codez-tarantula 0.5.3 → 0.5.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -13
- data/.gitignore +2 -0
- data/CHANGELOG +11 -5
- data/lib/relevance/tarantula/basic_attack.rb +3 -1
- data/lib/relevance/tarantula/version.rb +1 -1
- data/spec/relevance/tarantula/form_submission_spec.rb +25 -25
- metadata +22 -23
checksums.yaml
CHANGED
|
@@ -1,15 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
|
|
5
|
-
data.tar.gz: !binary |-
|
|
6
|
-
Y2ExYTcwMTU3ZjYzNWY4YWYzNzQxM2FiNmU3MDNkMTJiNWFlYWJiZA==
|
|
2
|
+
SHA1:
|
|
3
|
+
metadata.gz: 34d2f2f8bc74e380b9a60be1b49dae47f537dc01
|
|
4
|
+
data.tar.gz: 5cf354d6e9b7cae4a85f215ddc69958ad37196e6
|
|
7
5
|
SHA512:
|
|
8
|
-
metadata.gz:
|
|
9
|
-
|
|
10
|
-
OTg1ZTRkZTdkYjg4NGQ5ZTYwZTM5OTZkMzg1Mjc4ZjhmZTgzMDg1NDIzOTUw
|
|
11
|
-
OGQxMWRkZTY5YmUzNmJhNTA0ZjA3NDJhNmFjOWNmNmEzYzQ2N2Q=
|
|
12
|
-
data.tar.gz: !binary |-
|
|
13
|
-
MDhjZGU5ZGUyNmRlNjJiOGFmMTc0Y2VmYzM0NjM3NGQwYjY2OTVlZTU0MWUz
|
|
14
|
-
ZDhjYmI2Y2MyZDRmYWM2ZjA0MjE1YTVhZmVkOGI0NjU3MjhmNjE3ZTIzZjUx
|
|
15
|
-
YjdkYmQwOTU3MzQxNGY5ZmQ1NWE5ZjIzOWM1ZGUzMTQxMWU3Zjk=
|
|
6
|
+
metadata.gz: e3d842e4412b28a32de8dbde9e646ed975520aa7ba3fa74321538c6ec8334f412c3a0e2162329d6522017abb46b047d2a7341d735831790ffef9f11f7e834e25
|
|
7
|
+
data.tar.gz: 7b8828dbe33d9243df426809dd588a1abc6eb9cf1f9df17c1948cf337a6d7c13c6db4e1981900ae5f7d4fdbad5edc3ba03335f52c69e37156a43b48a1d78ad9e
|
data/.gitignore
CHANGED
data/CHANGELOG
CHANGED
|
@@ -1,3 +1,9 @@
|
|
|
1
|
+
v0.5.4
|
|
2
|
+
* Do not change values of hidden fields
|
|
3
|
+
|
|
4
|
+
v0.5.3
|
|
5
|
+
* Rails 4.1 compatibility
|
|
6
|
+
|
|
1
7
|
v0.5.1
|
|
2
8
|
* Rescue exceptions for Rails 3 integration tests and return them as 404/500 responses.
|
|
3
9
|
|
|
@@ -22,9 +28,9 @@ v0.1.8 Add timeouts for crawls to help really long builds [Rob Sanheim]
|
|
|
22
28
|
|
|
23
29
|
v0.1.7 Minor clean up [Rob Sanheim]
|
|
24
30
|
|
|
25
|
-
v0.1.6
|
|
31
|
+
v0.1.6
|
|
26
32
|
* add testing for all Rails versions 2.0.2 and up
|
|
27
|
-
* various clean up and housekeeping tasks;
|
|
33
|
+
* various clean up and housekeeping tasks;
|
|
28
34
|
* start Ruby 1.9 work (but we need Hpricot)
|
|
29
35
|
* show 50 chars of URL, not 30
|
|
30
36
|
* ensure that ActiveRecord gets loaded correctly for the crawler, so that it can rescue RecordNotFound exceptions
|
|
@@ -40,7 +46,7 @@ v0.1.2 Remove dependency on Facets gem [Aaron Bedra]
|
|
|
40
46
|
|
|
41
47
|
v0.1.1 Bugfix: Add ability to handle anchor tags that lack an href attribute #13 [Kevin Gisi]
|
|
42
48
|
|
|
43
|
-
v0.1.0
|
|
49
|
+
v0.1.0
|
|
44
50
|
* Improve the generated test template to include inline documentation and make the simple case simple [Jason Rudolph]
|
|
45
51
|
* Update README to better serve first-time users [Jason Rudolph]
|
|
46
52
|
* Update development dependencies declarations [Jason Rudolph]
|
|
@@ -48,7 +54,7 @@ v0.1.0
|
|
|
48
54
|
** Convert test suite to micronaut
|
|
49
55
|
** Replace Echoe with Jeweler for gem management
|
|
50
56
|
** Remove unused code
|
|
51
|
-
|
|
57
|
+
|
|
52
58
|
v0.0.8.1
|
|
53
59
|
* Fix numerous installation and initial setup issues
|
|
54
60
|
* Enhance rake tasks to support use of Tarantula in a continuous integration environment
|
|
@@ -59,7 +65,7 @@ v0.0.8.1
|
|
|
59
65
|
** Include example of adding a custom attack handler
|
|
60
66
|
* Simplify design to address concerns about hard-to-read fonts
|
|
61
67
|
|
|
62
|
-
v0.0.5
|
|
68
|
+
v0.0.5
|
|
63
69
|
* Make sure we don't include Relevance::Tarantula into Object - will cause issues with Rails dependencies and is a bad idea in general
|
|
64
70
|
* Update Rakefile for development dependencies
|
|
65
71
|
* Other small clean up tasks
|
|
@@ -17,11 +17,13 @@ module Relevance
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def input(input_field)
|
|
20
|
+
return input_field['value'] if input_field['type'] == 'hidden'
|
|
21
|
+
|
|
20
22
|
case input_field['name']
|
|
21
23
|
when /amount/ then random_int
|
|
22
24
|
when /_id$/ then random_whole_number
|
|
23
25
|
when /uploaded_data/ then nil
|
|
24
|
-
when nil then
|
|
26
|
+
when nil then input_field['value']
|
|
25
27
|
else
|
|
26
28
|
random_int
|
|
27
29
|
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
require "spec_helper"
|
|
2
2
|
|
|
3
3
|
describe Relevance::Tarantula::FormSubmission do
|
|
4
|
-
|
|
4
|
+
|
|
5
5
|
describe "with a good form" do
|
|
6
6
|
# TODO: add more from field types to this example form as needed
|
|
7
7
|
before do
|
|
@@ -14,7 +14,7 @@ describe Relevance::Tarantula::FormSubmission do
|
|
|
14
14
|
<select id="foo_opened_on_1i" name="foo[opened_on(1i)]">
|
|
15
15
|
<option value="2003">2003</option>
|
|
16
16
|
<option value="2004">2004</option>
|
|
17
|
-
</select>
|
|
17
|
+
</select>
|
|
18
18
|
</form>
|
|
19
19
|
})
|
|
20
20
|
end
|
|
@@ -29,7 +29,7 @@ describe Relevance::Tarantula::FormSubmission do
|
|
|
29
29
|
response.content_type.should == "text/plain"
|
|
30
30
|
response.body.should == "ActiveRecord::RecordNotFound"
|
|
31
31
|
end
|
|
32
|
-
|
|
32
|
+
|
|
33
33
|
it "submits the form and logs response" do
|
|
34
34
|
doc = Hpricot('<form action="/action" method="post"/>')
|
|
35
35
|
form = make_form(doc.at('form'))
|
|
@@ -38,7 +38,7 @@ describe Relevance::Tarantula::FormSubmission do
|
|
|
38
38
|
fs.expects(:log).with("Response 200 for #{fs}")
|
|
39
39
|
fs.crawl
|
|
40
40
|
end
|
|
41
|
-
|
|
41
|
+
|
|
42
42
|
end
|
|
43
43
|
|
|
44
44
|
describe "with default attack" do
|
|
@@ -46,50 +46,50 @@ describe Relevance::Tarantula::FormSubmission do
|
|
|
46
46
|
@form = make_form(@tag.at('form'))
|
|
47
47
|
@fs = Relevance::Tarantula::FormSubmission.new(@form)
|
|
48
48
|
end
|
|
49
|
-
|
|
49
|
+
|
|
50
50
|
it "can mutate text areas" do
|
|
51
51
|
@fs.attack.stubs(:random_int).returns("42")
|
|
52
52
|
@fs.mutate_text_areas(@form).should == {"comment" => "42"}
|
|
53
53
|
end
|
|
54
|
-
|
|
54
|
+
|
|
55
55
|
it "can mutate selects" do
|
|
56
56
|
Hpricot::Elements.any_instance.stubs(:sample).returns(stub(:[] => "2006-stub"))
|
|
57
57
|
@fs.mutate_selects(@form).should == {"foo[opened_on(1i)]" => "2006-stub"}
|
|
58
58
|
end
|
|
59
|
-
|
|
59
|
+
|
|
60
60
|
it "can mutate inputs" do
|
|
61
61
|
@fs.attack.stubs(:random_int).returns("43")
|
|
62
|
-
@fs.mutate_inputs(@form).should == {"commit"=>"43", "secret"=>"
|
|
62
|
+
@fs.mutate_inputs(@form).should == {"commit"=>"43", "secret"=>"secret", "email"=>"43"}
|
|
63
63
|
end
|
|
64
64
|
|
|
65
65
|
it "has a signature based on action and fields" do
|
|
66
66
|
@fs.signature.should == ['/session', [
|
|
67
|
-
"comment",
|
|
68
|
-
"commit",
|
|
69
|
-
"email",
|
|
70
|
-
"foo[opened_on(1i)]",
|
|
67
|
+
"comment",
|
|
68
|
+
"commit",
|
|
69
|
+
"email",
|
|
70
|
+
"foo[opened_on(1i)]",
|
|
71
71
|
"secret"],
|
|
72
72
|
@fs.attack.name]
|
|
73
73
|
end
|
|
74
|
-
|
|
74
|
+
|
|
75
75
|
it "has a friendly to_s" do
|
|
76
76
|
@fs.to_s.should =~ %r{^/session post}
|
|
77
77
|
end
|
|
78
78
|
end
|
|
79
|
-
|
|
79
|
+
|
|
80
80
|
describe "with a custom attack" do
|
|
81
81
|
before do
|
|
82
82
|
@form = make_form(@tag.at('form'))
|
|
83
|
-
@attack = Relevance::Tarantula::Attack.new(:name => 'foo_name',
|
|
84
|
-
:input => 'foo_code',
|
|
83
|
+
@attack = Relevance::Tarantula::Attack.new(:name => 'foo_name',
|
|
84
|
+
:input => 'foo_code',
|
|
85
85
|
:output => 'foo_code')
|
|
86
86
|
@fs = Relevance::Tarantula::FormSubmission.new(@form, @attack)
|
|
87
87
|
end
|
|
88
|
-
|
|
88
|
+
|
|
89
89
|
it "can mutate text areas" do
|
|
90
90
|
@fs.mutate_text_areas(@form).should == {"comment" => "foo_code"}
|
|
91
91
|
end
|
|
92
|
-
|
|
92
|
+
|
|
93
93
|
it "can mutate selects" do
|
|
94
94
|
Hpricot::Elements.any_instance.stubs(:sample).returns(stub(:[] => "2006-stub"))
|
|
95
95
|
@fs.mutate_selects(@form).should == {"foo[opened_on(1i)]" => "2006-stub"}
|
|
@@ -101,10 +101,10 @@ describe Relevance::Tarantula::FormSubmission do
|
|
|
101
101
|
|
|
102
102
|
it "has a signature based on action, fields, and attack name" do
|
|
103
103
|
@fs.signature.should == ['/session', [
|
|
104
|
-
"comment",
|
|
105
|
-
"commit",
|
|
106
|
-
"email",
|
|
107
|
-
"foo[opened_on(1i)]",
|
|
104
|
+
"comment",
|
|
105
|
+
"commit",
|
|
106
|
+
"email",
|
|
107
|
+
"foo[opened_on(1i)]",
|
|
108
108
|
"secret"],
|
|
109
109
|
"foo_name"
|
|
110
110
|
]
|
|
@@ -134,7 +134,7 @@ describe Relevance::Tarantula::FormSubmission do
|
|
|
134
134
|
end
|
|
135
135
|
end
|
|
136
136
|
end
|
|
137
|
-
|
|
137
|
+
|
|
138
138
|
describe "with a crummy form" do
|
|
139
139
|
before do
|
|
140
140
|
@tag = Hpricot(%q{
|
|
@@ -143,7 +143,7 @@ describe Relevance::Tarantula::FormSubmission do
|
|
|
143
143
|
</form>
|
|
144
144
|
})
|
|
145
145
|
end
|
|
146
|
-
|
|
146
|
+
|
|
147
147
|
describe "with default attack" do
|
|
148
148
|
before do
|
|
149
149
|
@form = make_form(@tag.at('form'))
|
|
@@ -167,5 +167,5 @@ describe Relevance::Tarantula::FormSubmission do
|
|
|
167
167
|
end
|
|
168
168
|
|
|
169
169
|
end
|
|
170
|
-
|
|
170
|
+
|
|
171
171
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: codez-tarantula
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Relevance, Inc.
|
|
@@ -9,104 +9,104 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2015-10-22 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: htmlentities
|
|
16
16
|
requirement: !ruby/object:Gem::Requirement
|
|
17
17
|
requirements:
|
|
18
|
-
- - ~>
|
|
18
|
+
- - "~>"
|
|
19
19
|
- !ruby/object:Gem::Version
|
|
20
20
|
version: 4.3.0
|
|
21
21
|
type: :runtime
|
|
22
22
|
prerelease: false
|
|
23
23
|
version_requirements: !ruby/object:Gem::Requirement
|
|
24
24
|
requirements:
|
|
25
|
-
- - ~>
|
|
25
|
+
- - "~>"
|
|
26
26
|
- !ruby/object:Gem::Version
|
|
27
27
|
version: 4.3.0
|
|
28
28
|
- !ruby/object:Gem::Dependency
|
|
29
29
|
name: hpricot
|
|
30
30
|
requirement: !ruby/object:Gem::Requirement
|
|
31
31
|
requirements:
|
|
32
|
-
- - ~>
|
|
32
|
+
- - "~>"
|
|
33
33
|
- !ruby/object:Gem::Version
|
|
34
34
|
version: 0.8.4
|
|
35
35
|
type: :runtime
|
|
36
36
|
prerelease: false
|
|
37
37
|
version_requirements: !ruby/object:Gem::Requirement
|
|
38
38
|
requirements:
|
|
39
|
-
- - ~>
|
|
39
|
+
- - "~>"
|
|
40
40
|
- !ruby/object:Gem::Version
|
|
41
41
|
version: 0.8.4
|
|
42
42
|
- !ruby/object:Gem::Dependency
|
|
43
43
|
name: rspec
|
|
44
44
|
requirement: !ruby/object:Gem::Requirement
|
|
45
45
|
requirements:
|
|
46
|
-
- - ~>
|
|
46
|
+
- - "~>"
|
|
47
47
|
- !ruby/object:Gem::Version
|
|
48
48
|
version: 2.12.0
|
|
49
49
|
type: :development
|
|
50
50
|
prerelease: false
|
|
51
51
|
version_requirements: !ruby/object:Gem::Requirement
|
|
52
52
|
requirements:
|
|
53
|
-
- - ~>
|
|
53
|
+
- - "~>"
|
|
54
54
|
- !ruby/object:Gem::Version
|
|
55
55
|
version: 2.12.0
|
|
56
56
|
- !ruby/object:Gem::Dependency
|
|
57
57
|
name: rdoc
|
|
58
58
|
requirement: !ruby/object:Gem::Requirement
|
|
59
59
|
requirements:
|
|
60
|
-
- - ~>
|
|
60
|
+
- - "~>"
|
|
61
61
|
- !ruby/object:Gem::Version
|
|
62
62
|
version: 3.12.0
|
|
63
63
|
type: :development
|
|
64
64
|
prerelease: false
|
|
65
65
|
version_requirements: !ruby/object:Gem::Requirement
|
|
66
66
|
requirements:
|
|
67
|
-
- - ~>
|
|
67
|
+
- - "~>"
|
|
68
68
|
- !ruby/object:Gem::Version
|
|
69
69
|
version: 3.12.0
|
|
70
70
|
- !ruby/object:Gem::Dependency
|
|
71
71
|
name: log_buddy
|
|
72
72
|
requirement: !ruby/object:Gem::Requirement
|
|
73
73
|
requirements:
|
|
74
|
-
- - ~>
|
|
74
|
+
- - "~>"
|
|
75
75
|
- !ruby/object:Gem::Version
|
|
76
76
|
version: 0.6.0
|
|
77
77
|
type: :development
|
|
78
78
|
prerelease: false
|
|
79
79
|
version_requirements: !ruby/object:Gem::Requirement
|
|
80
80
|
requirements:
|
|
81
|
-
- - ~>
|
|
81
|
+
- - "~>"
|
|
82
82
|
- !ruby/object:Gem::Version
|
|
83
83
|
version: 0.6.0
|
|
84
84
|
- !ruby/object:Gem::Dependency
|
|
85
85
|
name: mocha
|
|
86
86
|
requirement: !ruby/object:Gem::Requirement
|
|
87
87
|
requirements:
|
|
88
|
-
- - ~>
|
|
88
|
+
- - "~>"
|
|
89
89
|
- !ruby/object:Gem::Version
|
|
90
90
|
version: 0.13.2
|
|
91
91
|
type: :development
|
|
92
92
|
prerelease: false
|
|
93
93
|
version_requirements: !ruby/object:Gem::Requirement
|
|
94
94
|
requirements:
|
|
95
|
-
- - ~>
|
|
95
|
+
- - "~>"
|
|
96
96
|
- !ruby/object:Gem::Version
|
|
97
97
|
version: 0.13.2
|
|
98
98
|
- !ruby/object:Gem::Dependency
|
|
99
99
|
name: rails
|
|
100
100
|
requirement: !ruby/object:Gem::Requirement
|
|
101
101
|
requirements:
|
|
102
|
-
- -
|
|
102
|
+
- - ">="
|
|
103
103
|
- !ruby/object:Gem::Version
|
|
104
104
|
version: 2.3.0
|
|
105
105
|
type: :development
|
|
106
106
|
prerelease: false
|
|
107
107
|
version_requirements: !ruby/object:Gem::Requirement
|
|
108
108
|
requirements:
|
|
109
|
-
- -
|
|
109
|
+
- - ">="
|
|
110
110
|
- !ruby/object:Gem::Version
|
|
111
111
|
version: 2.3.0
|
|
112
112
|
description: Tarantula is a big fuzzy spider. It crawls your Rails 2.3 and 3.x applications,
|
|
@@ -117,9 +117,9 @@ executables: []
|
|
|
117
117
|
extensions: []
|
|
118
118
|
extra_rdoc_files: []
|
|
119
119
|
files:
|
|
120
|
-
- .autotest
|
|
121
|
-
- .gitignore
|
|
122
|
-
- .travis.yml
|
|
120
|
+
- ".autotest"
|
|
121
|
+
- ".gitignore"
|
|
122
|
+
- ".travis.yml"
|
|
123
123
|
- CHANGELOG
|
|
124
124
|
- DSL_EXAMPLES.md
|
|
125
125
|
- Gemfile
|
|
@@ -213,19 +213,18 @@ require_paths:
|
|
|
213
213
|
- lib
|
|
214
214
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
215
215
|
requirements:
|
|
216
|
-
- -
|
|
216
|
+
- - ">="
|
|
217
217
|
- !ruby/object:Gem::Version
|
|
218
218
|
version: '0'
|
|
219
219
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
220
220
|
requirements:
|
|
221
|
-
- -
|
|
221
|
+
- - ">="
|
|
222
222
|
- !ruby/object:Gem::Version
|
|
223
223
|
version: '0'
|
|
224
224
|
requirements: []
|
|
225
225
|
rubyforge_project:
|
|
226
|
-
rubygems_version: 2.
|
|
226
|
+
rubygems_version: 2.4.3
|
|
227
227
|
signing_key:
|
|
228
228
|
specification_version: 4
|
|
229
229
|
summary: A big hairy fuzzy spider that crawls your site, wreaking havoc
|
|
230
230
|
test_files: []
|
|
231
|
-
has_rdoc:
|