arachni 1.2.1 → 1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +66 -0
- data/Gemfile +1 -1
- data/README.md +16 -5
- data/components/checks/active/ldap_injection/errors.txt +1 -0
- data/components/checks/active/source_code_disclosure.rb +1 -1
- data/components/checks/active/unvalidated_redirect.rb +6 -6
- data/components/checks/active/unvalidated_redirect_dom.rb +10 -7
- data/components/checks/passive/grep/captcha.rb +14 -5
- data/components/checks/passive/grep/form_upload.rb +7 -3
- data/components/checks/passive/grep/hsts.rb +3 -3
- data/components/checks/passive/grep/html_objects.rb +2 -3
- data/components/checks/passive/grep/http_only_cookies.rb +2 -3
- data/components/checks/passive/grep/insecure_cookies.rb +1 -1
- data/components/checks/passive/grep/password_autocomplete.rb +2 -2
- data/components/checks/passive/grep/unencrypted_password_forms.rb +7 -7
- data/components/checks/passive/grep/x_frame_options.rb +2 -2
- data/components/checks/passive/http_put.rb +2 -3
- data/components/path_extractors/comments.rb +3 -3
- data/components/path_extractors/scripts.rb +10 -1
- data/components/plugins/defaults/autothrottle.rb +27 -18
- data/components/plugins/defaults/meta/remedies/discovery.rb +30 -33
- data/components/plugins/defaults/meta/remedies/timing_attacks.rb +7 -11
- data/components/plugins/login_script.rb +9 -3
- data/components/plugins/proxy.rb +4 -3
- data/components/reporters/html.rb +11 -14
- data/components/reporters/html/default/issue.erb +13 -38
- data/components/reporters/html/default/issue/info.erb +1 -1
- data/components/reporters/html/default/summary/issues/by_name.erb +3 -3
- data/components/reporters/stdout.rb +62 -71
- data/components/reporters/xml.rb +26 -40
- data/components/reporters/xml/schema.xsd +43 -89
- data/lib/arachni/browser.rb +52 -3
- data/lib/arachni/browser/javascript.rb +3 -3
- data/lib/arachni/browser/javascript/scripts/taint_tracer.js +46 -25
- data/lib/arachni/browser_cluster.rb +61 -0
- data/lib/arachni/browser_cluster/job.rb +21 -1
- data/lib/arachni/browser_cluster/jobs/browser_provider.rb +3 -1
- data/lib/arachni/browser_cluster/jobs/resource_exploration.rb +2 -1
- data/lib/arachni/browser_cluster/jobs/resource_exploration/event_trigger.rb +2 -1
- data/lib/arachni/browser_cluster/jobs/taint_trace.rb +3 -2
- data/lib/arachni/browser_cluster/jobs/taint_trace/event_trigger.rb +1 -1
- data/lib/arachni/browser_cluster/worker.rb +5 -0
- data/lib/arachni/check/auditor.rb +22 -12
- data/lib/arachni/data/framework.rb +13 -1
- data/lib/arachni/data/issues.rb +9 -25
- data/lib/arachni/element/base.rb +9 -3
- data/lib/arachni/element/capabilities/analyzable.rb +2 -6
- data/lib/arachni/element/capabilities/analyzable/differential.rb +24 -7
- data/lib/arachni/element/capabilities/analyzable/{taint.rb → signature.rb} +23 -23
- data/lib/arachni/element/capabilities/auditable.rb +0 -6
- data/lib/arachni/element/capabilities/dom_only.rb +61 -0
- data/lib/arachni/element/capabilities/with_dom.rb +3 -1
- data/lib/arachni/element/cookie.rb +35 -5
- data/lib/arachni/element/cookie/dom.rb +13 -4
- data/lib/arachni/element/{capabilities/auditable/dom.rb → dom.rb} +20 -68
- data/lib/arachni/element/dom/capabilities/auditable.rb +29 -0
- data/lib/arachni/element/dom/capabilities/inputtable.rb +27 -0
- data/lib/arachni/element/dom/capabilities/mutable.rb +21 -0
- data/lib/arachni/element/dom/capabilities/submittable.rb +52 -0
- data/lib/arachni/element/form.rb +12 -1
- data/lib/arachni/element/form/capabilities/mutable.rb +2 -1
- data/lib/arachni/element/form/capabilities/with_dom.rb +0 -1
- data/lib/arachni/element/form/dom.rb +9 -3
- data/lib/arachni/element/header.rb +14 -33
- data/lib/arachni/element/header/capabilities/inputtable.rb +29 -0
- data/lib/arachni/element/header/capabilities/mutable.rb +51 -0
- data/lib/arachni/element/input/dom.rb +71 -0
- data/lib/arachni/element/json.rb +2 -0
- data/lib/arachni/element/link.rb +3 -0
- data/lib/arachni/element/link/capabilities/with_dom.rb +0 -1
- data/lib/arachni/element/link/dom.rb +16 -3
- data/lib/arachni/element/link/dom/capabilities/submittable.rb +29 -0
- data/lib/arachni/element/link_template.rb +3 -5
- data/lib/arachni/element/link_template/capabilities/inputtable.rb +5 -0
- data/lib/arachni/element/link_template/capabilities/with_dom.rb +0 -1
- data/lib/arachni/element/link_template/dom.rb +16 -3
- data/lib/arachni/element/link_template/dom/capabilities/submittable.rb +29 -0
- data/lib/arachni/element/server.rb +3 -5
- data/lib/arachni/element/ui_form.rb +106 -0
- data/lib/arachni/element/ui_form/dom.rb +107 -0
- data/lib/arachni/element/ui_input.rb +62 -0
- data/lib/arachni/element/xml.rb +2 -1
- data/lib/arachni/framework.rb +7 -5
- data/lib/arachni/framework/parts/audit.rb +0 -1
- data/lib/arachni/framework/parts/check.rb +1 -0
- data/lib/arachni/framework/parts/data.rb +4 -0
- data/lib/arachni/framework/parts/state.rb +0 -2
- data/lib/arachni/http/client.rb +17 -6
- data/lib/arachni/http/proxy_server.rb +52 -5
- data/lib/arachni/http/request.rb +1 -1
- data/lib/arachni/issue.rb +34 -179
- data/lib/arachni/issue/severity.rb +2 -0
- data/lib/arachni/option_groups/audit.rb +22 -2
- data/lib/arachni/option_groups/browser_cluster.rb +15 -0
- data/lib/arachni/page.rb +3 -2
- data/lib/arachni/parser.rb +24 -5
- data/lib/arachni/platform/manager.rb +1 -2
- data/lib/arachni/rpc/server/framework.rb +3 -4
- data/lib/arachni/rpc/server/framework/multi_instance.rb +2 -1
- data/lib/arachni/session.rb +1 -1
- data/lib/arachni/trainer.rb +4 -7
- data/lib/arachni/watir/element.rb +12 -1
- data/lib/version +1 -1
- data/spec/arachni/browser/element_locator_spec.rb +43 -43
- data/spec/arachni/browser/javascript/dom_monitor_spec.rb +44 -44
- data/spec/arachni/browser/javascript/proxy/stub_spec.rb +17 -14
- data/spec/arachni/browser/javascript/proxy_spec.rb +24 -24
- data/spec/arachni/browser/javascript/taint_tracer/frame/called_function_spec.rb +11 -11
- data/spec/arachni/browser/javascript/taint_tracer/frame_spec.rb +7 -7
- data/spec/arachni/browser/javascript/taint_tracer/sink/data_flow_spec.rb +13 -13
- data/spec/arachni/browser/javascript/taint_tracer/sink/execution_flow_spec.rb +7 -7
- data/spec/arachni/browser/javascript/taint_tracer_spec.rb +568 -558
- data/spec/arachni/browser/javascript_spec.rb +73 -63
- data/spec/arachni/browser_cluster/job/result_spec.rb +3 -3
- data/spec/arachni/browser_cluster/job_spec.rb +68 -48
- data/spec/arachni/browser_cluster/jobs/resource_exploration/event_trigger/result_spec.rb +2 -2
- data/spec/arachni/browser_cluster/jobs/resource_exploration/event_trigger_spec.rb +5 -4
- data/spec/arachni/browser_cluster/jobs/resource_exploration/result_spec.rb +2 -2
- data/spec/arachni/browser_cluster/jobs/resource_exploration_spec.rb +5 -5
- data/spec/arachni/browser_cluster/worker_spec.rb +87 -70
- data/spec/arachni/browser_cluster_spec.rb +64 -39
- data/spec/arachni/browser_spec.rb +692 -527
- data/spec/arachni/check/auditor_spec.rb +177 -147
- data/spec/arachni/check/base_spec.rb +33 -33
- data/spec/arachni/check/manager_spec.rb +15 -15
- data/spec/arachni/component/base_spec.rb +8 -8
- data/spec/arachni/component/manager_spec.rb +100 -99
- data/spec/arachni/component/options/address_spec.rb +3 -3
- data/spec/arachni/component/options/base_spec.rb +7 -7
- data/spec/arachni/component/options/bool_spec.rb +9 -9
- data/spec/arachni/component/options/float_spec.rb +6 -6
- data/spec/arachni/component/options/int_spec.rb +5 -5
- data/spec/arachni/component/options/multiple_choice_spec.rb +12 -12
- data/spec/arachni/component/options/object_spec.rb +2 -2
- data/spec/arachni/component/options/path_spec.rb +3 -3
- data/spec/arachni/component/options/port_spec.rb +5 -5
- data/spec/arachni/component/options/string_spec.rb +3 -3
- data/spec/arachni/component/options/url_spec.rb +4 -4
- data/spec/arachni/component/utilities_spec.rb +2 -2
- data/spec/arachni/data/framework/rpc_spec.rb +10 -9
- data/spec/arachni/data/framework_spec.rb +65 -46
- data/spec/arachni/data/issues_spec.rb +39 -77
- data/spec/arachni/data/plugins_spec.rb +11 -11
- data/spec/arachni/data/session_spec.rb +6 -6
- data/spec/arachni/data_spec.rb +8 -8
- data/spec/arachni/element/body_spec.rb +10 -10
- data/spec/arachni/element/capabilities/analyzable/differential_spec.rb +39 -21
- data/spec/arachni/element/capabilities/analyzable/{taint_spec.rb → signature_spec.rb} +63 -63
- data/spec/arachni/element/capabilities/analyzable/timeout_spec.rb +51 -51
- data/spec/arachni/element/capabilities/with_scope/scope_spec.rb +5 -5
- data/spec/arachni/element/cookie/dom_spec.rb +37 -18
- data/spec/arachni/element/cookie_spec.rb +206 -139
- data/spec/arachni/element/form/dom_spec.rb +36 -19
- data/spec/arachni/element/form_spec.rb +210 -187
- data/spec/arachni/element/generic_dom_spec.rb +14 -14
- data/spec/arachni/element/header_spec.rb +35 -17
- data/spec/arachni/element/json_spec.rb +53 -31
- data/spec/arachni/element/link/dom_spec.rb +46 -28
- data/spec/arachni/element/link_spec.rb +58 -40
- data/spec/arachni/element/link_template/dom_spec.rb +47 -29
- data/spec/arachni/element/link_template_spec.rb +79 -61
- data/spec/arachni/element/path_spec.rb +1 -1
- data/spec/arachni/element/server_spec.rb +33 -32
- data/spec/arachni/element/ui_form/ui_form_dom_spec.rb +164 -0
- data/spec/arachni/element/ui_form_spec.rb +242 -0
- data/spec/arachni/element/ui_input/dom_spec.rb +157 -0
- data/spec/arachni/element/ui_input_spec.rb +136 -0
- data/spec/arachni/element/xml_spec.rb +42 -24
- data/spec/arachni/element_filter_spec.rb +49 -48
- data/spec/arachni/error_spec.rb +3 -3
- data/spec/arachni/framework/parts/audit_spec.rb +64 -63
- data/spec/arachni/framework/parts/browser_spec.rb +16 -16
- data/spec/arachni/framework/parts/check_spec.rb +3 -3
- data/spec/arachni/framework/parts/data_spec.rb +48 -48
- data/spec/arachni/framework/parts/platform_spec.rb +3 -3
- data/spec/arachni/framework/parts/plugin_spec.rb +7 -6
- data/spec/arachni/framework/parts/report_spec.rb +7 -7
- data/spec/arachni/framework/parts/scope_spec.rb +16 -16
- data/spec/arachni/framework/parts/state_spec.rb +68 -69
- data/spec/arachni/framework_spec.rb +39 -31
- data/spec/arachni/http/client/dynamic_404_handlers_spec.rb +32 -32
- data/spec/arachni/http/client_spec.rb +219 -208
- data/spec/arachni/http/cookie_jar_spec.rb +72 -72
- data/spec/arachni/http/headers_spec.rb +14 -14
- data/spec/arachni/http/proxy_server_spec.rb +43 -42
- data/spec/arachni/http/request_spec.rb +105 -103
- data/spec/arachni/http/response/scope_spec.rb +24 -24
- data/spec/arachni/http/response_spec.rb +50 -49
- data/spec/arachni/issue/severity_spec.rb +10 -9
- data/spec/arachni/issue_spec.rb +71 -369
- data/spec/arachni/option_groups/audit_spec.rb +114 -114
- data/spec/arachni/option_groups/browser_cluster_spec.rb +20 -3
- data/spec/arachni/option_groups/datastore_spec.rb +6 -6
- data/spec/arachni/option_groups/dispatcher_spec.rb +19 -19
- data/spec/arachni/option_groups/http_spec.rb +11 -11
- data/spec/arachni/option_groups/input_spec.rb +31 -27
- data/spec/arachni/option_groups/output_spec.rb +2 -2
- data/spec/arachni/option_groups/paths_spec.rb +17 -17
- data/spec/arachni/option_groups/rpc_spec.rb +2 -2
- data/spec/arachni/option_groups/scope_spec.rb +40 -40
- data/spec/arachni/option_groups/session_spec.rb +6 -5
- data/spec/arachni/option_groups/snapshot_spec.rb +4 -4
- data/spec/arachni/options_spec.rb +46 -45
- data/spec/arachni/page/dom/transition_spec.rb +74 -72
- data/spec/arachni/page/dom_spec.rb +35 -35
- data/spec/arachni/page/scope_spec.rb +15 -15
- data/spec/arachni/page_spec.rb +217 -217
- data/spec/arachni/parser_spec.rb +106 -104
- data/spec/arachni/platform/fingerprinter_spec.rb +17 -14
- data/spec/arachni/platform/list_spec.rb +33 -33
- data/spec/arachni/platform/manager_spec.rb +67 -64
- data/spec/arachni/plugin/base_spec.rb +10 -10
- data/spec/arachni/plugin/manager_spec.rb +38 -37
- data/spec/arachni/report_spec.rb +43 -40
- data/spec/arachni/reporter/base_spec.rb +15 -15
- data/spec/arachni/reporter/manager_spec.rb +4 -4
- data/spec/arachni/reporter/options_spec.rb +6 -6
- data/spec/arachni/rpc/client/base_spec.rb +6 -6
- data/spec/arachni/rpc/client/dispatcher_spec.rb +2 -2
- data/spec/arachni/rpc/client/instance_spec.rb +6 -6
- data/spec/arachni/rpc/server/active_options_spec.rb +11 -8
- data/spec/arachni/rpc/server/base_spec.rb +5 -5
- data/spec/arachni/rpc/server/checks/manager_spec.rb +8 -8
- data/spec/arachni/rpc/server/dispatcher/node_spec.rb +37 -37
- data/spec/arachni/rpc/server/dispatcher/service_spec.rb +15 -14
- data/spec/arachni/rpc/server/dispatcher_spec.rb +36 -35
- data/spec/arachni/rpc/server/framework/distributor_spec.rb +36 -36
- data/spec/arachni/rpc/server/framework_multi_spec.rb +340 -336
- data/spec/arachni/rpc/server/framework_spec.rb +90 -85
- data/spec/arachni/rpc/server/instance_spec.rb +126 -107
- data/spec/arachni/rpc/server/output_spec.rb +1 -1
- data/spec/arachni/rpc/server/plugin/manager_spec.rb +6 -6
- data/spec/arachni/ruby/array_spec.rb +42 -42
- data/spec/arachni/ruby/hash_spec.rb +20 -18
- data/spec/arachni/ruby/io_spec.rb +2 -2
- data/spec/arachni/ruby/object_spec.rb +1 -1
- data/spec/arachni/ruby/set_spec.rb +3 -3
- data/spec/arachni/ruby/string_spec.rb +30 -30
- data/spec/arachni/ruby/webrick_spec.rb +2 -2
- data/spec/arachni/scope_spec.rb +1 -1
- data/spec/arachni/session_spec.rb +67 -64
- data/spec/arachni/snapshot_spec.rb +15 -15
- data/spec/arachni/state/audit_spec.rb +11 -11
- data/spec/arachni/state/element_filter_spec.rb +6 -6
- data/spec/arachni/state/framework/rpc_spec.rb +12 -12
- data/spec/arachni/state/framework_spec.rb +125 -121
- data/spec/arachni/state/http_spec.rb +7 -7
- data/spec/arachni/state/options_spec.rb +7 -7
- data/spec/arachni/state/plugins_spec.rb +8 -8
- data/spec/arachni/state_spec.rb +10 -10
- data/spec/arachni/support/buffer/autoflush_spec.rb +16 -16
- data/spec/arachni/support/buffer/base_spec.rb +39 -39
- data/spec/arachni/support/cache/least_cost_replacement_spec.rb +18 -18
- data/spec/arachni/support/cache/least_recently_pushed_spec.rb +24 -24
- data/spec/arachni/support/cache/least_recently_used_spec.rb +20 -20
- data/spec/arachni/support/cache/preference_spec.rb +4 -4
- data/spec/arachni/support/cache/random_replacement_spec.rb +8 -8
- data/spec/arachni/support/crypto/rsa_aes_cbc_spec.rb +1 -1
- data/spec/arachni/support/database/hash_spec.rb +44 -43
- data/spec/arachni/support/database/queue_spec.rb +27 -27
- data/spec/arachni/support/lookup/hash_set_spec.rb +8 -8
- data/spec/arachni/support/lookup/moolb_spec.rb +3 -3
- data/spec/arachni/support/mixins/observable_spec.rb +6 -6
- data/spec/arachni/support/signature_spec.rb +19 -19
- data/spec/arachni/trainer_spec.rb +39 -39
- data/spec/arachni/typhoeus/hydra_spec.rb +2 -2
- data/spec/arachni/uri/scope_spec.rb +66 -66
- data/spec/arachni/uri_spec.rb +107 -105
- data/spec/arachni/utilities_spec.rb +40 -40
- data/spec/components/checks/active/csrf_spec.rb +8 -8
- data/spec/components/checks/active/no_sql_injection_spec.rb +1 -1
- data/spec/components/checks/active/sql_injection_spec.rb +16 -16
- data/spec/components/checks/active/trainer_spec.rb +4 -4
- data/spec/components/checks/active/unvalidated_redirect_dom_spec.rb +4 -2
- data/spec/components/checks/active/xpath_injection_spec.rb +1 -1
- data/spec/components/checks/active/xss_dom_script_context_spec.rb +51 -21
- data/spec/components/checks/active/xss_dom_spec.rb +46 -24
- data/spec/components/checks/passive/allowed_methods_spec.rb +1 -1
- data/spec/components/checks/passive/grep/cookie_set_for_parent_domain_spec.rb +1 -1
- data/spec/components/checks/passive/grep/hsts_spec.rb +2 -2
- data/spec/components/checks/passive/grep/http_only_cookies_spec.rb +1 -1
- data/spec/components/checks/passive/grep/insecure_cookies_spec.rb +1 -1
- data/spec/components/checks/passive/grep/insecure_cors_policy_spec.rb +2 -2
- data/spec/components/checks/passive/grep/password_autocomplete_spec.rb +1 -1
- data/spec/components/checks/passive/grep/private_ip_spec.rb +3 -3
- data/spec/components/checks/passive/grep/unencrypted_password_forms_spec.rb +1 -1
- data/spec/components/checks/passive/grep/x_frame_options_spec.rb +2 -2
- data/spec/components/checks/passive/interesting_responses_spec.rb +2 -2
- data/spec/components/checks/passive/webdav_spec.rb +1 -1
- data/spec/components/checks/passive/xst_spec.rb +1 -1
- data/spec/components/fingerprinters/servers/apache_spec.rb +2 -2
- data/spec/components/path_extractors/comments_spec.rb +5 -1
- data/spec/components/path_extractors/scripts_spec.rb +5 -2
- data/spec/components/plugins/autologin_spec.rb +22 -22
- data/spec/components/plugins/autothrottle_spec.rb +6 -5
- data/spec/components/plugins/content_types_spec.rb +4 -4
- data/spec/components/plugins/cookie_collector_spec.rb +5 -5
- data/spec/components/plugins/exec_spec.rb +12 -12
- data/spec/components/plugins/form_dicattack_spec.rb +3 -3
- data/spec/components/plugins/headers_collector_spec.rb +8 -8
- data/spec/components/plugins/healthmap_spec.rb +3 -3
- data/spec/components/plugins/http_dicattack_spec.rb +3 -3
- data/spec/components/plugins/login_script_spec.rb +79 -22
- data/spec/components/plugins/meta/remedies/discovery_spec.rb +3 -2
- data/spec/components/plugins/meta/remedies/timing_attacks_spec.rb +3 -3
- data/spec/components/plugins/meta/uniformity_spec.rb +2 -2
- data/spec/components/plugins/restrict_to_dom_state_spec.rb +1 -1
- data/spec/components/plugins/script_spec.rb +1 -1
- data/spec/components/plugins/uncommon_headers_spec.rb +2 -2
- data/spec/components/plugins/vector_collector_spec.rb +2 -2
- data/spec/components/plugins/vector_feed_spec.rb +40 -40
- data/spec/components/plugins/waf_detector_spec.rb +6 -6
- data/spec/components/reporters/json_spec.rb +4 -4
- data/spec/components/reporters/marshal_spec.rb +2 -2
- data/spec/components/reporters/yaml_spec.rb +3 -2
- data/spec/external/wavsep/active/sqli_spec.rb +1 -3
- data/spec/spec_helper.rb +4 -0
- data/spec/support/factories/element/ui_form.rb +14 -0
- data/spec/support/factories/element/ui_input.rb +13 -0
- data/spec/support/factories/issue.rb +0 -13
- data/spec/support/fixtures/report.afr +0 -0
- data/spec/support/fixtures/{taint_check/taint.rb → signature_check/signature.rb} +2 -2
- data/spec/support/helpers/browser_cluster/jobs/taint_tracer.rb +11 -11
- data/spec/support/helpers/framework.rb +1 -1
- data/spec/support/helpers/pages.rb +2 -2
- data/spec/support/servers/arachni/browser.rb +139 -0
- data/spec/support/servers/arachni/browser/javascript/taint_tracer.rb +40 -0
- data/spec/support/servers/arachni/element/capabilities/analyzable/{taint.rb → signature.rb} +0 -0
- data/spec/support/servers/arachni/element/input/input_dom.rb +102 -0
- data/spec/support/servers/arachni/element/ui_form/ui_form_dom.rb +238 -0
- data/spec/support/servers/checks/active/trainer_check.rb +7 -7
- data/spec/support/servers/checks/active/unvalidated_redirect_dom.rb +22 -6
- data/spec/support/servers/checks/active/xss_dom.rb +50 -0
- data/spec/support/servers/checks/active/xss_dom_script_context.rb +53 -0
- data/spec/support/shared/browser/javascript/taint_tracer/sink/base.rb +6 -6
- data/spec/support/shared/check.rb +10 -12
- data/spec/support/shared/component/options/base.rb +24 -24
- data/spec/support/shared/element/base.rb +25 -25
- data/spec/support/shared/element/capabilities/auditable.rb +116 -140
- data/spec/support/shared/element/capabilities/dom_only.rb +65 -0
- data/spec/support/shared/element/capabilities/inputtable.rb +71 -86
- data/spec/support/shared/element/capabilities/mutable.rb +122 -111
- data/spec/support/shared/element/capabilities/refreshable.rb +10 -10
- data/spec/support/shared/element/capabilities/{submitable.rb → submittable.rb} +26 -26
- data/spec/support/shared/element/capabilities/with_auditor.rb +10 -10
- data/spec/support/shared/element/capabilities/with_dom.rb +8 -8
- data/spec/support/shared/element/capabilities/with_node.rb +4 -6
- data/spec/support/shared/element/capabilities/with_scope.rb +2 -2
- data/spec/support/shared/element/capabilities/with_source.rb +6 -8
- data/spec/support/shared/element/dom.rb +144 -0
- data/spec/support/shared/element/dom/auditable.rb +42 -0
- data/spec/support/shared/element/dom/inputtable.rb +5 -0
- data/spec/support/shared/element/dom/mutable.rb +3 -0
- data/spec/support/shared/element/dom/submittable.rb +119 -0
- data/spec/support/shared/external/wavsep.rb +3 -3
- data/spec/support/shared/fingerprinter.rb +2 -2
- data/spec/support/shared/framework.rb +1 -1
- data/spec/support/shared/http/message.rb +9 -9
- data/spec/support/shared/option_group.rb +17 -17
- data/spec/support/shared/path_extractor.rb +1 -1
- data/spec/support/shared/plugin.rb +2 -2
- data/spec/support/shared/support/cache.rb +57 -57
- data/spec/support/shared/support/lookup.rb +25 -25
- data/ui/cli/framework.rb +22 -11
- data/ui/cli/framework/option_parser.rb +15 -0
- data/ui/cli/option_parser.rb +8 -1
- data/ui/cli/output.rb +2 -1
- metadata +54 -20
- data/components/checks/active/xss_dom_inputs.rb +0 -236
- data/spec/components/checks/active/xss_dom_inputs_spec.rb +0 -30
- data/spec/support/servers/checks/active/xss_dom_inputs.rb +0 -59
- data/spec/support/shared/element/capabilities/auditable/dom.rb +0 -322
|
@@ -21,34 +21,34 @@ describe Arachni::Check::Base do
|
|
|
21
21
|
|
|
22
22
|
describe '#session' do
|
|
23
23
|
it "returns #{Arachni::Framework}#session" do
|
|
24
|
-
subject.session.
|
|
24
|
+
expect(subject.session).to eq(framework.session)
|
|
25
25
|
end
|
|
26
26
|
end
|
|
27
27
|
|
|
28
28
|
describe '#plugins' do
|
|
29
29
|
it "returns #{Arachni::Framework}#plugins" do
|
|
30
|
-
subject.plugins.
|
|
30
|
+
expect(subject.plugins).to eq(framework.plugins)
|
|
31
31
|
end
|
|
32
32
|
end
|
|
33
33
|
|
|
34
34
|
describe '#has_platforms?' do
|
|
35
35
|
context 'when platforms are provided' do
|
|
36
36
|
before do
|
|
37
|
-
described_class.
|
|
37
|
+
allow(described_class).to receive(:info) { { platforms: [ :unix ] } }
|
|
38
38
|
end
|
|
39
39
|
|
|
40
40
|
it 'returns true' do
|
|
41
|
-
described_class.has_platforms
|
|
41
|
+
expect(described_class.has_platforms?).to be_truthy
|
|
42
42
|
end
|
|
43
43
|
end
|
|
44
44
|
|
|
45
45
|
context 'when platforms are not provided' do
|
|
46
46
|
before do
|
|
47
|
-
described_class.
|
|
47
|
+
allow(described_class).to receive(:info) { { platforms: [] } }
|
|
48
48
|
end
|
|
49
49
|
|
|
50
50
|
it 'returns false' do
|
|
51
|
-
described_class.has_platforms
|
|
51
|
+
expect(described_class.has_platforms?).to be_falsey
|
|
52
52
|
end
|
|
53
53
|
end
|
|
54
54
|
end
|
|
@@ -56,21 +56,21 @@ describe Arachni::Check::Base do
|
|
|
56
56
|
describe '#has_exempt_platforms?' do
|
|
57
57
|
context 'when exempt platforms are provided' do
|
|
58
58
|
before do
|
|
59
|
-
described_class.
|
|
59
|
+
allow(described_class).to receive(:info) { { exempt_platforms: [ :unix ] } }
|
|
60
60
|
end
|
|
61
61
|
|
|
62
62
|
it 'returns true' do
|
|
63
|
-
described_class.has_exempt_platforms
|
|
63
|
+
expect(described_class.has_exempt_platforms?).to be_truthy
|
|
64
64
|
end
|
|
65
65
|
end
|
|
66
66
|
|
|
67
67
|
context 'when exempt platforms are not provided' do
|
|
68
68
|
before do
|
|
69
|
-
described_class.
|
|
69
|
+
allow(described_class).to receive(:info) { { exempt_platforms: [] } }
|
|
70
70
|
end
|
|
71
71
|
|
|
72
72
|
it 'returns false' do
|
|
73
|
-
described_class.has_exempt_platforms
|
|
73
|
+
expect(described_class.has_exempt_platforms?).to be_falsey
|
|
74
74
|
end
|
|
75
75
|
end
|
|
76
76
|
end
|
|
@@ -78,118 +78,118 @@ describe Arachni::Check::Base do
|
|
|
78
78
|
describe '#supports_platforms?' do
|
|
79
79
|
context 'when empty platforms are given' do
|
|
80
80
|
it 'returns true' do
|
|
81
|
-
described_class.supports_platforms?([]).
|
|
81
|
+
expect(described_class.supports_platforms?([])).to be_truthy
|
|
82
82
|
end
|
|
83
83
|
end
|
|
84
84
|
|
|
85
85
|
context 'when no supported platforms are declared' do
|
|
86
86
|
before do
|
|
87
|
-
described_class.
|
|
87
|
+
allow(described_class).to receive(:info) { { platforms: [] } }
|
|
88
88
|
end
|
|
89
89
|
|
|
90
90
|
it 'returns true' do
|
|
91
|
-
described_class.supports_platforms?([]).
|
|
91
|
+
expect(described_class.supports_platforms?([])).to be_truthy
|
|
92
92
|
end
|
|
93
93
|
end
|
|
94
94
|
|
|
95
95
|
context 'when any of the given platforms are supported' do
|
|
96
96
|
before do
|
|
97
|
-
described_class.
|
|
97
|
+
allow(described_class).to receive(:info) { { platforms: [:php] } }
|
|
98
98
|
end
|
|
99
99
|
|
|
100
100
|
it 'returns true' do
|
|
101
|
-
described_class.supports_platforms?([:unix, :php]).
|
|
101
|
+
expect(described_class.supports_platforms?([:unix, :php])).to be_truthy
|
|
102
102
|
end
|
|
103
103
|
end
|
|
104
104
|
|
|
105
105
|
context 'when any of the given platforms are exempt' do
|
|
106
106
|
before do
|
|
107
|
-
described_class.
|
|
107
|
+
allow(described_class).to receive(:info) { { exempt_platforms: [:php] } }
|
|
108
108
|
end
|
|
109
109
|
|
|
110
110
|
it 'returns false' do
|
|
111
|
-
described_class.supports_platforms?([:unix, :php]).
|
|
111
|
+
expect(described_class.supports_platforms?([:unix, :php])).to be_falsey
|
|
112
112
|
end
|
|
113
113
|
end
|
|
114
114
|
|
|
115
115
|
context 'when a parent of any of the given platforms is supported' do
|
|
116
116
|
before do
|
|
117
|
-
described_class.
|
|
117
|
+
allow(described_class).to receive(:info) { { platforms: [:unix] } }
|
|
118
118
|
end
|
|
119
119
|
|
|
120
120
|
it 'returns true' do
|
|
121
|
-
described_class.supports_platforms?([:linux]).
|
|
121
|
+
expect(described_class.supports_platforms?([:linux])).to be_truthy
|
|
122
122
|
end
|
|
123
123
|
end
|
|
124
124
|
|
|
125
125
|
context 'when a parent of any of the given platforms is exempt' do
|
|
126
126
|
before do
|
|
127
|
-
described_class.
|
|
127
|
+
allow(described_class).to receive(:info) { { exempt_platforms: [:unix] } }
|
|
128
128
|
end
|
|
129
129
|
|
|
130
130
|
it 'returns false' do
|
|
131
|
-
described_class.supports_platforms?([:linux]).
|
|
131
|
+
expect(described_class.supports_platforms?([:linux])).to be_falsey
|
|
132
132
|
end
|
|
133
133
|
end
|
|
134
134
|
|
|
135
135
|
|
|
136
136
|
context 'when a child of any of the given platforms is supported' do
|
|
137
137
|
before do
|
|
138
|
-
described_class.
|
|
138
|
+
allow(described_class).to receive(:info) { { platforms: [:linux] } }
|
|
139
139
|
end
|
|
140
140
|
|
|
141
141
|
it 'returns true' do
|
|
142
|
-
described_class.supports_platforms?([:unix]).
|
|
142
|
+
expect(described_class.supports_platforms?([:unix])).to be_truthy
|
|
143
143
|
end
|
|
144
144
|
end
|
|
145
145
|
|
|
146
146
|
context 'when a child of any of the given platforms is exempt' do
|
|
147
147
|
before do
|
|
148
|
-
described_class.
|
|
148
|
+
allow(described_class).to receive(:info) { { exempt_platforms: [:linux] } }
|
|
149
149
|
end
|
|
150
150
|
|
|
151
151
|
it 'returns false' do
|
|
152
|
-
described_class.supports_platforms?([:unix]).
|
|
152
|
+
expect(described_class.supports_platforms?([:unix])).to be_falsey
|
|
153
153
|
end
|
|
154
154
|
end
|
|
155
155
|
|
|
156
156
|
context 'when none of the given platforms are not provided' do
|
|
157
157
|
before do
|
|
158
|
-
described_class.
|
|
158
|
+
allow(described_class).to receive(:info) { { platforms: [:windows] } }
|
|
159
159
|
end
|
|
160
160
|
|
|
161
161
|
it 'returns false' do
|
|
162
|
-
described_class.supports_platforms?([:unix]).
|
|
162
|
+
expect(described_class.supports_platforms?([:unix])).to be_falsey
|
|
163
163
|
end
|
|
164
164
|
end
|
|
165
165
|
|
|
166
166
|
context 'when none of the given platforms are exempt' do
|
|
167
167
|
before do
|
|
168
|
-
described_class.
|
|
168
|
+
allow(described_class).to receive(:info) { { exempt_platforms: [:windows] } }
|
|
169
169
|
end
|
|
170
170
|
|
|
171
171
|
it 'returns true' do
|
|
172
|
-
described_class.supports_platforms?([:unix]).
|
|
172
|
+
expect(described_class.supports_platforms?([:unix])).to be_truthy
|
|
173
173
|
end
|
|
174
174
|
end
|
|
175
175
|
|
|
176
176
|
context 'when any of the given platforms are exempt' do
|
|
177
177
|
before do
|
|
178
|
-
described_class.
|
|
178
|
+
allow(described_class).to receive(:info) { { exempt_platforms: [:windows, :linux] } }
|
|
179
179
|
end
|
|
180
180
|
|
|
181
181
|
it 'returns false' do
|
|
182
|
-
described_class.supports_platforms?([:unix]).
|
|
182
|
+
expect(described_class.supports_platforms?([:unix])).to be_falsey
|
|
183
183
|
end
|
|
184
184
|
end
|
|
185
185
|
|
|
186
186
|
context 'when a platforms of different type is exempt' do
|
|
187
187
|
before do
|
|
188
|
-
described_class.
|
|
188
|
+
allow(described_class).to receive(:info) { { exempt_platforms: [:windows] } }
|
|
189
189
|
end
|
|
190
190
|
|
|
191
191
|
it 'returns true' do
|
|
192
|
-
described_class.supports_platforms?([:ruby]).
|
|
192
|
+
expect(described_class.supports_platforms?([:ruby])).to be_truthy
|
|
193
193
|
end
|
|
194
194
|
end
|
|
195
195
|
|
|
@@ -20,8 +20,8 @@ describe Arachni::Check::Manager do
|
|
|
20
20
|
describe '#load' do
|
|
21
21
|
it 'loads all checks' do
|
|
22
22
|
all = checks.load_all
|
|
23
|
-
all.size.
|
|
24
|
-
all.sort.
|
|
23
|
+
expect(all.size).to equal 3
|
|
24
|
+
expect(all.sort).to eq(checks.keys.sort)
|
|
25
25
|
end
|
|
26
26
|
end
|
|
27
27
|
|
|
@@ -35,7 +35,7 @@ describe Arachni::Check::Manager do
|
|
|
35
35
|
checks = Arachni::Framework.new.checks
|
|
36
36
|
|
|
37
37
|
expect { checks[:with_invalid_platforms] }.to raise_error described_class::Error::InvalidPlatforms
|
|
38
|
-
checks.include?(:with_invalid_platforms).
|
|
38
|
+
expect(checks.include?(:with_invalid_platforms)).to be_falsey
|
|
39
39
|
end
|
|
40
40
|
end
|
|
41
41
|
end
|
|
@@ -46,36 +46,36 @@ describe Arachni::Check::Manager do
|
|
|
46
46
|
checks.load :test2
|
|
47
47
|
checks.load :test3
|
|
48
48
|
checks.load :test
|
|
49
|
-
checks.schedule.
|
|
49
|
+
expect(checks.schedule).to eq([checks[:test], checks[:test2], checks[:test3]])
|
|
50
50
|
|
|
51
51
|
checks.clear
|
|
52
52
|
|
|
53
53
|
checks.load :test2
|
|
54
|
-
checks.schedule.
|
|
54
|
+
expect(checks.schedule).to eq([checks[:test2]])
|
|
55
55
|
|
|
56
56
|
checks.clear
|
|
57
57
|
|
|
58
58
|
checks.load :test
|
|
59
|
-
checks.schedule.
|
|
59
|
+
expect(checks.schedule).to eq([checks[:test]])
|
|
60
60
|
|
|
61
61
|
checks.clear
|
|
62
62
|
|
|
63
63
|
checks.load :test, :test3
|
|
64
|
-
checks.schedule.
|
|
64
|
+
expect(checks.schedule).to eq([checks[:test], checks[:test3]])
|
|
65
65
|
end
|
|
66
66
|
end
|
|
67
67
|
|
|
68
68
|
describe '#with_platforms' do
|
|
69
69
|
it 'returns checks which target specific platforms' do
|
|
70
70
|
checks.load_all
|
|
71
|
-
checks.with_platforms.keys.
|
|
71
|
+
expect(checks.with_platforms.keys).to eq(['test2'])
|
|
72
72
|
end
|
|
73
73
|
end
|
|
74
74
|
|
|
75
75
|
describe '#without_platforms' do
|
|
76
76
|
it 'returns checks which do not target specific platforms' do
|
|
77
77
|
checks.load_all
|
|
78
|
-
checks.without_platforms.keys.sort.
|
|
78
|
+
expect(checks.without_platforms.keys.sort).to eq(%w(test test3).sort)
|
|
79
79
|
end
|
|
80
80
|
end
|
|
81
81
|
|
|
@@ -83,8 +83,8 @@ describe Arachni::Check::Manager do
|
|
|
83
83
|
it 'runs all checks' do
|
|
84
84
|
checks.load_all
|
|
85
85
|
checks.run( page )
|
|
86
|
-
issues.size.
|
|
87
|
-
issues.first.name.
|
|
86
|
+
expect(issues.size).to equal 1
|
|
87
|
+
expect(issues.first.name).to eq(checks['test'].info[:issue][:name])
|
|
88
88
|
end
|
|
89
89
|
end
|
|
90
90
|
|
|
@@ -92,14 +92,14 @@ describe Arachni::Check::Manager do
|
|
|
92
92
|
it 'runs a single check' do
|
|
93
93
|
checks.load :test
|
|
94
94
|
checks.run_one( checks.values.first, page )
|
|
95
|
-
issues.size.
|
|
96
|
-
issues.first.name.
|
|
95
|
+
expect(issues.size).to equal 1
|
|
96
|
+
expect(issues.first.name).to eq(checks['test'].info[:issue][:name])
|
|
97
97
|
end
|
|
98
98
|
|
|
99
99
|
context 'when the check was ran' do
|
|
100
100
|
it 'returns true' do
|
|
101
101
|
checks.load :test
|
|
102
|
-
checks.run_one( checks.values.first, page ).
|
|
102
|
+
expect(checks.run_one( checks.values.first, page )).to be_truthy
|
|
103
103
|
end
|
|
104
104
|
end
|
|
105
105
|
|
|
@@ -109,7 +109,7 @@ describe Arachni::Check::Manager do
|
|
|
109
109
|
|
|
110
110
|
allow(Arachni::Checks::Test).to receive(:check?).and_return(false)
|
|
111
111
|
|
|
112
|
-
checks.run_one( checks.values.first, page ).
|
|
112
|
+
expect(checks.run_one( checks.values.first, page )).to be_falsey
|
|
113
113
|
end
|
|
114
114
|
end
|
|
115
115
|
end
|
|
@@ -18,46 +18,46 @@ describe Arachni::Component::Base do
|
|
|
18
18
|
let(:info) { Subject.info }
|
|
19
19
|
|
|
20
20
|
it "includes #{Arachni::Component::Output}" do
|
|
21
|
-
subject.
|
|
21
|
+
expect(subject).to include Arachni::Component::Output
|
|
22
22
|
end
|
|
23
23
|
|
|
24
24
|
it "includes #{Arachni::Component::Utilities}" do
|
|
25
|
-
subject.
|
|
25
|
+
expect(subject).to include Arachni::Component::Utilities
|
|
26
26
|
end
|
|
27
27
|
|
|
28
28
|
describe '.shortname=' do
|
|
29
29
|
it 'sets the .shortname' do
|
|
30
30
|
subject.shortname = :blah
|
|
31
|
-
subject.shortname.
|
|
31
|
+
expect(subject.shortname).to eq(:blah)
|
|
32
32
|
end
|
|
33
33
|
|
|
34
34
|
it 'sets the #shortname' do
|
|
35
35
|
subject.shortname = :blah
|
|
36
|
-
subject.new.shortname.
|
|
36
|
+
expect(subject.new.shortname).to eq(:blah)
|
|
37
37
|
end
|
|
38
38
|
end
|
|
39
39
|
|
|
40
40
|
describe '.fullname' do
|
|
41
41
|
it 'returns the name' do
|
|
42
|
-
subject.fullname.
|
|
42
|
+
expect(subject.fullname).to eq(info[:name])
|
|
43
43
|
end
|
|
44
44
|
end
|
|
45
45
|
|
|
46
46
|
describe '.description' do
|
|
47
47
|
it 'returns the description' do
|
|
48
|
-
subject.description.
|
|
48
|
+
expect(subject.description).to eq(info[:description])
|
|
49
49
|
end
|
|
50
50
|
end
|
|
51
51
|
|
|
52
52
|
describe '.author' do
|
|
53
53
|
it 'returns the author' do
|
|
54
|
-
subject.author.
|
|
54
|
+
expect(subject.author).to eq(info[:author])
|
|
55
55
|
end
|
|
56
56
|
end
|
|
57
57
|
|
|
58
58
|
describe '.version' do
|
|
59
59
|
it 'returns the version' do
|
|
60
|
-
subject.version.
|
|
60
|
+
expect(subject.version).to eq(info[:version])
|
|
61
61
|
end
|
|
62
62
|
end
|
|
63
63
|
|
|
@@ -12,26 +12,26 @@ describe Arachni::Component::Manager do
|
|
|
12
12
|
|
|
13
13
|
describe '#lib' do
|
|
14
14
|
it 'returns the component library' do
|
|
15
|
-
@components.lib.
|
|
15
|
+
expect(@components.lib).to eq(@lib)
|
|
16
16
|
end
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
describe '#namespace' do
|
|
20
20
|
it 'returns the namespace under which all components are defined' do
|
|
21
|
-
@components.namespace.
|
|
21
|
+
expect(@components.namespace).to eq(@namespace)
|
|
22
22
|
end
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
describe '#available' do
|
|
26
26
|
it 'returns all available components' do
|
|
27
|
-
@components.available.sort.
|
|
27
|
+
expect(@components.available.sort).to eq(available)
|
|
28
28
|
end
|
|
29
29
|
end
|
|
30
30
|
|
|
31
31
|
describe '#load_all' do
|
|
32
32
|
it 'loads all components' do
|
|
33
33
|
@components.load_all
|
|
34
|
-
@components.loaded.sort.
|
|
34
|
+
expect(@components.loaded.sort).to eq(@components.available.sort)
|
|
35
35
|
end
|
|
36
36
|
end
|
|
37
37
|
|
|
@@ -41,21 +41,21 @@ describe Arachni::Component::Manager do
|
|
|
41
41
|
context String do
|
|
42
42
|
it 'loads the component by name' do
|
|
43
43
|
@components.load( 'wait' )
|
|
44
|
-
@components.loaded.
|
|
44
|
+
expect(@components.loaded).to eq(%w(wait))
|
|
45
45
|
end
|
|
46
46
|
end
|
|
47
47
|
|
|
48
48
|
context Symbol do
|
|
49
49
|
it 'loads the component by name' do
|
|
50
50
|
@components.load( :wait )
|
|
51
|
-
@components.loaded.
|
|
51
|
+
expect(@components.loaded).to eq(%w(wait))
|
|
52
52
|
end
|
|
53
53
|
end
|
|
54
54
|
|
|
55
55
|
context Array do
|
|
56
56
|
it 'loads the components by name' do
|
|
57
57
|
@components.load( %w(bad distributable) )
|
|
58
|
-
@components.loaded.sort.
|
|
58
|
+
expect(@components.loaded.sort).to eq(%w(bad distributable).sort)
|
|
59
59
|
end
|
|
60
60
|
end
|
|
61
61
|
|
|
@@ -63,21 +63,21 @@ describe Arachni::Component::Manager do
|
|
|
63
63
|
context String do
|
|
64
64
|
it 'loads components by name' do
|
|
65
65
|
@components.load( 'wait', 'bad' )
|
|
66
|
-
@components.loaded.sort.
|
|
66
|
+
expect(@components.loaded.sort).to eq(%w(bad wait).sort)
|
|
67
67
|
end
|
|
68
68
|
end
|
|
69
69
|
|
|
70
70
|
context Symbol do
|
|
71
71
|
it 'loads components by name' do
|
|
72
72
|
@components.load :wait, :distributable
|
|
73
|
-
@components.loaded.sort.
|
|
73
|
+
expect(@components.loaded.sort).to eq(%w(wait distributable).sort)
|
|
74
74
|
end
|
|
75
75
|
end
|
|
76
76
|
|
|
77
77
|
context Array do
|
|
78
78
|
it 'loads components by name' do
|
|
79
79
|
@components.load( :wait, %w(bad distributable) )
|
|
80
|
-
@components.loaded.sort.
|
|
80
|
+
expect(@components.loaded.sort).to eq(%w(bad distributable wait).sort)
|
|
81
81
|
end
|
|
82
82
|
end
|
|
83
83
|
end
|
|
@@ -86,14 +86,14 @@ describe Arachni::Component::Manager do
|
|
|
86
86
|
context 'alone' do
|
|
87
87
|
it 'loads all components' do
|
|
88
88
|
@components.load( '*' )
|
|
89
|
-
@components.loaded.sort.
|
|
89
|
+
expect(@components.loaded.sort).to eq(@components.available.sort)
|
|
90
90
|
end
|
|
91
91
|
end
|
|
92
92
|
|
|
93
93
|
context 'with a category name' do
|
|
94
94
|
it 'loads all of its components' do
|
|
95
95
|
@components.load( 'plugins/*' )
|
|
96
|
-
@components.loaded.sort.
|
|
96
|
+
expect(@components.loaded.sort).to eq(@components.available.sort)
|
|
97
97
|
end
|
|
98
98
|
end
|
|
99
99
|
|
|
@@ -103,7 +103,7 @@ describe Arachni::Component::Manager do
|
|
|
103
103
|
context 'alone' do
|
|
104
104
|
it 'loads nothing' do
|
|
105
105
|
@components.load( '-' )
|
|
106
|
-
@components.loaded.sort.
|
|
106
|
+
expect(@components.loaded.sort).to be_empty
|
|
107
107
|
end
|
|
108
108
|
end
|
|
109
109
|
context 'with a name' do
|
|
@@ -111,7 +111,7 @@ describe Arachni::Component::Manager do
|
|
|
111
111
|
@components.load( %w(* -wait) )
|
|
112
112
|
loaded = @components.available
|
|
113
113
|
loaded.delete( 'wait' )
|
|
114
|
-
@components.loaded.sort.
|
|
114
|
+
expect(@components.loaded.sort).to eq(loaded.sort)
|
|
115
115
|
end
|
|
116
116
|
end
|
|
117
117
|
context 'with a partial name and a wildcard' do
|
|
@@ -120,7 +120,7 @@ describe Arachni::Component::Manager do
|
|
|
120
120
|
loaded = @components.available
|
|
121
121
|
loaded.delete( 'wait' )
|
|
122
122
|
loaded.delete( 'distributable' )
|
|
123
|
-
@components.loaded.sort.
|
|
123
|
+
expect(@components.loaded.sort).to eq(loaded.sort)
|
|
124
124
|
end
|
|
125
125
|
end
|
|
126
126
|
end
|
|
@@ -141,79 +141,79 @@ describe Arachni::Component::Manager do
|
|
|
141
141
|
context 'when passed' do
|
|
142
142
|
context 'nil' do
|
|
143
143
|
it 'returns an empty array' do
|
|
144
|
-
@components.empty
|
|
145
|
-
@components.load_by_tags( nil ).
|
|
144
|
+
expect(@components.empty?).to be_truthy
|
|
145
|
+
expect(@components.load_by_tags( nil )).to eq([])
|
|
146
146
|
end
|
|
147
147
|
end
|
|
148
148
|
|
|
149
149
|
context '[]' do
|
|
150
150
|
it 'returns an empty array' do
|
|
151
|
-
@components.empty
|
|
152
|
-
@components.load_by_tags( [] ).
|
|
151
|
+
expect(@components.empty?).to be_truthy
|
|
152
|
+
expect(@components.load_by_tags( [] )).to eq([])
|
|
153
153
|
end
|
|
154
154
|
end
|
|
155
155
|
|
|
156
156
|
context String do
|
|
157
157
|
it 'loads components whose tags include the given tag (as either a String or a Symbol)' do
|
|
158
|
-
@components.empty
|
|
158
|
+
expect(@components.empty?).to be_truthy
|
|
159
159
|
|
|
160
|
-
@components.load_by_tags( 'wait_string' ).
|
|
160
|
+
expect(@components.load_by_tags( 'wait_string' )).to eq(%w(wait))
|
|
161
161
|
@components.delete( 'wait' )
|
|
162
|
-
@components.empty
|
|
162
|
+
expect(@components.empty?).to be_truthy
|
|
163
163
|
|
|
164
|
-
@components.load_by_tags( 'wait_sym' ).
|
|
164
|
+
expect(@components.load_by_tags( 'wait_sym' )).to eq(%w(wait))
|
|
165
165
|
@components.delete( 'wait' )
|
|
166
|
-
@components.empty
|
|
166
|
+
expect(@components.empty?).to be_truthy
|
|
167
167
|
|
|
168
|
-
@components.load_by_tags( 'distributable_string' ).
|
|
168
|
+
expect(@components.load_by_tags( 'distributable_string' )).to eq(%w(distributable))
|
|
169
169
|
@components.delete( 'distributable' )
|
|
170
|
-
@components.empty
|
|
170
|
+
expect(@components.empty?).to be_truthy
|
|
171
171
|
|
|
172
|
-
@components.load_by_tags( 'distributable_sym' ).
|
|
172
|
+
expect(@components.load_by_tags( 'distributable_sym' )).to eq(%w(distributable))
|
|
173
173
|
@components.delete( 'distributable' )
|
|
174
|
-
@components.empty
|
|
174
|
+
expect(@components.empty?).to be_truthy
|
|
175
175
|
|
|
176
176
|
end
|
|
177
177
|
end
|
|
178
178
|
|
|
179
179
|
context Symbol do
|
|
180
180
|
it 'loads components whose tags include the given tag (as either a String or a Symbol)' do
|
|
181
|
-
@components.empty
|
|
181
|
+
expect(@components.empty?).to be_truthy
|
|
182
182
|
|
|
183
|
-
@components.load_by_tags( :wait_string ).
|
|
183
|
+
expect(@components.load_by_tags( :wait_string )).to eq(%w(wait))
|
|
184
184
|
@components.delete( 'wait' )
|
|
185
|
-
@components.empty
|
|
185
|
+
expect(@components.empty?).to be_truthy
|
|
186
186
|
|
|
187
|
-
@components.load_by_tags( :wait_sym ).
|
|
187
|
+
expect(@components.load_by_tags( :wait_sym )).to eq(%w(wait))
|
|
188
188
|
@components.delete( 'wait' )
|
|
189
|
-
@components.empty
|
|
189
|
+
expect(@components.empty?).to be_truthy
|
|
190
190
|
|
|
191
|
-
@components.load_by_tags( :distributable_string ).
|
|
191
|
+
expect(@components.load_by_tags( :distributable_string )).to eq(%w(distributable))
|
|
192
192
|
@components.delete( 'distributable' )
|
|
193
|
-
@components.empty
|
|
193
|
+
expect(@components.empty?).to be_truthy
|
|
194
194
|
|
|
195
|
-
@components.load_by_tags( :distributable_sym ).
|
|
195
|
+
expect(@components.load_by_tags( :distributable_sym )).to eq(%w(distributable))
|
|
196
196
|
@components.delete( 'distributable' )
|
|
197
|
-
@components.empty
|
|
197
|
+
expect(@components.empty?).to be_truthy
|
|
198
198
|
end
|
|
199
199
|
end
|
|
200
200
|
|
|
201
201
|
context Array do
|
|
202
202
|
it 'loads components which include any of the given tags (as either Strings or a Symbols)' do
|
|
203
|
-
@components.empty
|
|
203
|
+
expect(@components.empty?).to be_truthy
|
|
204
204
|
|
|
205
205
|
expected = %w(wait distributable).sort
|
|
206
|
-
@components.load_by_tags( [ :wait_string, 'distributable_string' ] ).sort.
|
|
206
|
+
expect(@components.load_by_tags( [ :wait_string, 'distributable_string' ] ).sort).to eq(expected)
|
|
207
207
|
@components.clear
|
|
208
|
-
@components.empty
|
|
208
|
+
expect(@components.empty?).to be_truthy
|
|
209
209
|
|
|
210
|
-
@components.load_by_tags( [ 'wait_string', :distributable_string ] ).sort.
|
|
210
|
+
expect(@components.load_by_tags( [ 'wait_string', :distributable_string ] ).sort).to eq(expected)
|
|
211
211
|
@components.clear
|
|
212
|
-
@components.empty
|
|
212
|
+
expect(@components.empty?).to be_truthy
|
|
213
213
|
|
|
214
|
-
@components.load_by_tags( [ 'wait_sym', :distributable_sym ] ).sort.
|
|
214
|
+
expect(@components.load_by_tags( [ 'wait_sym', :distributable_sym ] ).sort).to eq(expected)
|
|
215
215
|
@components.clear
|
|
216
|
-
@components.empty
|
|
216
|
+
expect(@components.empty?).to be_truthy
|
|
217
217
|
end
|
|
218
218
|
|
|
219
219
|
end
|
|
@@ -225,33 +225,34 @@ describe Arachni::Component::Manager do
|
|
|
225
225
|
|
|
226
226
|
context String do
|
|
227
227
|
it 'returns an array including the component\'s name' do
|
|
228
|
-
@components.parse( 'wait' ).
|
|
228
|
+
expect(@components.parse( 'wait' )).to eq(%w(wait))
|
|
229
229
|
end
|
|
230
230
|
end
|
|
231
231
|
|
|
232
232
|
context Symbol do
|
|
233
233
|
it 'returns an array including the component\'s name' do
|
|
234
|
-
@components.parse( :wait ).
|
|
234
|
+
expect(@components.parse( :wait )).to eq(%w(wait))
|
|
235
235
|
end
|
|
236
236
|
end
|
|
237
237
|
|
|
238
238
|
context Array do
|
|
239
239
|
it 'loads the component by name' do
|
|
240
|
-
@components.parse( %w(bad distributable) ).sort.
|
|
240
|
+
expect(@components.parse( %w(bad distributable) ).sort).to eq(
|
|
241
241
|
%w(bad distributable).sort
|
|
242
|
+
)
|
|
242
243
|
end
|
|
243
244
|
end
|
|
244
245
|
|
|
245
246
|
context 'wildcard (*)' do
|
|
246
247
|
context 'alone' do
|
|
247
248
|
it 'returns all components' do
|
|
248
|
-
@components.parse( '*' ).sort.
|
|
249
|
+
expect(@components.parse( '*' ).sort).to eq(@components.available.sort)
|
|
249
250
|
end
|
|
250
251
|
end
|
|
251
252
|
|
|
252
253
|
context 'with a category name' do
|
|
253
254
|
it 'returns all of its components' do
|
|
254
|
-
@components.parse( 'plugins/*' ).sort.
|
|
255
|
+
expect(@components.parse( 'plugins/*' ).sort).to eq(@components.available.sort)
|
|
255
256
|
end
|
|
256
257
|
end
|
|
257
258
|
|
|
@@ -260,7 +261,7 @@ describe Arachni::Component::Manager do
|
|
|
260
261
|
context 'exclusion filter (-)' do
|
|
261
262
|
context 'alone' do
|
|
262
263
|
it 'returns nothing' do
|
|
263
|
-
@components.parse( '-' ).sort.
|
|
264
|
+
expect(@components.parse( '-' ).sort).to be_empty
|
|
264
265
|
end
|
|
265
266
|
end
|
|
266
267
|
context 'with a name' do
|
|
@@ -268,7 +269,7 @@ describe Arachni::Component::Manager do
|
|
|
268
269
|
@components.parse( %w(* -wait) )
|
|
269
270
|
loaded = @components.available
|
|
270
271
|
loaded.delete( 'wait' )
|
|
271
|
-
loaded.sort.
|
|
272
|
+
expect(loaded.sort).to eq(loaded.sort)
|
|
272
273
|
end
|
|
273
274
|
end
|
|
274
275
|
context 'with a partial name and a wildcard' do
|
|
@@ -277,7 +278,7 @@ describe Arachni::Component::Manager do
|
|
|
277
278
|
loaded = @components.available
|
|
278
279
|
loaded.delete( 'wait' )
|
|
279
280
|
loaded.delete( 'distributable' )
|
|
280
|
-
parsed.sort.
|
|
281
|
+
expect(parsed.sort).to eq(loaded.sort)
|
|
281
282
|
end
|
|
282
283
|
end
|
|
283
284
|
end
|
|
@@ -289,19 +290,19 @@ describe Arachni::Component::Manager do
|
|
|
289
290
|
c = 'with_options'
|
|
290
291
|
|
|
291
292
|
@components.load( c )
|
|
292
|
-
@components.prepare_options( c, @components[c],
|
|
293
|
+
expect(@components.prepare_options( c, @components[c],
|
|
293
294
|
{ 'req_opt' => 'my value' }
|
|
294
|
-
).
|
|
295
|
+
)).to eq({
|
|
295
296
|
req_opt: 'my value',
|
|
296
297
|
default_opt: 'value'
|
|
297
|
-
}
|
|
298
|
+
})
|
|
298
299
|
|
|
299
300
|
opts = {
|
|
300
301
|
'req_opt' => 'req_opt value',
|
|
301
302
|
'opt_opt' => 'opt_opt value',
|
|
302
303
|
'default_opt' => 'value2'
|
|
303
304
|
}
|
|
304
|
-
@components.prepare_options( c, @components[c], opts ).
|
|
305
|
+
expect(@components.prepare_options( c, @components[c], opts )).to eq(opts.my_symbolize_keys)
|
|
305
306
|
end
|
|
306
307
|
|
|
307
308
|
context 'with missing options' do
|
|
@@ -347,16 +348,16 @@ describe Arachni::Component::Manager do
|
|
|
347
348
|
context 'when passed a' do
|
|
348
349
|
context String do
|
|
349
350
|
it 'should load and return the component' do
|
|
350
|
-
@components.loaded.
|
|
351
|
-
@components['wait'].name.
|
|
352
|
-
@components.loaded.
|
|
351
|
+
expect(@components.loaded).to be_empty
|
|
352
|
+
expect(@components['wait'].name).to eq('Arachni::Plugins::Wait')
|
|
353
|
+
expect(@components.loaded).to eq(%w(wait))
|
|
353
354
|
end
|
|
354
355
|
end
|
|
355
356
|
context Symbol do
|
|
356
357
|
it 'should load and return the component' do
|
|
357
|
-
@components.loaded.
|
|
358
|
-
@components[:wait].name.
|
|
359
|
-
@components.loaded.
|
|
358
|
+
expect(@components.loaded).to be_empty
|
|
359
|
+
expect(@components[:wait].name).to eq('Arachni::Plugins::Wait')
|
|
360
|
+
expect(@components.loaded).to eq(%w(wait))
|
|
360
361
|
end
|
|
361
362
|
end
|
|
362
363
|
end
|
|
@@ -367,36 +368,36 @@ describe Arachni::Component::Manager do
|
|
|
367
368
|
context String do
|
|
368
369
|
context 'when the component has been loaded' do
|
|
369
370
|
it 'returns true' do
|
|
370
|
-
@components.loaded.
|
|
371
|
-
@components['wait'].name.
|
|
372
|
-
@components.loaded.
|
|
373
|
-
@components.loaded?( 'wait' ).
|
|
374
|
-
@components.include?( 'wait' ).
|
|
371
|
+
expect(@components.loaded).to be_empty
|
|
372
|
+
expect(@components['wait'].name).to eq('Arachni::Plugins::Wait')
|
|
373
|
+
expect(@components.loaded).to eq(%w(wait))
|
|
374
|
+
expect(@components.loaded?( 'wait' )).to be_truthy
|
|
375
|
+
expect(@components.include?( 'wait' )).to be_truthy
|
|
375
376
|
end
|
|
376
377
|
end
|
|
377
378
|
context 'when the component has not been loaded' do
|
|
378
379
|
it 'returns false' do
|
|
379
|
-
@components.loaded.
|
|
380
|
-
@components.loaded?( 'wait' ).
|
|
381
|
-
@components.include?( 'wait' ).
|
|
380
|
+
expect(@components.loaded).to be_empty
|
|
381
|
+
expect(@components.loaded?( 'wait' )).to be_falsey
|
|
382
|
+
expect(@components.include?( 'wait' )).to be_falsey
|
|
382
383
|
end
|
|
383
384
|
end
|
|
384
385
|
end
|
|
385
386
|
context Symbol do
|
|
386
387
|
context 'when the component has been loaded' do
|
|
387
388
|
it 'returns true' do
|
|
388
|
-
@components.loaded.
|
|
389
|
-
@components[:wait].name.
|
|
390
|
-
@components.loaded.
|
|
391
|
-
@components.loaded?( :wait ).
|
|
392
|
-
@components.include?( :wait ).
|
|
389
|
+
expect(@components.loaded).to be_empty
|
|
390
|
+
expect(@components[:wait].name).to eq('Arachni::Plugins::Wait')
|
|
391
|
+
expect(@components.loaded).to eq(%w(wait))
|
|
392
|
+
expect(@components.loaded?( :wait )).to be_truthy
|
|
393
|
+
expect(@components.include?( :wait )).to be_truthy
|
|
393
394
|
end
|
|
394
395
|
end
|
|
395
396
|
context 'when the component has not been loaded' do
|
|
396
397
|
it 'returns false' do
|
|
397
|
-
@components.loaded.
|
|
398
|
-
@components.loaded?( :wait ).
|
|
399
|
-
@components.include?( :wait ).
|
|
398
|
+
expect(@components.loaded).to be_empty
|
|
399
|
+
expect(@components.loaded?( :wait )).to be_falsey
|
|
400
|
+
expect(@components.include?( :wait )).to be_falsey
|
|
400
401
|
end
|
|
401
402
|
end
|
|
402
403
|
end
|
|
@@ -405,86 +406,86 @@ describe Arachni::Component::Manager do
|
|
|
405
406
|
|
|
406
407
|
describe '#delete' do
|
|
407
408
|
it 'removes a component' do
|
|
408
|
-
@components.loaded.
|
|
409
|
+
expect(@components.loaded).to be_empty
|
|
409
410
|
|
|
410
411
|
@components.load( 'wait' )
|
|
411
412
|
klass = @components['wait']
|
|
412
413
|
|
|
413
414
|
sym = klass.name.split( ':' ).last.to_sym
|
|
414
|
-
@components.namespace.constants.include?( sym ).
|
|
415
|
-
@components.loaded.
|
|
415
|
+
expect(@components.namespace.constants.include?( sym )).to be_truthy
|
|
416
|
+
expect(@components.loaded).to be_any
|
|
416
417
|
|
|
417
418
|
@components.delete( 'wait' )
|
|
418
|
-
@components.loaded.
|
|
419
|
+
expect(@components.loaded).to be_empty
|
|
419
420
|
|
|
420
421
|
sym = klass.name.split( ':' ).last.to_sym
|
|
421
|
-
@components.namespace.constants.include?( sym ).
|
|
422
|
+
expect(@components.namespace.constants.include?( sym )).to be_falsey
|
|
422
423
|
end
|
|
423
424
|
it 'unloads a component' do
|
|
424
|
-
@components.loaded.
|
|
425
|
+
expect(@components.loaded).to be_empty
|
|
425
426
|
|
|
426
427
|
@components.load( 'wait' )
|
|
427
428
|
klass = @components['wait']
|
|
428
429
|
|
|
429
430
|
sym = klass.name.split( ':' ).last.to_sym
|
|
430
|
-
@components.namespace.constants.include?( sym ).
|
|
431
|
-
@components.loaded.
|
|
431
|
+
expect(@components.namespace.constants.include?( sym )).to be_truthy
|
|
432
|
+
expect(@components.loaded).to be_any
|
|
432
433
|
|
|
433
434
|
@components.delete( 'wait' )
|
|
434
|
-
@components.loaded.
|
|
435
|
+
expect(@components.loaded).to be_empty
|
|
435
436
|
|
|
436
437
|
sym = klass.name.split( ':' ).last.to_sym
|
|
437
|
-
@components.namespace.constants.include?( sym ).
|
|
438
|
+
expect(@components.namespace.constants.include?( sym )).to be_falsey
|
|
438
439
|
end
|
|
439
440
|
end
|
|
440
441
|
|
|
441
442
|
describe '#loaded' do
|
|
442
443
|
it 'returns all loaded components' do
|
|
443
444
|
@components.load( '*' )
|
|
444
|
-
@components.loaded.sort.
|
|
445
|
+
expect(@components.loaded.sort).to eq(available)
|
|
445
446
|
end
|
|
446
447
|
end
|
|
447
448
|
|
|
448
449
|
describe '#name_to_path' do
|
|
449
450
|
it 'returns a component\'s path from its name' do
|
|
450
451
|
path = @components.name_to_path( 'wait' )
|
|
451
|
-
File.exists?( path ).
|
|
452
|
-
File.basename( path ).
|
|
452
|
+
expect(File.exists?( path )).to be_truthy
|
|
453
|
+
expect(File.basename( path )).to eq('wait.rb')
|
|
453
454
|
end
|
|
454
455
|
end
|
|
455
456
|
|
|
456
457
|
describe '#path_to_name' do
|
|
457
458
|
it 'returns a component\'s name from its path' do
|
|
458
459
|
path = @components.name_to_path( 'wait' )
|
|
459
|
-
@components.path_to_name( path ).
|
|
460
|
+
expect(@components.path_to_name( path )).to eq('wait')
|
|
460
461
|
end
|
|
461
462
|
end
|
|
462
463
|
|
|
463
464
|
describe '#paths' do
|
|
464
465
|
it 'returns all component paths' do
|
|
465
466
|
paths = @components.paths
|
|
466
|
-
paths.each { |p| File.exists?( p ).
|
|
467
|
-
paths.size.
|
|
467
|
+
paths.each { |p| expect(File.exists?( p )).to be_truthy }
|
|
468
|
+
expect(paths.size).to eq(@components.available.size)
|
|
468
469
|
end
|
|
469
470
|
end
|
|
470
471
|
|
|
471
472
|
describe '#clear' do
|
|
472
473
|
it 'unloads all components' do
|
|
473
|
-
@components.loaded.
|
|
474
|
+
expect(@components.loaded).to be_empty
|
|
474
475
|
@components.load( '*' )
|
|
475
|
-
@components.loaded.sort.
|
|
476
|
+
expect(@components.loaded.sort).to eq(@components.available.sort)
|
|
476
477
|
|
|
477
478
|
symbols = @components.values.map do |klass|
|
|
478
479
|
sym = klass.name.split( ':' ).last.to_sym
|
|
479
|
-
@components.namespace.constants.include?( sym ).
|
|
480
|
+
expect(@components.namespace.constants.include?( sym )).to be_truthy
|
|
480
481
|
sym
|
|
481
482
|
end
|
|
482
483
|
|
|
483
484
|
@components.clear
|
|
484
485
|
symbols.each do |sym|
|
|
485
|
-
@components.namespace.constants.include?( sym ).
|
|
486
|
+
expect(@components.namespace.constants.include?( sym )).to be_falsey
|
|
486
487
|
end
|
|
487
|
-
@components.loaded.
|
|
488
|
+
expect(@components.loaded).to be_empty
|
|
488
489
|
end
|
|
489
490
|
end
|
|
490
491
|
end
|