relevance-tarantula 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/MIT-LICENSE +20 -0
- data/README.rdoc +70 -0
- data/Rakefile +79 -0
- data/init.rb +1 -0
- data/install.rb +1 -0
- data/laf/images/background.jpg +0 -0
- data/laf/images/relevance-os-logo.gif +0 -0
- data/laf/images/tab.png +0 -0
- data/laf/images/table-sort.gif +0 -0
- data/laf/images/tarantula-sprites.png +0 -0
- data/laf/javascripts/jquery-1.2.3.js +3408 -0
- data/laf/javascripts/jquery-ui-tabs.js +890 -0
- data/laf/javascripts/jquery.tablesorter.js +861 -0
- data/laf/javascripts/tarantula.js +10 -0
- data/laf/stylesheets/tarantula.css +638 -0
- data/laf/stylesheets/ui.tabs.css +113 -0
- data/lib/relevance/core_extensions/ellipsize.rb +34 -0
- data/lib/relevance/core_extensions/file.rb +9 -0
- data/lib/relevance/core_extensions/response.rb +9 -0
- data/lib/relevance/core_extensions/test_case.rb +12 -0
- data/lib/relevance/tarantula/attack.rb +15 -0
- data/lib/relevance/tarantula/attack_form_submission.rb +75 -0
- data/lib/relevance/tarantula/attack_handler.rb +37 -0
- data/lib/relevance/tarantula/crawler.rb +240 -0
- data/lib/relevance/tarantula/detail.html.erb +77 -0
- data/lib/relevance/tarantula/form.rb +21 -0
- data/lib/relevance/tarantula/form_submission.rb +70 -0
- data/lib/relevance/tarantula/html_document_handler.rb +36 -0
- data/lib/relevance/tarantula/html_report_helper.rb +56 -0
- data/lib/relevance/tarantula/html_reporter.rb +105 -0
- data/lib/relevance/tarantula/index.html.erb +48 -0
- data/lib/relevance/tarantula/invalid_html_handler.rb +18 -0
- data/lib/relevance/tarantula/io_reporter.rb +34 -0
- data/lib/relevance/tarantula/link.rb +56 -0
- data/lib/relevance/tarantula/log_grabber.rb +16 -0
- data/lib/relevance/tarantula/rails_integration_proxy.rb +70 -0
- data/lib/relevance/tarantula/recording.rb +12 -0
- data/lib/relevance/tarantula/response.rb +13 -0
- data/lib/relevance/tarantula/result.rb +66 -0
- data/lib/relevance/tarantula/test_report.html.erb +34 -0
- data/lib/relevance/tarantula/tidy_handler.rb +32 -0
- data/lib/relevance/tarantula/transform.rb +17 -0
- data/lib/relevance/tarantula.rb +63 -0
- data/manifest.txt +114 -0
- data/tarantula.gemspec +42 -0
- data/tasks/tarantula_tasks.rake +34 -0
- data/template/tarantula_test.rb +12 -0
- data/test/relevance/core_extensions/ellipsize_test.rb +19 -0
- data/test/relevance/core_extensions/file_test.rb +8 -0
- data/test/relevance/core_extensions/response_test.rb +29 -0
- data/test/relevance/core_extensions/test_case_test.rb +17 -0
- data/test/relevance/tarantula/attack_form_submission_test.rb +79 -0
- data/test/relevance/tarantula/attack_handler_test.rb +30 -0
- data/test/relevance/tarantula/crawler_test.rb +297 -0
- data/test/relevance/tarantula/form_submission_test.rb +71 -0
- data/test/relevance/tarantula/form_test.rb +50 -0
- data/test/relevance/tarantula/html_document_handler_test.rb +44 -0
- data/test/relevance/tarantula/html_report_helper_test.rb +48 -0
- data/test/relevance/tarantula/html_reporter_test.rb +82 -0
- data/test/relevance/tarantula/invalid_html_handler_test.rb +34 -0
- data/test/relevance/tarantula/io_reporter_test.rb +12 -0
- data/test/relevance/tarantula/link_test.rb +49 -0
- data/test/relevance/tarantula/log_grabber_test.rb +27 -0
- data/test/relevance/tarantula/rails_integration_proxy_test.rb +95 -0
- data/test/relevance/tarantula/result_test.rb +86 -0
- data/test/relevance/tarantula/tidy_handler_test.rb +59 -0
- data/test/relevance/tarantula/transform_test.rb +21 -0
- data/test/relevance/tarantula_test.rb +23 -0
- data/test/test_helper.rb +32 -0
- data/uninstall.rb +1 -0
- data/vendor/xss-shield/MIT-LICENSE +20 -0
- data/vendor/xss-shield/README +76 -0
- data/vendor/xss-shield/init.rb +16 -0
- data/vendor/xss-shield/lib/xss_shield/erb_hacks.rb +111 -0
- data/vendor/xss-shield/lib/xss_shield/haml_hacks.rb +42 -0
- data/vendor/xss-shield/lib/xss_shield/safe_string.rb +47 -0
- data/vendor/xss-shield/lib/xss_shield/secure_helpers.rb +40 -0
- data/vendor/xss-shield/lib/xss_shield.rb +6 -0
- data/vendor/xss-shield/test/test_actionview_integration.rb +40 -0
- data/vendor/xss-shield/test/test_erb.rb +44 -0
- data/vendor/xss-shield/test/test_haml.rb +43 -0
- data/vendor/xss-shield/test/test_helpers.rb +25 -0
- data/vendor/xss-shield/test/test_safe_string.rb +55 -0
- metadata +256 -0
data/MIT-LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2008 Relevance, Inc.
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.rdoc
ADDED
@@ -0,0 +1,70 @@
|
|
1
|
+
= Tarantula
|
2
|
+
|
3
|
+
== DESCRIPTION
|
4
|
+
|
5
|
+
Tarantula is a big fuzzy spider. It crawls your Rails application, fuzzing data to see what breaks.
|
6
|
+
|
7
|
+
== Dependencies
|
8
|
+
|
9
|
+
htmlentities
|
10
|
+
hpricot
|
11
|
+
facets >= 2.4.3
|
12
|
+
|
13
|
+
== Usage
|
14
|
+
|
15
|
+
#!sh
|
16
|
+
rake tarantula:setup
|
17
|
+
|
18
|
+
Creates a Rails integration test that looks like this, filling in your own auth params. You will probably want to include all fixtures.
|
19
|
+
|
20
|
+
require 'relevance/tarantula'
|
21
|
+
|
22
|
+
# in your test
|
23
|
+
def test_with_login
|
24
|
+
post '/sessions/create', :password => 'your-pass'
|
25
|
+
assert_response :redirect
|
26
|
+
assert_redirected_to '/'
|
27
|
+
follow_redirect!
|
28
|
+
tarantula_crawl(self)
|
29
|
+
end
|
30
|
+
|
31
|
+
If you want to set custom options, you can get access to the crawler and set properties before running it. For example, this would turn on HTMLTidy.
|
32
|
+
|
33
|
+
def test_with_login
|
34
|
+
post '/sessions/create', :password => 'your-pass'
|
35
|
+
assert_response :redirect
|
36
|
+
assert_redirected_to '/'
|
37
|
+
follow_redirect!
|
38
|
+
t = tarantula_crawler(self)
|
39
|
+
t.handlers << Relevance::Tarantula::TidyHandler.new
|
40
|
+
t.crawl '/'
|
41
|
+
end
|
42
|
+
|
43
|
+
Assuming your project is at /work/project/:
|
44
|
+
|
45
|
+
#!sh
|
46
|
+
cd /work/project
|
47
|
+
rake tarantula:test
|
48
|
+
|
49
|
+
== Verbose Mode
|
50
|
+
|
51
|
+
If you run the test you will get a report in tmp/tarantula. You can also set VERBOSE=true to see more detail as the test runs.
|
52
|
+
|
53
|
+
For more options see the test suite.
|
54
|
+
|
55
|
+
== Allowed Errors
|
56
|
+
|
57
|
+
If, for example, a 404 is an appropriate response for some URLs, you can
|
58
|
+
tell Tarantula to allow 404s for URLs matching a regexp:
|
59
|
+
|
60
|
+
t = tarantula_crawler(self)
|
61
|
+
t.allow_404_for %r{/users/\d+/}
|
62
|
+
|
63
|
+
== Bugs/Requests
|
64
|
+
|
65
|
+
Please submit your bug reports, patches or feature requests as a ticket under the component "tarantula" on our Trac instance here: http://opensource.thinkrelevance.com/. You'll have to create an account (Sorry! Otherwise we'd get way too much spam).
|
66
|
+
|
67
|
+
== License and Copyright
|
68
|
+
|
69
|
+
Copyright (c) 2008 Relevance, Inc., released under the MIT license
|
70
|
+
|
data/Rakefile
ADDED
@@ -0,0 +1,79 @@
|
|
1
|
+
require 'rake'
|
2
|
+
require 'rake/testtask'
|
3
|
+
require 'rake/rdoctask'
|
4
|
+
require 'rubygems'
|
5
|
+
|
6
|
+
begin
|
7
|
+
gem 'technicalpickles-echoe'
|
8
|
+
rescue LoadError => e
|
9
|
+
puts "couldn't find the correct version of echoe - please install from forked version on github: http://github.com/technicalpickles/echoe/"
|
10
|
+
puts "sudo gem install technicalpickles-echoe -s http://gems.github.com"
|
11
|
+
end
|
12
|
+
|
13
|
+
require 'echoe'
|
14
|
+
require 'lib/relevance/tarantula.rb'
|
15
|
+
|
16
|
+
echoe = Echoe.new('tarantula') do |p|
|
17
|
+
p.rubyforge_name = 'thinkrelevance'
|
18
|
+
p.author = ["Relevance"]
|
19
|
+
p.email = 'opensource@thinkrelevance.com'
|
20
|
+
p.version = Relevance::Tarantula::VERSION
|
21
|
+
p.summary = "A big hairy fuzzy spider that crawls your site, wreaking havoc"
|
22
|
+
p.description = "A big hairy fuzzy spider that crawls your site, wreaking havoc"
|
23
|
+
p.url = "http://opensource.thinkrelevance.com/wiki/tarantula"
|
24
|
+
p.rdoc_pattern = /^(lib|bin)|txt|rdoc|CHANGELOG|MIT-LICENSE$/
|
25
|
+
rdoc_template = `allison --path`.strip << ".rb"
|
26
|
+
p.rdoc_template = rdoc_template
|
27
|
+
p.test_pattern = 'test/**/*_test.rb'
|
28
|
+
p.manifest_name = 'manifest.txt'
|
29
|
+
p.dependencies = ['htmlentities', 'hpricot', 'facets >=2.4.3']
|
30
|
+
end
|
31
|
+
|
32
|
+
desc 'Default: run unit tests.'
|
33
|
+
task :default => :test
|
34
|
+
|
35
|
+
desc 'Test the tarantula plugin.'
|
36
|
+
Rake::TestTask.new(:test) do |t|
|
37
|
+
t.libs << 'lib'
|
38
|
+
t.pattern = 'test/**/*_test.rb'
|
39
|
+
t.verbose = true
|
40
|
+
end
|
41
|
+
|
42
|
+
desc 'Generate documentation for the tarantula plugin.'
|
43
|
+
Rake::RDocTask.new(:rdoc) do |rdoc|
|
44
|
+
rdoc.rdoc_dir = 'rdoc'
|
45
|
+
rdoc.title = 'Tarantula'
|
46
|
+
rdoc.options << '--line-numbers' << '--inline-source'
|
47
|
+
rdoc.rdoc_files.include('README.rdoc')
|
48
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
49
|
+
end
|
50
|
+
|
51
|
+
begin
|
52
|
+
require 'rcov'
|
53
|
+
require "rcov/rcovtask"
|
54
|
+
|
55
|
+
namespace :coverage do
|
56
|
+
rcov_output = ENV["CC_BUILD_ARTIFACTS"] || 'tmp/coverage'
|
57
|
+
rcov_exclusions = %w{ /Library/Ruby/* }.join(',')
|
58
|
+
|
59
|
+
desc "Delete aggregate coverage data."
|
60
|
+
task(:clean) { rm_f "rcov_tmp" }
|
61
|
+
|
62
|
+
Rcov::RcovTask.new(:unit => :clean) do |t|
|
63
|
+
t.test_files = FileList['test/**/*_test.rb']
|
64
|
+
t.rcov_opts = ["--sort coverage", "--aggregate 'rcov_tmp'", "--html", "--rails", "--exclude '#{rcov_exclusions}'"]
|
65
|
+
t.output_dir = rcov_output + '/unit'
|
66
|
+
end
|
67
|
+
|
68
|
+
desc "Generate and open coverage report"
|
69
|
+
task(:all => [:unit]) do
|
70
|
+
system("open #{rcov_output}/unit/index.html") if PLATFORM['darwin']
|
71
|
+
end
|
72
|
+
end
|
73
|
+
rescue LoadError
|
74
|
+
if RUBY_PLATFORM =~ /java/
|
75
|
+
puts 'running in jruby - rcov tasks not available'
|
76
|
+
else
|
77
|
+
puts 'sudo gem install rcov # if you want the rcov tasks'
|
78
|
+
end
|
79
|
+
end
|
data/init.rb
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require File.dirname(__FILE__) + "/rails/init"
|
data/install.rb
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
# Install hook code here
|
Binary file
|
Binary file
|
data/laf/images/tab.png
ADDED
Binary file
|
Binary file
|
Binary file
|