.com/', Rhymix\Framework\Filters\MediaFilter::getObjectWhitelist()));
|
||||
$this->assertFalse(in_array('random-website.com/', Rhymix\Framework\Filters\MediaFilter::getObjectWhitelist()));
|
||||
|
||||
// object whitelist as regex.
|
||||
$this->assertTrue(strpos(Rhymix\Framework\Filters\MediaFilter::getObjectWhitelistRegex(), '|www\.youtube\.com/') !== false);
|
||||
$this->assertFalse(strpos(Rhymix\Framework\Filters\MediaFilter::getObjectWhitelistRegex(), 'www.youtube.com/') !== false);
|
||||
|
||||
// Match individual URL against object whitelist.
|
||||
$this->assertTrue(Rhymix\Framework\Filters\MediaFilter::matchObjectWhitelist('https://www.youtube.com/v'));
|
||||
$this->assertFalse(Rhymix\Framework\Filters\MediaFilter::matchObjectWhitelist('http://www-youtube.com/v'));
|
||||
}
|
||||
|
||||
public function testAddPrefix()
|
||||
{
|
||||
$this->assertFalse(Rhymix\Framework\Filters\MediaFilter::matchIframeWhitelist('http://some.custom.website.com/video.mp4'));
|
||||
Rhymix\Framework\Filters\MediaFilter::addIframePrefix('*.custom.website.com/');
|
||||
$this->assertTrue(Rhymix\Framework\Filters\MediaFilter::matchIframeWhitelist('http://some.custom.website.com/video.mp4'));
|
||||
|
||||
$this->assertFalse(Rhymix\Framework\Filters\MediaFilter::matchObjectWhitelist('http://some.custom.website.com/video.mp4'));
|
||||
Rhymix\Framework\Filters\MediaFilter::addObjectPrefix('*.custom.website.com/');
|
||||
$this->assertTrue(Rhymix\Framework\Filters\MediaFilter::matchObjectWhitelist('http://some.custom.website.com/video.mp4'));
|
||||
}
|
||||
|
||||
public function testRemoveEmbeddedMedia()
|
||||
{
|
||||
$tests = array(
|
||||
'<div><object></object></div>' => '<div></div>',
|
||||
'<div><object><embed></embed></object></div>' => '<div></div>',
|
||||
'<div><object><param /></object></div>' => '<div></div>',
|
||||
'<div><img class="foo" editor_component="multimedia_link" /></div>' => '<div></div>',
|
||||
'<div><img editor_component="multimedia_link"></img></div>' => '<div></div>',
|
||||
);
|
||||
|
||||
foreach ($tests as $from => $to)
|
||||
{
|
||||
$this->assertEquals($to, Rhymix\Framework\Filters\MediaFilter::removeEmbeddedMedia($from));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -1,77 +0,0 @@
|
|||
<?php
|
||||
|
||||
class IpFilterTest extends \Codeception\TestCase\Test
|
||||
{
|
||||
public function testIPv4CIDR()
|
||||
{
|
||||
$this->assertTrue(Rhymix\Framework\Security\IpFilter::inRange('10.0.127.191', '10.0.127.191'));
|
||||
$this->assertFalse(Rhymix\Framework\Security\IpFilter::inRange('10.1.131.177', '10.1.131.178'));
|
||||
$this->assertTrue(Rhymix\Framework\Security\IpFilter::inRange('127.0.0.1', '127.0.0.0/8'));
|
||||
$this->assertFalse(Rhymix\Framework\Security\IpFilter::inRange('172.34.0.0', '172.16.0.0/12'));
|
||||
$this->assertTrue(Rhymix\Framework\Security\IpFilter::inRange('192.168.18.214', '192.168.16.0/22'));
|
||||
$this->assertFalse(Rhymix\Framework\Security\IpFilter::inRange('192.168.18.214', '192.168.16.0/23'));
|
||||
}
|
||||
|
||||
public function testIPv6CIDR()
|
||||
{
|
||||
$this->assertTrue(Rhymix\Framework\Security\IpFilter::inRange('::1', '::1/128'));
|
||||
$this->assertFalse(Rhymix\Framework\Security\IpFilter::inRange('::1', '::2'));
|
||||
$this->assertTrue(Rhymix\Framework\Security\IpFilter::inRange('2400:cb00::1234', '2400:cb00::/32'));
|
||||
$this->assertFalse(Rhymix\Framework\Security\IpFilter::inRange('2405:8100::1234', '2400:cb00::/32'));
|
||||
}
|
||||
|
||||
public function testIPv4Wildcard()
|
||||
{
|
||||
$this->assertTrue(Rhymix\Framework\Security\IpFilter::inRange('192.168.134.241', '192.168.134.*'));
|
||||
$this->assertTrue(Rhymix\Framework\Security\IpFilter::inRange('192.168.134.241', '192.168.*.*'));
|
||||
$this->assertFalse(Rhymix\Framework\Security\IpFilter::inRange('192.168.134.241', '192.168.136.*'));
|
||||
$this->assertFalse(Rhymix\Framework\Security\IpFilter::inRange('192.168.134.241', '192.172.*.*'));
|
||||
}
|
||||
|
||||
public function testIPv4Hyphen()
|
||||
{
|
||||
$this->assertTrue(Rhymix\Framework\Security\IpFilter::inRange('192.168.134.241', '192.168.134.0-192.168.134.255'));
|
||||
$this->assertTrue(Rhymix\Framework\Security\IpFilter::inRange('192.168.134.241', '192.168.128.16-192.168.145.0'));
|
||||
$this->assertFalse(Rhymix\Framework\Security\IpFilter::inRange('192.168.134.241', '192.168.134.242-192.168.244.7'));
|
||||
$this->assertFalse(Rhymix\Framework\Security\IpFilter::inRange('192.168.134.241', '192.168.100.255-192.168.133.19'));
|
||||
}
|
||||
|
||||
public function testValidator()
|
||||
{
|
||||
$this->assertTrue(Rhymix\Framework\Security\IpFilter::validateRange('192.168.0.1'));
|
||||
$this->assertTrue(Rhymix\Framework\Security\IpFilter::validateRange('192.168.0.0/16'));
|
||||
$this->assertTrue(Rhymix\Framework\Security\IpFilter::validateRange('192.168.*.*'));
|
||||
$this->assertTrue(Rhymix\Framework\Security\IpFilter::validateRange('192.168.*'));
|
||||
$this->assertTrue(Rhymix\Framework\Security\IpFilter::validateRange('192.168.0.0-192.168.255.255'));
|
||||
$this->assertTrue(Rhymix\Framework\Security\IpFilter::validateRange('2400:cb00::/32'));
|
||||
$this->assertFalse(Rhymix\Framework\Security\IpFilter::validateRange('192.168.0.0~192.168.255.255'));
|
||||
}
|
||||
|
||||
public function testLegacy()
|
||||
{
|
||||
$this->assertTrue(\IpFilter::filter(array('192.168.134.241'), '192.168.134.241'));
|
||||
$this->assertTrue(\IpFilter::filter(array('192.168.134.0-192.168.134.255'), '192.168.134.241'));
|
||||
$this->assertTrue(\IpFilter::filter(array('127.0.0.1', '192.168.134.241'), '192.168.134.241'));
|
||||
$this->assertTrue(\IpFilter::filter(array('192.168.134.*'), '192.168.134.241'));
|
||||
$this->assertTrue(\IpFilter::filter(array('192.168.*'), '192.168.134.241'));
|
||||
$this->assertFalse(\IpFilter::filter(array('127.0.0.1'), '192.168.134.241'));
|
||||
}
|
||||
|
||||
public function testCloudFlareRealIP()
|
||||
{
|
||||
$_SERVER['HTTP_CF_CONNECTING_IP'] = '192.168.134.241';
|
||||
|
||||
$_SERVER['REMOTE_ADDR'] = '192.168.10.1';
|
||||
$this->assertFalse(Rhymix\Framework\Security\IpFilter::getCloudFlareRealIP());
|
||||
$this->assertEquals('192.168.10.1', $_SERVER['REMOTE_ADDR']);
|
||||
|
||||
$_SERVER['REMOTE_ADDR'] = '108.162.192.121';
|
||||
$this->assertEquals('192.168.134.241', Rhymix\Framework\Security\IpFilter::getCloudFlareRealIP());
|
||||
$this->assertEquals('192.168.134.241', $_SERVER['REMOTE_ADDR']);
|
||||
|
||||
unset($_SERVER['HTTP_CF_CONNECTING_IP']);
|
||||
$_SERVER['REMOTE_ADDR'] = '192.168.10.1';
|
||||
$this->assertFalse(Rhymix\Framework\Security\IpFilter::getCloudFlareRealIP());
|
||||
$this->assertEquals('192.168.10.1', $_SERVER['REMOTE_ADDR']);
|
||||
}
|
||||
}
|
||||
|
|
@ -1,58 +0,0 @@
|
|||
<?php
|
||||
|
||||
class MediaFilterTest extends \Codeception\TestCase\Test
|
||||
{
|
||||
public function testWhitelists()
|
||||
{
|
||||
// iframe whitelist as array.
|
||||
$this->assertTrue(in_array('www.youtube.com/', Rhymix\Framework\Security\MediaFilter::getIframeWhitelist()));
|
||||
$this->assertFalse(in_array('random-website.com/', Rhymix\Framework\Security\MediaFilter::getIframeWhitelist()));
|
||||
|
||||
// iframe whitelist as regex.
|
||||
$this->assertTrue(strpos(Rhymix\Framework\Security\MediaFilter::getIframeWhitelistRegex(), '|www\.youtube\.com/') !== false);
|
||||
$this->assertFalse(strpos(Rhymix\Framework\Security\MediaFilter::getIframeWhitelistRegex(), 'www.youtube.com/') !== false);
|
||||
|
||||
// Match individual URL against iframe whitelist.
|
||||
$this->assertTrue(Rhymix\Framework\Security\MediaFilter::matchIframeWhitelist('https://www.youtube.com/v'));
|
||||
$this->assertFalse(Rhymix\Framework\Security\MediaFilter::matchIframeWhitelist('http://www-youtube.com/v'));
|
||||
|
||||
// object whitelist as array.
|
||||
$this->assertTrue(in_array('www.youtube.com/', Rhymix\Framework\Security\MediaFilter::getObjectWhitelist()));
|
||||
$this->assertFalse(in_array('random-website.com/', Rhymix\Framework\Security\MediaFilter::getObjectWhitelist()));
|
||||
|
||||
// object whitelist as regex.
|
||||
$this->assertTrue(strpos(Rhymix\Framework\Security\MediaFilter::getObjectWhitelistRegex(), '|www\.youtube\.com/') !== false);
|
||||
$this->assertFalse(strpos(Rhymix\Framework\Security\MediaFilter::getObjectWhitelistRegex(), 'www.youtube.com/') !== false);
|
||||
|
||||
// Match individual URL against object whitelist.
|
||||
$this->assertTrue(Rhymix\Framework\Security\MediaFilter::matchObjectWhitelist('https://www.youtube.com/v'));
|
||||
$this->assertFalse(Rhymix\Framework\Security\MediaFilter::matchObjectWhitelist('http://www-youtube.com/v'));
|
||||
}
|
||||
|
||||
public function testAddPrefix()
|
||||
{
|
||||
$this->assertFalse(Rhymix\Framework\Security\MediaFilter::matchIframeWhitelist('http://some.custom.website.com/video.mp4'));
|
||||
Rhymix\Framework\Security\MediaFilter::addIframePrefix('*.custom.website.com/');
|
||||
$this->assertTrue(Rhymix\Framework\Security\MediaFilter::matchIframeWhitelist('http://some.custom.website.com/video.mp4'));
|
||||
|
||||
$this->assertFalse(Rhymix\Framework\Security\MediaFilter::matchObjectWhitelist('http://some.custom.website.com/video.mp4'));
|
||||
Rhymix\Framework\Security\MediaFilter::addObjectPrefix('*.custom.website.com/');
|
||||
$this->assertTrue(Rhymix\Framework\Security\MediaFilter::matchObjectWhitelist('http://some.custom.website.com/video.mp4'));
|
||||
}
|
||||
|
||||
public function testRemoveEmbeddedMedia()
|
||||
{
|
||||
$tests = array(
|
||||
'<div><object></object></div>' => '<div></div>',
|
||||
'<div><object><embed></embed></object></div>' => '<div></div>',
|
||||
'<div><object><param /></object></div>' => '<div></div>',
|
||||
'<div><img class="foo" editor_component="multimedia_link" /></div>' => '<div></div>',
|
||||
'<div><img editor_component="multimedia_link"></img></div>' => '<div></div>',
|
||||
);
|
||||
|
||||
foreach ($tests as $from => $to)
|
||||
{
|
||||
$this->assertEquals($to, Rhymix\Framework\Security\MediaFilter::removeEmbeddedMedia($from));
|
||||
}
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue