RubyGems - arachni - Versions diffs - 1.1 → 1.2 - Mend

arachni 1.1 → 1.2

Files changed (287) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +159 -0
data/LICENSE.md +126 -196
data/README.md +32 -24
data/arachni.gemspec +7 -7
data/components/checks/active/code_injection_timing.rb +3 -3
data/components/checks/active/csrf.rb +2 -2
data/components/checks/active/file_inclusion.rb +6 -7
data/components/checks/active/os_cmd_injection.rb +3 -3
data/components/checks/active/path_traversal.rb +7 -7
data/components/checks/active/response_splitting.rb +9 -4
data/components/checks/active/session_fixation.rb +7 -3
data/components/checks/active/source_code_disclosure.rb +5 -5
data/components/checks/active/unvalidated_redirect.rb +12 -3
data/components/checks/active/unvalidated_redirect_dom.rb +3 -3
data/components/checks/active/xss.rb +23 -10
data/components/checks/active/xss_dom_inputs.rb +113 -11
data/components/checks/active/xxe.rb +3 -3
data/components/checks/passive/backdoors.rb +6 -5
data/components/checks/passive/backup_directories.rb +6 -6
data/components/checks/passive/backup_files.rb +6 -6
data/components/checks/passive/common_admin_interfaces.rb +58 -0
data/components/checks/passive/common_admin_interfaces/admin-panels.txt +49 -0
data/components/checks/passive/common_directories/directories.txt +0 -16
data/components/checks/passive/common_files.rb +6 -5
data/components/checks/passive/common_files/filenames.txt +0 -2
data/components/checks/passive/directory_listing.rb +6 -6
data/components/checks/passive/grep/cookie_set_for_parent_domain.rb +3 -3
data/components/checks/passive/grep/hsts.rb +6 -3
data/components/checks/passive/grep/http_only_cookies.rb +3 -3
data/components/checks/passive/grep/insecure_cookies.rb +2 -2
data/components/checks/passive/grep/insecure_cors_policy.rb +6 -4
data/components/checks/passive/grep/x_frame_options.rb +6 -4
data/components/checks/passive/htaccess_limit.rb +6 -2
data/components/checks/passive/http_put.rb +8 -4
data/components/checks/passive/interesting_responses.rb +3 -2
data/components/checks/passive/localstart_asp.rb +6 -2
data/components/checks/passive/origin_spoof_access_restriction_bypass.rb +5 -1
data/components/checks/passive/xst.rb +6 -2
data/components/fingerprinters/frameworks/aspx_mvc.rb +43 -0
data/components/fingerprinters/frameworks/cakephp.rb +28 -0
data/components/fingerprinters/frameworks/cherrypy.rb +31 -0
data/components/fingerprinters/frameworks/django.rb +33 -0
data/components/fingerprinters/frameworks/jsf.rb +30 -0
data/components/fingerprinters/frameworks/rack.rb +5 -7
data/components/fingerprinters/frameworks/rails.rb +43 -0
data/components/fingerprinters/languages/aspx.rb +11 -11
data/components/fingerprinters/languages/{jsp.rb → java.rb} +11 -7
data/components/fingerprinters/languages/php.rb +6 -6
data/components/fingerprinters/languages/python.rb +14 -6
data/components/fingerprinters/languages/ruby.rb +3 -5
data/components/fingerprinters/servers/apache.rb +5 -4
data/components/fingerprinters/servers/gunicorn.rb +33 -0
data/components/fingerprinters/servers/jetty.rb +1 -1
data/components/fingerprinters/servers/tomcat.rb +11 -4
data/components/path_extractors/anchors.rb +5 -12
data/components/path_extractors/areas.rb +5 -13
data/components/path_extractors/comments.rb +5 -3
data/components/path_extractors/data_url.rb +21 -0
data/components/path_extractors/forms.rb +5 -13
data/components/path_extractors/frames.rb +6 -13
data/components/path_extractors/generic.rb +3 -12
data/components/path_extractors/links.rb +5 -13
data/components/path_extractors/meta_refresh.rb +5 -13
data/components/path_extractors/scripts.rb +8 -14
data/components/plugins/autologin.rb +17 -5
data/components/plugins/defaults/meta/remedies/discovery.rb +11 -29
data/components/plugins/login_script.rb +40 -10
data/components/plugins/metrics.rb +235 -0
data/components/plugins/proxy.rb +21 -4
data/components/plugins/proxy/panel/page_accordion.html.erb +34 -2
data/components/plugins/restrict_to_dom_state.rb +70 -0
data/components/plugins/vector_feed.rb +38 -9
data/components/reporters/plugin_formatters/html/metrics.rb +290 -0
data/components/reporters/plugin_formatters/stdout/metrics.rb +80 -0
data/components/reporters/plugin_formatters/xml/metrics.rb +29 -0
data/components/reporters/stdout.rb +4 -2
data/components/reporters/xml.rb +4 -4
data/components/reporters/xml/schema.xsd +95 -0
data/lib/arachni.rb +2 -0
data/lib/arachni/browser.rb +132 -77
data/lib/arachni/browser/javascript.rb +173 -45
data/lib/arachni/browser/javascript/scripts/dom_monitor.js +81 -6
data/lib/arachni/browser/javascript/scripts/taint_tracer.js +31 -3
data/lib/arachni/browser_cluster.rb +41 -15
data/lib/arachni/browser_cluster/job.rb +4 -0
data/lib/arachni/browser_cluster/jobs/resource_exploration.rb +0 -9
data/lib/arachni/browser_cluster/worker.rb +8 -5
data/lib/arachni/check/auditor.rb +20 -8
data/lib/arachni/check/base.rb +38 -6
data/lib/arachni/element/base.rb +18 -1
data/lib/arachni/element/capabilities/analyzable/differential.rb +0 -1
data/lib/arachni/element/capabilities/analyzable/taint.rb +40 -10
data/lib/arachni/element/capabilities/analyzable/timeout.rb +27 -23
data/lib/arachni/element/capabilities/auditable/dom.rb +22 -0
data/lib/arachni/element/capabilities/inputtable.rb +6 -2
data/lib/arachni/element/capabilities/submittable.rb +1 -1
data/lib/arachni/element/cookie.rb +37 -23
data/lib/arachni/element/cookie/capabilities/mutable.rb +6 -6
data/lib/arachni/element/cookie/dom.rb +0 -8
data/lib/arachni/element/form.rb +28 -14
data/lib/arachni/element/form/capabilities/auditable.rb +2 -2
data/lib/arachni/element/form/capabilities/mutable.rb +5 -5
data/lib/arachni/element/form/dom.rb +0 -8
data/lib/arachni/element/generic_dom.rb +1 -1
data/lib/arachni/element/json.rb +2 -1
data/lib/arachni/element/json/capabilities/inputtable.rb +6 -6
data/lib/arachni/element/json/capabilities/mutable.rb +1 -1
data/lib/arachni/element/link.rb +13 -16
data/lib/arachni/element/link/dom.rb +1 -14
data/lib/arachni/element/link_template.rb +3 -2
data/lib/arachni/element/link_template/dom.rb +0 -16
data/lib/arachni/element/server.rb +51 -9
data/lib/arachni/element/xml.rb +1 -0
data/lib/arachni/ethon/easy.rb +4 -1
data/lib/arachni/framework/parts/audit.rb +26 -77
data/lib/arachni/framework/parts/browser.rb +50 -55
data/lib/arachni/framework/parts/check.rb +4 -3
data/lib/arachni/framework/parts/data.rb +41 -6
data/lib/arachni/framework/parts/state.rb +16 -7
data/lib/arachni/http/client.rb +66 -38
data/lib/arachni/http/client/dynamic_404_handler.rb +46 -14
data/lib/arachni/http/headers.rb +22 -10
data/lib/arachni/http/proxy_server.rb +67 -22
data/lib/arachni/http/proxy_server/ssl-interceptor-cacert.pem +34 -0
data/lib/arachni/http/proxy_server/ssl-interceptor-cakey.pem +51 -0
data/lib/arachni/http/request.rb +71 -18
data/lib/arachni/issue.rb +17 -3
data/lib/arachni/option_groups/browser_cluster.rb +34 -1
data/lib/arachni/option_groups/http.rb +1 -1
data/lib/arachni/page.rb +26 -13
data/lib/arachni/page/dom/transition.rb +2 -2
data/lib/arachni/parser.rb +28 -11
data/lib/arachni/platform/fingerprinter.rb +5 -0
data/lib/arachni/platform/manager.rb +65 -32
data/lib/arachni/plugin/base.rb +8 -0
data/lib/arachni/processes/instances.rb +25 -11
data/lib/arachni/reporter/manager.rb +2 -2
data/lib/arachni/rpc/client/instance.rb +4 -0
data/lib/arachni/rpc/server/framework/master.rb +3 -3
data/lib/arachni/rpc/server/framework/multi_instance.rb +0 -8
data/lib/arachni/rpc/server/instance.rb +2 -1
data/lib/arachni/ruby/array.rb +5 -0
data/lib/arachni/ruby/hash.rb +5 -0
data/lib/arachni/ruby/string.rb +2 -3
data/lib/arachni/session.rb +32 -6
data/lib/arachni/state/framework.rb +6 -2
data/lib/arachni/support/cache.rb +1 -0
data/lib/arachni/support/cache/base.rb +12 -8
data/lib/arachni/support/cache/least_recently_pushed.rb +29 -0
data/lib/arachni/support/cache/least_recently_used.rb +5 -8
data/lib/arachni/support/cache/preference.rb +1 -1
data/lib/arachni/support/cache/random_replacement.rb +1 -25
data/lib/arachni/support/database/queue.rb +21 -8
data/lib/arachni/support/lookup/base.rb +7 -1
data/lib/arachni/support/mixins/observable.rb +3 -1
data/lib/arachni/support/profiler.rb +51 -10
data/lib/arachni/support/signature.rb +11 -2
data/lib/arachni/trainer.rb +8 -2
data/lib/arachni/uri.rb +28 -25
data/lib/arachni/uri/scope.rb +1 -1
data/lib/arachni/utilities.rb +8 -0
data/lib/arachni/watir/element.rb +1 -1
data/lib/version +1 -1
data/spec/arachni/browser/javascript/dom_monitor_spec.rb +388 -53
data/spec/arachni/browser/javascript/taint_tracer_spec.rb +41 -0
data/spec/arachni/browser/javascript_spec.rb +235 -61
data/spec/arachni/browser_cluster/jobs/resource_exploration_spec.rb +0 -9
data/spec/arachni/browser_cluster_spec.rb +58 -10
data/spec/arachni/browser_spec.rb +170 -26
data/spec/arachni/check/auditor_spec.rb +22 -3
data/spec/arachni/check/base_spec.rb +84 -0
data/spec/arachni/element/body_spec.rb +1 -1
data/spec/arachni/element/capabilities/analyzable/taint_spec.rb +3 -3
data/spec/arachni/element/capabilities/analyzable/timeout_spec.rb +1 -1
data/spec/arachni/element/cookie/dom_spec.rb +0 -9
data/spec/arachni/element/cookie_spec.rb +85 -0
data/spec/arachni/element/form/dom_spec.rb +0 -9
data/spec/arachni/element/form_spec.rb +46 -3
data/spec/arachni/element/json_spec.rb +20 -0
data/spec/arachni/element/link/dom_spec.rb +0 -9
data/spec/arachni/element/link_spec.rb +40 -15
data/spec/arachni/element/link_template/dom_spec.rb +0 -8
data/spec/arachni/element/link_template_spec.rb +2 -6
data/spec/arachni/element/server_spec.rb +94 -8
data/spec/arachni/element/xml_spec.rb +20 -0
data/spec/arachni/framework/parts/audit_spec.rb +12 -14
data/spec/arachni/framework/parts/browser_spec.rb +0 -171
data/spec/arachni/framework/parts/platform_spec.rb +14 -8
data/spec/arachni/framework/parts/report_spec.rb +1 -1
data/spec/arachni/framework/parts/state_spec.rb +0 -9
data/spec/arachni/http/client/dynamic_404_handlers_spec.rb +19 -0
data/spec/arachni/http/client_spec.rb +169 -42
data/spec/arachni/http/headers_spec.rb +18 -0
data/spec/arachni/http/request_spec.rb +23 -0
data/spec/arachni/issue_spec.rb +17 -6
data/spec/arachni/page_spec.rb +22 -2
data/spec/arachni/parser_spec.rb +5 -0
data/spec/arachni/platform/manager_spec.rb +57 -25
data/spec/arachni/reporter/manager_spec.rb +26 -0
data/spec/arachni/rpc/server/active_options_spec.rb +9 -4
data/spec/arachni/state/framework_spec.rb +2 -8
data/spec/arachni/support/cache/least_recently_pushed_spec.rb +90 -0
data/spec/arachni/support/cache/least_recently_used_spec.rb +5 -13
data/spec/arachni/support/database/queue_spec.rb +7 -0
data/spec/arachni/support/mixins/observable_spec.rb +15 -1
data/spec/arachni/trainer_spec.rb +2 -2
data/spec/components/checks/active/code_injection_timing_spec.rb +1 -1
data/spec/components/checks/active/file_inclusion_spec.rb +6 -6
data/spec/components/checks/active/path_traversal_spec.rb +2 -2
data/spec/components/checks/active/source_code_disclosure_spec.rb +2 -2
data/spec/components/checks/active/unvalidated_redirect_spec.rb +6 -6
data/spec/components/checks/active/xss_dom_inputs_spec.rb +3 -5
data/spec/components/checks/active/xss_dom_script_context_spec.rb +1 -1
data/spec/components/checks/active/xss_spec.rb +5 -5
data/spec/components/checks/passive/common_admin_interfaces_spec.rb +15 -0
data/spec/components/checks/passive/interesting_responses_spec.rb +14 -1
data/spec/components/fingerprinters/frameworks/aspx_mvc_spec.rb +31 -0
data/spec/components/fingerprinters/frameworks/cakephp_spec.rb +22 -0
data/spec/components/fingerprinters/frameworks/cherrypy_spec.rb +28 -0
data/spec/components/fingerprinters/frameworks/django_spec.rb +37 -0
data/spec/components/fingerprinters/frameworks/jsf_spec.rb +27 -0
data/spec/components/fingerprinters/frameworks/rack_spec.rb +11 -14
data/spec/components/fingerprinters/frameworks/rails_spec.rb +53 -0
data/spec/components/fingerprinters/languages/asp_spec.rb +7 -9
data/spec/components/fingerprinters/languages/aspx_spec.rb +10 -24
data/spec/components/fingerprinters/languages/java_spec.rb +88 -0
data/spec/components/fingerprinters/languages/php_spec.rb +19 -12
data/spec/components/fingerprinters/languages/python_spec.rb +22 -9
data/spec/components/fingerprinters/languages/ruby.rb +6 -4
data/spec/components/fingerprinters/os/bsd_spec.rb +6 -4
data/spec/components/fingerprinters/os/linux_spec.rb +6 -4
data/spec/components/fingerprinters/os/solaris_spec.rb +6 -4
data/spec/components/fingerprinters/os/unix_spec.rb +6 -4
data/spec/components/fingerprinters/os/windows_spec.rb +6 -4
data/spec/components/fingerprinters/servers/apache_spec.rb +15 -4
data/spec/components/fingerprinters/servers/gunicorn_spec.rb +28 -0
data/spec/components/fingerprinters/servers/iis_spec.rb +6 -6
data/spec/components/fingerprinters/servers/jetty_spec.rb +6 -6
data/spec/components/fingerprinters/servers/nginx_spec.rb +6 -4
data/spec/components/fingerprinters/servers/tomcat_spec.rb +15 -6
data/spec/components/path_extractors/data_url_spec.rb +19 -0
data/spec/components/plugins/autologin_spec.rb +23 -0
data/spec/components/plugins/login_script_spec.rb +112 -24
data/spec/components/plugins/restrict_to_dom_state_spec.rb +16 -0
data/spec/components/plugins/vector_feed_spec.rb +39 -1
data/spec/support/factories/page/dom.rb +9 -4
data/spec/support/factories/page/dom/transition.rb +31 -9
data/spec/support/factories/scan_report.rb +8 -6
data/spec/support/fixtures/empty/placeholder +0 -0
data/spec/support/fixtures/report.afr +0 -0
data/spec/support/fixtures/reporters/manager_spec/error.rb +18 -0
data/spec/support/servers/arachni/browser.rb +117 -11
data/spec/support/servers/arachni/browser/javascript/dom_monitor.rb +148 -4
data/spec/support/servers/arachni/check/auditor.rb +4 -0
data/spec/support/servers/arachni/element/cookie/cookie_dom.rb +1 -1
data/spec/support/servers/arachni/http/client.rb +5 -0
data/spec/support/servers/arachni/http/client/dynamic_404_handler.rb +13 -0
data/spec/support/servers/checks/active/code_injection_timing.rb +1 -1
data/spec/support/servers/checks/active/file_inclusion.rb +2 -2
data/spec/support/servers/checks/active/path_traversal.rb +2 -2
data/spec/support/servers/checks/active/source_code_disclosure.rb +40 -33
data/spec/support/servers/checks/active/trainer_check.rb +9 -10
data/spec/support/servers/checks/active/unvalidated_redirect_dom.rb +7 -4
data/spec/support/servers/checks/active/xss.rb +35 -0
data/spec/support/servers/checks/active/xss_dom.rb +1 -1
data/spec/support/servers/checks/active/xss_dom_inputs.rb +24 -0
data/spec/support/servers/checks/active/xss_dom_script_context.rb +1 -1
data/spec/support/servers/checks/passive/common_admin_interfaces.rb +6 -0
data/spec/support/servers/plugins/autologin.rb +9 -0
data/spec/support/servers/plugins/restrict_to_dom_state.rb +4 -0
data/spec/support/shared/element/base.rb +42 -0
data/spec/support/shared/element/capabilities/auditable.rb +4 -4
data/spec/support/shared/element/capabilities/auditable/dom.rb +26 -0
data/spec/support/shared/element/capabilities/inputtable.rb +16 -11
data/spec/support/shared/element/capabilities/submitable.rb +7 -2
data/spec/support/shared/fingerprinter.rb +8 -0
data/spec/support/shared/path_extractor.rb +1 -1
data/ui/cli/framework.rb +3 -3
data/ui/cli/framework/option_parser.rb +9 -0
data/ui/cli/output.rb +9 -0
data/ui/cli/reporter.rb +5 -2
data/ui/cli/utilities.rb +4 -2
metadata +76 -17
data/lib/arachni/http/proxy_server/ssl-interceptor-cert.pem +0 -34
data/lib/arachni/http/proxy_server/ssl-interceptor-pkey.pem +0 -51
data/spec/components/fingerprinters/languages/jsp_spec.rb +0 -56

data/lib/arachni/watir/element.rb CHANGED

@@ -14,7 +14,7 @@ class Element
     end
     def events
-        (browser.execute_script( 'return arguments[0].events;', self ) || []).
+        (browser.execute_script( 'return arguments[0]._arachni_events;', self ) || []).
             map { |event, fn| [event.to_sym, fn] } |
             (::Arachni::Browser::Javascript.events.flatten.map(&:to_s) & attributes).
                 map { |event| [event.to_sym, attribute_value( event )] }

data/lib/version CHANGED

	@@ -1 +1 @@
1	- 1.1
1	+ 1.2

data/spec/arachni/browser/javascript/dom_monitor_spec.rb CHANGED

@@ -37,10 +37,10 @@ describe Arachni::Browser::Javascript::DOMMonitor do
         end
     end
-    it 'adds .events property to elements holding the tracked events' do
-        load '/elements_with_events'
+    it 'adds _arachni_events property to elements holding the tracked events' do
+        load '/elements_with_events/listeners'
-        javascript.run( "return document.getElementById('my-button').events").should == [
+        javascript.run( "return document.getElementById('my-button')._arachni_events").should == [
             [
                 'click',
                 'function (my_button_click) {}'
@@ -55,21 +55,21 @@ describe Arachni::Browser::Javascript::DOMMonitor do
             ]
         ]
-        javascript.run( "return document.getElementById('my-button2').events").should == [
+        javascript.run( "return document.getElementById('my-button2')._arachni_events").should == [
             [
                 'click',
                 'function (my_button2_click) {}'
             ]
         ]
-        javascript.run( "return document.getElementById('my-button3').events").should be_nil
+        javascript.run( "return document.getElementById('my-button3')._arachni_events").should be_nil
     end
     describe '#digest' do
         it 'returns a string digest of the current DOM tree' do
             load '/digest'
             subject.digest.should == '<HTML><HEAD><SCRIPT src=http://javascri' <<
-                'pt.browser.arachni/' <<'taint_tracer.js><SCRIPT><SCRIPT src' <<
+                'pt.browser.arachni/' <<'taint_tracer.js><SCRIPT src' <<
                 '=http://javascript.browser.arachni/dom_monitor.js><SCRIPT>' <<
                 '<BODY onload=void();><DIV id=my-id-div><DIV class=my-class' <<
                 '-div><STRONG><EM><I><B><STRONG><SCRIPT><SCRIPT type=text/' <<
@@ -79,14 +79,14 @@ describe Arachni::Browser::Javascript::DOMMonitor do
         it 'does not include <p> elements' do
             load '/digest/p'
             subject.digest.should == '<HTML><HEAD><SCRIPT src=http://javascript' <<
-                '.browser.arachni/taint_tracer.js><SCRIPT><SCRIPT src=http://' <<
+                '.browser.arachni/taint_tracer.js><SCRIPT src=http://' <<
                 'javascript.browser.arachni/dom_monitor.js><SCRIPT><BODY><STRONG>'
         end
         it "does not include 'data-arachni-id' attributes" do
             load '/digest/data-arachni-id'
             subject.digest.should == '<HTML><HEAD><SCRIPT src=http://javascript' <<
-                '.browser.arachni/taint_tracer.js><SCRIPT><SCRIPT src=http://' <<
+                '.browser.arachni/taint_tracer.js><SCRIPT src=http://' <<
                 'javascript.browser.arachni/dom_monitor.js><SCRIPT><BODY><DIV ' <<
                 'id=my-id-div><DIV class=my-class-div>'
         end
@@ -143,68 +143,403 @@ describe Arachni::Browser::Javascript::DOMMonitor do
     end
     describe '#elements_with_events' do
-        it 'returns information about all DOM elements along with their events' do
-            load '/elements_with_events'
-            subject.elements_with_events.should == [
-                { 'tag_name' => 'html', 'events' => [], 'attributes' => {}
-                },
-                {
-                    'tag_name' => 'body', 'events' => [], 'attributes' => {}
-                },
-                {
-                    'tag_name'   => 'button',
-                    'events'     => [
-                        ['click', 'function (my_button_click) {}'],
-                        ['click', 'function (my_button_click2) {}'],
-                        ['onmouseover', 'function (my_button_onmouseover) {}']
-                    ],
-                    'attributes' => { 'onclick' => 'handler_1()', 'id' => 'my-button' }
-                },
-                {
-                    'tag_name'   => 'button',
-                    'events'     => [
-                        ['click', 'function (my_button2_click) {}']
-                    ],
-                    'attributes' => { 'onclick' => 'handler_2()', 'id' => 'my-button2' }
-                 },
-                 {
-                     'tag_name' => 'button',
-                     'events' => [],
-                     'attributes' => { 'onclick' => 'handler_3()', 'id' => 'my-button3' }
-                 }
-            ]
-        end
         it 'skips non visible elements' do
             load '/elements_with_events/with-hidden'
             subject.elements_with_events.should == [
                 {
-                      'tag_name' => 'html',
-                        'events' => [],
+                    'tag_name' => 'html',
+                    'events' => [],
                     'attributes' => {}
                 },
-                 {
-                      'tag_name' => 'body',
-                        'events' => [],
+                {
+                    'tag_name' => 'body',
+                    'events' => [],
                     'attributes' => {}
                 },
-                 {
-                      'tag_name' => 'button',
-                        'events' => [
-                         [
-                             'click',
-                             'function (my_button_click) {}'
+                {
+                    'tag_name' => 'button',
+                    'events' => [
+                        [
+                            'click',
+                            'function (my_button_click) {}'
                         ]
                     ],
                     'attributes' => {
                         'onclick' => 'handler_1()',
-                             'id' => 'my-button'
+                        'id' => 'my-button'
                     }
                 }
             ]
         end
+        context 'when it has a dot delimited custom event' do
+            it 'retains the first part' do
+                load '/elements_with_events/custom-dot-delimited'
+                subject.elements_with_events.should == [
+                    {
+                        "tag_name"   => "html",
+                        "events"     => [],
+                        "attributes" => {}
+                    },
+                    {
+                        "tag_name"   => "body",
+                        "events"     => [],
+                        "attributes" => {
+                            "style" => ""
+                        }
+                    },
+                    {
+                        "tag_name"   => "button",
+                        "events"     =>
+                            [
+                                [
+                                    "click",
+                                    "function (e) {\n\t\t\t\t// Discard the second event of a jQuery.event.trigger() and\n\t\t\t\t// when an event is called after a page has unloaded\n\t\t\t\treturn typeof jQuery !== core_strundefined && (!e || jQuery.event.triggered !== e.type) ?\n\t\t\t\t\tjQuery.event.dispatch.apply( eventHandle.elem, arguments ) :\n\t\t\t\t\tundefined;\n\t\t\t}"
+                                ]
+                            ],
+                        "attributes" => {
+                            "id" => "my-button"
+                        }
+                    }
+                ]
+            end
+        end
+        context 'when using' do
+            context 'event attributes' do
+                it 'returns information about all DOM elements along with their events' do
+                    load '/elements_with_events/attributes'
+                    subject.elements_with_events.should == [
+                        { 'tag_name' => 'html', 'events' => [], 'attributes' => {}
+                        },
+                        {
+                            'tag_name' => 'body', 'events' => [], 'attributes' => {}
+                        },
+                        {
+                            'tag_name'   => 'button',
+                            'events'     => [],
+                            'attributes' => { 'onclick' => 'handler_1()', 'id' => 'my-button' }
+                        },
+                        {
+                            'tag_name'   => 'button',
+                            'events'     => [],
+                            'attributes' => { 'onclick' => 'handler_2()', 'id' => 'my-button2' }
+                         },
+                         {
+                             'tag_name' => 'button',
+                             'events' => [],
+                             'attributes' => { 'onclick' => 'handler_3()', 'id' => 'my-button3' }
+                         }
+                    ]
+                end
+            end
+            context 'event listeners' do
+                it 'returns information about all DOM elements along with their events' do
+                    load '/elements_with_events/listeners'
+                    subject.elements_with_events.should == [
+                        { 'tag_name' => 'html', 'events' => [], 'attributes' => {}
+                        },
+                        {
+                            'tag_name' => 'body', 'events' => [], 'attributes' => {}
+                        },
+                        {
+                            'tag_name'   => 'button',
+                            'events'     => [
+                                ['click', 'function (my_button_click) {}'],
+                                ['click', 'function (my_button_click2) {}'],
+                                ['onmouseover', 'function (my_button_onmouseover) {}']
+                            ],
+                            'attributes' => { 'id' => 'my-button' }
+                        },
+                        {
+                            'tag_name'   => 'button',
+                            'events'     => [
+                                ['click', 'function (my_button2_click) {}']
+                            ],
+                            'attributes' => { 'id' => 'my-button2' }
+                        },
+                        {
+                            'tag_name' => 'button',
+                            'events' => [],
+                            'attributes' => { 'id' => 'my-button3' }
+                        }
+                    ]
+                end
+            end
+            context 'jQuery' do
+                describe 'on()' do
+                    it 'returns information about all DOM elements along with their events' do
+                        load '/elements_with_events/jQuery.on'
+                        subject.elements_with_events.should == [
+                            {
+                                'tag_name'   => 'html',
+                                'events'     => [],
+                                'attributes' => {}
+                            },
+                            {
+                                'tag_name'   => 'body',
+                                'events'     => [],
+                                'attributes' => {
+                                    'style' => ''
+                                }
+                            },
+                            {
+                                'tag_name'   => 'button',
+                                'events'     => [
+                                    [
+                                        'click',
+                                        "function (e) {\n\t\t\t\t// Discard the second event of a jQuery.event.trigger() and\n\t\t\t\t// when an event is called after a page has unloaded\n\t\t\t\treturn typeof jQuery !== core_strundefined && (!e || jQuery.event.triggered !== e.type) ?\n\t\t\t\t\tjQuery.event.dispatch.apply( eventHandle.elem, arguments ) :\n\t\t\t\t\tundefined;\n\t\t\t}"
+                                    ]
+                                ],
+                                'attributes' => {
+                                    'id' => 'my-button'
+                                }
+                            }
+                        ]
+                    end
+                    context 'when using a selector' do
+                        it 'assigns the events to elements that match it' do
+                            load '/elements_with_events/jQuery.on-selector'
+                            subject.elements_with_events.should == [
+                                {
+                                    "tag_name"   => "html",
+                                    "events"     => [],
+                                    "attributes" => {}
+                                },
+                                {
+                                    "tag_name"   => "body",
+                                    "events"     =>
+                                        [
+                                            [
+                                                "click",
+                                                "function (e) {\n\t\t\t\t// Discard the second event of a jQuery.event.trigger() and\n\t\t\t\t// when an event is called after a page has unloaded\n\t\t\t\treturn typeof jQuery !== core_strundefined && (!e || jQuery.event.triggered !== e.type) ?\n\t\t\t\t\tjQuery.event.dispatch.apply( eventHandle.elem, arguments ) :\n\t\t\t\t\tundefined;\n\t\t\t}"
+                                            ],
+                                            [
+                                                "hover",
+                                                "function (e) {\n\t\t\t\t// Discard the second event of a jQuery.event.trigger() and\n\t\t\t\t// when an event is called after a page has unloaded\n\t\t\t\treturn typeof jQuery !== core_strundefined && (!e || jQuery.event.triggered !== e.type) ?\n\t\t\t\t\tjQuery.event.dispatch.apply( eventHandle.elem, arguments ) :\n\t\t\t\t\tundefined;\n\t\t\t}"
+                                            ]
+                                        ],
+                                    "attributes" => {
+                                        "style" => "",
+                                        "id"    => "body"
+                                    }
+                                },
+                                {
+                                    "tag_name"   => "button",
+                                    "events"     =>
+                                        [
+                                            [
+                                                "click",
+                                                "function () {\n\n            }"
+                                            ],
+                                            [
+                                                "hover",
+                                                "function () {\n\n            }"
+                                            ]
+                                        ],
+                                    "attributes" => {
+                                        "id" => "my-button"
+                                    }
+                                },
+                                {
+                                    "tag_name"   => "button",
+                                    "events"     => [
+                                        [
+                                            "click", "function () {\n\n            }"
+                                        ]
+                                    ],
+                                    "attributes" => {
+                                        "id" => "my-button-2"
+                                    }
+                                }
+                            ]
+                        end
+                    end
+                    context 'when using object types' do
+                        it 'returns information about all DOM elements along with their events' do
+                            load '/elements_with_events/jQuery.on-object-types'
+                            subject.elements_with_events.should == [
+                                {
+                                    "tag_name"   => "html",
+                                    "events"     => [],
+                                    "attributes" => {}
+                                },
+                                {
+                                    "tag_name"   => "body",
+                                    "events"     => [],
+                                    "attributes" => {
+                                        "style" => ""
+                                    }
+                                },
+                                {
+                                    "tag_name"   => "button",
+                                    "events"     =>
+                                        [
+                                            [
+                                                "click",
+                                                "function (e) {\n\t\t\t\t// Discard the second event of a jQuery.event.trigger() and\n\t\t\t\t// when an event is called after a page has unloaded\n\t\t\t\treturn typeof jQuery !== core_strundefined && (!e || jQuery.event.triggered !== e.type) ?\n\t\t\t\t\tjQuery.event.dispatch.apply( eventHandle.elem, arguments ) :\n\t\t\t\t\tundefined;\n\t\t\t}"
+                                            ],
+                                            [
+                                                "hover",
+                                                "function (e) {\n\t\t\t\t// Discard the second event of a jQuery.event.trigger() and\n\t\t\t\t// when an event is called after a page has unloaded\n\t\t\t\treturn typeof jQuery !== core_strundefined && (!e || jQuery.event.triggered !== e.type) ?\n\t\t\t\t\tjQuery.event.dispatch.apply( eventHandle.elem, arguments ) :\n\t\t\t\t\tundefined;\n\t\t\t}"
+                                            ]
+                                        ],
+                                    "attributes" => {
+                                        "id" => "my-button"
+                                    }
+                                }
+                            ]
+                        end
+                        context 'when using a selector' do
+                            it 'assigns the events to elements that match it' do
+                                load '/elements_with_events/jQuery.on-object-types-selector'
+                                pp subject.elements_with_events.should == [
+                                    {
+                                        "tag_name"   => "html",
+                                        "events"     => [],
+                                        "attributes" => {}
+                                    },
+                                    {
+                                        "tag_name"   => "body",
+                                        "events"     => [
+                                            ["click",
+                                             "function (e) {\n\t\t\t\t// Discard the second event of a jQuery.event.trigger() and\n\t\t\t\t// when an event is called after a page has unloaded\n\t\t\t\treturn typeof jQuery !== core_strundefined && (!e || jQuery.event.triggered !== e.type) ?\n\t\t\t\t\tjQuery.event.dispatch.apply( eventHandle.elem, arguments ) :\n\t\t\t\t\tundefined;\n\t\t\t}"
+                                            ],
+                                            [
+                                                "hover",
+                                                "function (e) {\n\t\t\t\t// Discard the second event of a jQuery.event.trigger() and\n\t\t\t\t// when an event is called after a page has unloaded\n\t\t\t\treturn typeof jQuery !== core_strundefined && (!e || jQuery.event.triggered !== e.type) ?\n\t\t\t\t\tjQuery.event.dispatch.apply( eventHandle.elem, arguments ) :\n\t\t\t\t\tundefined;\n\t\t\t}"
+                                            ]
+                                        ],
+                                        "attributes" => {
+                                            "id"    => "body",
+                                            "style" => ""
+                                        }
+                                    },
+                                    {
+                                        "tag_name"   => "button",
+                                        "events"     => [
+                                            [
+                                                "click", "function () {}"
+                                            ],
+                                            [
+                                                "hover", "function () {}"
+                                            ]
+                                        ],
+                                        "attributes" => {
+                                            "id" => "my-button"
+                                        }
+                                    },
+                                    {
+                                        "tag_name"   => "button",
+                                        "events"     => [],
+                                        "attributes" => {
+                                            "id" => "my-button-2"
+                                        }
+                                    }
+                                ]
+                            end
+                        end
+                    end
+                end
+                describe 'delegate()' do
+                    it 'returns information about all DOM elements along with their events' do
+                        load '/elements_with_events/jQuery.delegate'
+                        subject.elements_with_events.should ==  [
+                            {
+                                "tag_name"   => "html",
+                                "events"     => [],
+                                "attributes" => {}
+                            },
+                            {
+                                "tag_name"   => "body",
+                                "events"     =>
+                                    [
+                                        [
+                                            "click",
+                                            "function (e) {\n\t\t\t\t// Discard the second event of a jQuery.event.trigger() and\n\t\t\t\t// when an event is called after a page has unloaded\n\t\t\t\treturn typeof jQuery !== core_strundefined && (!e || jQuery.event.triggered !== e.type) ?\n\t\t\t\t\tjQuery.event.dispatch.apply( eventHandle.elem, arguments ) :\n\t\t\t\t\tundefined;\n\t\t\t}"
+                                        ]
+                                    ],
+                                "attributes" => {
+                                    "style" => "",
+                                    "id"    => "body"
+                                }
+                            },
+                            {
+                                "tag_name"   => "button",
+                                "events"     => [
+                                    [
+                                        "click",
+                                        "function () {}"
+                                    ]
+                                ],
+                                "attributes" => {
+                                    "id" => "my-button"
+                                }
+                            }
+                        ]
+                    end
+                    context 'when using object types' do
+                        it 'returns information about all DOM elements along with their events' do
+                            load '/elements_with_events/jQuery.delegate'
+                            subject.elements_with_events.should == [
+                                {
+                                    "tag_name"   => "html",
+                                    "events"     => [],
+                                    "attributes" => {}
+                                },
+                                {
+                                    "tag_name"   => "body",
+                                    "events"     =>
+                                        [
+                                            [
+                                                "click",
+                                                "function (e) {\n\t\t\t\t// Discard the second event of a jQuery.event.trigger() and\n\t\t\t\t// when an event is called after a page has unloaded\n\t\t\t\treturn typeof jQuery !== core_strundefined && (!e || jQuery.event.triggered !== e.type) ?\n\t\t\t\t\tjQuery.event.dispatch.apply( eventHandle.elem, arguments ) :\n\t\t\t\t\tundefined;\n\t\t\t}"
+                                            ]
+                                        ],
+                                    "attributes" => {
+                                        "id"    => "body",
+                                        "style" => ""
+                                    }
+                                },
+                                {
+                                    "tag_name"   => "button",
+                                    "events"     => [
+                                        [
+                                            "click",
+                                            "function () {}"
+                                        ]
+                                    ],
+                                    "attributes" => {
+                                        "id" => "my-button"
+                                    }
+                                }
+                            ]
+                        end
+                    end
+                end
+            end
+        end
     end
 end