relevance-tarantula 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (84) hide show
  1. data/MIT-LICENSE +20 -0
  2. data/README.rdoc +70 -0
  3. data/Rakefile +79 -0
  4. data/init.rb +1 -0
  5. data/install.rb +1 -0
  6. data/laf/images/background.jpg +0 -0
  7. data/laf/images/relevance-os-logo.gif +0 -0
  8. data/laf/images/tab.png +0 -0
  9. data/laf/images/table-sort.gif +0 -0
  10. data/laf/images/tarantula-sprites.png +0 -0
  11. data/laf/javascripts/jquery-1.2.3.js +3408 -0
  12. data/laf/javascripts/jquery-ui-tabs.js +890 -0
  13. data/laf/javascripts/jquery.tablesorter.js +861 -0
  14. data/laf/javascripts/tarantula.js +10 -0
  15. data/laf/stylesheets/tarantula.css +638 -0
  16. data/laf/stylesheets/ui.tabs.css +113 -0
  17. data/lib/relevance/core_extensions/ellipsize.rb +34 -0
  18. data/lib/relevance/core_extensions/file.rb +9 -0
  19. data/lib/relevance/core_extensions/response.rb +9 -0
  20. data/lib/relevance/core_extensions/test_case.rb +12 -0
  21. data/lib/relevance/tarantula/attack.rb +15 -0
  22. data/lib/relevance/tarantula/attack_form_submission.rb +75 -0
  23. data/lib/relevance/tarantula/attack_handler.rb +37 -0
  24. data/lib/relevance/tarantula/crawler.rb +240 -0
  25. data/lib/relevance/tarantula/detail.html.erb +77 -0
  26. data/lib/relevance/tarantula/form.rb +21 -0
  27. data/lib/relevance/tarantula/form_submission.rb +70 -0
  28. data/lib/relevance/tarantula/html_document_handler.rb +36 -0
  29. data/lib/relevance/tarantula/html_report_helper.rb +56 -0
  30. data/lib/relevance/tarantula/html_reporter.rb +105 -0
  31. data/lib/relevance/tarantula/index.html.erb +48 -0
  32. data/lib/relevance/tarantula/invalid_html_handler.rb +18 -0
  33. data/lib/relevance/tarantula/io_reporter.rb +34 -0
  34. data/lib/relevance/tarantula/link.rb +56 -0
  35. data/lib/relevance/tarantula/log_grabber.rb +16 -0
  36. data/lib/relevance/tarantula/rails_integration_proxy.rb +70 -0
  37. data/lib/relevance/tarantula/recording.rb +12 -0
  38. data/lib/relevance/tarantula/response.rb +13 -0
  39. data/lib/relevance/tarantula/result.rb +66 -0
  40. data/lib/relevance/tarantula/test_report.html.erb +34 -0
  41. data/lib/relevance/tarantula/tidy_handler.rb +32 -0
  42. data/lib/relevance/tarantula/transform.rb +17 -0
  43. data/lib/relevance/tarantula.rb +63 -0
  44. data/manifest.txt +114 -0
  45. data/tarantula.gemspec +42 -0
  46. data/tasks/tarantula_tasks.rake +34 -0
  47. data/template/tarantula_test.rb +12 -0
  48. data/test/relevance/core_extensions/ellipsize_test.rb +19 -0
  49. data/test/relevance/core_extensions/file_test.rb +8 -0
  50. data/test/relevance/core_extensions/response_test.rb +29 -0
  51. data/test/relevance/core_extensions/test_case_test.rb +17 -0
  52. data/test/relevance/tarantula/attack_form_submission_test.rb +79 -0
  53. data/test/relevance/tarantula/attack_handler_test.rb +30 -0
  54. data/test/relevance/tarantula/crawler_test.rb +297 -0
  55. data/test/relevance/tarantula/form_submission_test.rb +71 -0
  56. data/test/relevance/tarantula/form_test.rb +50 -0
  57. data/test/relevance/tarantula/html_document_handler_test.rb +44 -0
  58. data/test/relevance/tarantula/html_report_helper_test.rb +48 -0
  59. data/test/relevance/tarantula/html_reporter_test.rb +82 -0
  60. data/test/relevance/tarantula/invalid_html_handler_test.rb +34 -0
  61. data/test/relevance/tarantula/io_reporter_test.rb +12 -0
  62. data/test/relevance/tarantula/link_test.rb +49 -0
  63. data/test/relevance/tarantula/log_grabber_test.rb +27 -0
  64. data/test/relevance/tarantula/rails_integration_proxy_test.rb +95 -0
  65. data/test/relevance/tarantula/result_test.rb +86 -0
  66. data/test/relevance/tarantula/tidy_handler_test.rb +59 -0
  67. data/test/relevance/tarantula/transform_test.rb +21 -0
  68. data/test/relevance/tarantula_test.rb +23 -0
  69. data/test/test_helper.rb +32 -0
  70. data/uninstall.rb +1 -0
  71. data/vendor/xss-shield/MIT-LICENSE +20 -0
  72. data/vendor/xss-shield/README +76 -0
  73. data/vendor/xss-shield/init.rb +16 -0
  74. data/vendor/xss-shield/lib/xss_shield/erb_hacks.rb +111 -0
  75. data/vendor/xss-shield/lib/xss_shield/haml_hacks.rb +42 -0
  76. data/vendor/xss-shield/lib/xss_shield/safe_string.rb +47 -0
  77. data/vendor/xss-shield/lib/xss_shield/secure_helpers.rb +40 -0
  78. data/vendor/xss-shield/lib/xss_shield.rb +6 -0
  79. data/vendor/xss-shield/test/test_actionview_integration.rb +40 -0
  80. data/vendor/xss-shield/test/test_erb.rb +44 -0
  81. data/vendor/xss-shield/test/test_haml.rb +43 -0
  82. data/vendor/xss-shield/test/test_helpers.rb +25 -0
  83. data/vendor/xss-shield/test/test_safe_string.rb +55 -0
  84. metadata +256 -0
data/MIT-LICENSE ADDED
@@ -0,0 +1,20 @@
1
+ Copyright (c) 2008 Relevance, Inc.
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.rdoc ADDED
@@ -0,0 +1,70 @@
1
+ = Tarantula
2
+
3
+ == DESCRIPTION
4
+
5
+ Tarantula is a big fuzzy spider. It crawls your Rails application, fuzzing data to see what breaks.
6
+
7
+ == Dependencies
8
+
9
+ htmlentities
10
+ hpricot
11
+ facets >= 2.4.3
12
+
13
+ == Usage
14
+
15
+ #!sh
16
+ rake tarantula:setup
17
+
18
+ Creates a Rails integration test that looks like this, filling in your own auth params. You will probably want to include all fixtures.
19
+
20
+ require 'relevance/tarantula'
21
+
22
+ # in your test
23
+ def test_with_login
24
+ post '/sessions/create', :password => 'your-pass'
25
+ assert_response :redirect
26
+ assert_redirected_to '/'
27
+ follow_redirect!
28
+ tarantula_crawl(self)
29
+ end
30
+
31
+ If you want to set custom options, you can get access to the crawler and set properties before running it. For example, this would turn on HTMLTidy.
32
+
33
+ def test_with_login
34
+ post '/sessions/create', :password => 'your-pass'
35
+ assert_response :redirect
36
+ assert_redirected_to '/'
37
+ follow_redirect!
38
+ t = tarantula_crawler(self)
39
+ t.handlers << Relevance::Tarantula::TidyHandler.new
40
+ t.crawl '/'
41
+ end
42
+
43
+ Assuming your project is at /work/project/:
44
+
45
+ #!sh
46
+ cd /work/project
47
+ rake tarantula:test
48
+
49
+ == Verbose Mode
50
+
51
+ If you run the test you will get a report in tmp/tarantula. You can also set VERBOSE=true to see more detail as the test runs.
52
+
53
+ For more options see the test suite.
54
+
55
+ == Allowed Errors
56
+
57
+ If, for example, a 404 is an appropriate response for some URLs, you can
58
+ tell Tarantula to allow 404s for URLs matching a regexp:
59
+
60
+ t = tarantula_crawler(self)
61
+ t.allow_404_for %r{/users/\d+/}
62
+
63
+ == Bugs/Requests
64
+
65
+ Please submit your bug reports, patches or feature requests as a ticket under the component "tarantula" on our Trac instance here: http://opensource.thinkrelevance.com/. You'll have to create an account (Sorry! Otherwise we'd get way too much spam).
66
+
67
+ == License and Copyright
68
+
69
+ Copyright (c) 2008 Relevance, Inc., released under the MIT license
70
+
data/Rakefile ADDED
@@ -0,0 +1,79 @@
1
+ require 'rake'
2
+ require 'rake/testtask'
3
+ require 'rake/rdoctask'
4
+ require 'rubygems'
5
+
6
+ begin
7
+ gem 'technicalpickles-echoe'
8
+ rescue LoadError => e
9
+ puts "couldn't find the correct version of echoe - please install from forked version on github: http://github.com/technicalpickles/echoe/"
10
+ puts "sudo gem install technicalpickles-echoe -s http://gems.github.com"
11
+ end
12
+
13
+ require 'echoe'
14
+ require 'lib/relevance/tarantula.rb'
15
+
16
+ echoe = Echoe.new('tarantula') do |p|
17
+ p.rubyforge_name = 'thinkrelevance'
18
+ p.author = ["Relevance"]
19
+ p.email = 'opensource@thinkrelevance.com'
20
+ p.version = Relevance::Tarantula::VERSION
21
+ p.summary = "A big hairy fuzzy spider that crawls your site, wreaking havoc"
22
+ p.description = "A big hairy fuzzy spider that crawls your site, wreaking havoc"
23
+ p.url = "http://opensource.thinkrelevance.com/wiki/tarantula"
24
+ p.rdoc_pattern = /^(lib|bin)|txt|rdoc|CHANGELOG|MIT-LICENSE$/
25
+ rdoc_template = `allison --path`.strip << ".rb"
26
+ p.rdoc_template = rdoc_template
27
+ p.test_pattern = 'test/**/*_test.rb'
28
+ p.manifest_name = 'manifest.txt'
29
+ p.dependencies = ['htmlentities', 'hpricot', 'facets >=2.4.3']
30
+ end
31
+
32
+ desc 'Default: run unit tests.'
33
+ task :default => :test
34
+
35
+ desc 'Test the tarantula plugin.'
36
+ Rake::TestTask.new(:test) do |t|
37
+ t.libs << 'lib'
38
+ t.pattern = 'test/**/*_test.rb'
39
+ t.verbose = true
40
+ end
41
+
42
+ desc 'Generate documentation for the tarantula plugin.'
43
+ Rake::RDocTask.new(:rdoc) do |rdoc|
44
+ rdoc.rdoc_dir = 'rdoc'
45
+ rdoc.title = 'Tarantula'
46
+ rdoc.options << '--line-numbers' << '--inline-source'
47
+ rdoc.rdoc_files.include('README.rdoc')
48
+ rdoc.rdoc_files.include('lib/**/*.rb')
49
+ end
50
+
51
+ begin
52
+ require 'rcov'
53
+ require "rcov/rcovtask"
54
+
55
+ namespace :coverage do
56
+ rcov_output = ENV["CC_BUILD_ARTIFACTS"] || 'tmp/coverage'
57
+ rcov_exclusions = %w{ /Library/Ruby/* }.join(',')
58
+
59
+ desc "Delete aggregate coverage data."
60
+ task(:clean) { rm_f "rcov_tmp" }
61
+
62
+ Rcov::RcovTask.new(:unit => :clean) do |t|
63
+ t.test_files = FileList['test/**/*_test.rb']
64
+ t.rcov_opts = ["--sort coverage", "--aggregate 'rcov_tmp'", "--html", "--rails", "--exclude '#{rcov_exclusions}'"]
65
+ t.output_dir = rcov_output + '/unit'
66
+ end
67
+
68
+ desc "Generate and open coverage report"
69
+ task(:all => [:unit]) do
70
+ system("open #{rcov_output}/unit/index.html") if PLATFORM['darwin']
71
+ end
72
+ end
73
+ rescue LoadError
74
+ if RUBY_PLATFORM =~ /java/
75
+ puts 'running in jruby - rcov tasks not available'
76
+ else
77
+ puts 'sudo gem install rcov # if you want the rcov tasks'
78
+ end
79
+ end
data/init.rb ADDED
@@ -0,0 +1 @@
1
+ require File.dirname(__FILE__) + "/rails/init"
data/install.rb ADDED
@@ -0,0 +1 @@
1
+ # Install hook code here
data/laf/images/background.jpg ADDED
Binary file
data/laf/images/relevance-os-logo.gif ADDED
Binary file
data/laf/images/tab.png ADDED
Binary file
data/laf/images/table-sort.gif ADDED
Binary file
data/laf/images/tarantula-sprites.png ADDED
Binary file