relevance-tarantula 0.0.7.1 → 0.0.8.0
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +45 -5
- data/laf/stylesheets/tarantula.css +80 -548
- data/laf/stylesheets/ui.tabs.css +2 -2
- data/lib/relevance/tarantula/detail.html.erb +55 -41
- data/lib/relevance/tarantula/html_report_helper.rb +3 -13
- data/lib/relevance/tarantula/html_reporter.rb +2 -2
- data/lib/relevance/tarantula/index.html.erb +25 -20
- data/lib/relevance/tarantula/test_report.html.erb +9 -9
- data/lib/relevance/tarantula.rb +1 -1
- data/tarantula.gemspec +2 -2
- data/tasks/tarantula_tasks.rake +6 -6
- data/test/relevance/tarantula/html_report_helper_test.rb +2 -2
- metadata +2 -2
data/README.rdoc
CHANGED
@@ -16,8 +16,6 @@ Creates a Rails integration test that looks like this, filling in your own auth
|
|
16
16
|
# in your test
|
17
17
|
def test_with_login
|
18
18
|
post '/sessions/create', :password => 'your-pass'
|
19
|
-
assert_response :redirect
|
20
|
-
assert_redirected_to '/'
|
21
19
|
follow_redirect!
|
22
20
|
tarantula_crawl(self)
|
23
21
|
end
|
@@ -36,9 +34,9 @@ If you want to set custom options, you can get access to the crawler and set pro
|
|
36
34
|
|
37
35
|
Assuming your project is at /work/project/:
|
38
36
|
|
39
|
-
|
40
|
-
|
41
|
-
|
37
|
+
#!sh
|
38
|
+
cd /work/project
|
39
|
+
rake tarantula:test
|
42
40
|
|
43
41
|
== Verbose Mode
|
44
42
|
|
@@ -54,6 +52,33 @@ tell Tarantula to allow 404s for URLs matching a regexp:
|
|
54
52
|
t = tarantula_crawler(self)
|
55
53
|
t.allow_404_for %r{/users/\d+/}
|
56
54
|
|
55
|
+
== Custom Attack Handlers
|
56
|
+
|
57
|
+
You can specify the attack strings that Tarantula throws at your application.
|
58
|
+
|
59
|
+
def test_tarantula
|
60
|
+
t = tarantula_crawler(self)
|
61
|
+
|
62
|
+
Relevance::Tarantula::AttackFormSubmission.attacks << {
|
63
|
+
:name => :xss,
|
64
|
+
:input => "<script>gotcha!</script>",
|
65
|
+
:output => "<script>gotcha!</script>",
|
66
|
+
}
|
67
|
+
|
68
|
+
Relevance::Tarantula::AttackFormSubmission.attacks << {
|
69
|
+
:name => :sql_injection,
|
70
|
+
:input => "a'; DROP TABLE posts;",
|
71
|
+
}
|
72
|
+
|
73
|
+
t.handlers << Relevance::Tarantula::AttackHandler.new
|
74
|
+
t.fuzzers << Relevance::Tarantula::AttackFormSubmission
|
75
|
+
t.times_to_crawl = 2
|
76
|
+
t.crawl "/posts"
|
77
|
+
end
|
78
|
+
|
79
|
+
This example adds custom attacks for both SQL injection and XSS. It also tells tarantula to crawl the app 2 times. This
|
80
|
+
is important for XSS attacks because the results won't appear until the second time tarantula performs the crawl.
|
81
|
+
|
57
82
|
== Install
|
58
83
|
|
59
84
|
See the rakefile for dependencies, or just let Rubygems handle it.
|
@@ -62,6 +87,21 @@ The latest and greatest gem will always be available from Github:
|
|
62
87
|
|
63
88
|
gem install relevance-tarantula --source http://gems.github.com
|
64
89
|
|
90
|
+
To setup tarantula in your application add the following line into either config/environment.rb or config/environments/test.rb (preferred).
|
91
|
+
This assumes that you have Rails 2.1 or higher installed.
|
92
|
+
|
93
|
+
config.gem 'relevance-tarantula', :source => "http://gems.github.com", :lib => 'relevance/tarantula'
|
94
|
+
|
95
|
+
Since rails doesn't (yet) support loading rake tasks that live inside gems you will need to add the following line into your Rakefile.
|
96
|
+
|
97
|
+
load File.join(RAILS_ROOT, "vendor/gems/relevance-tarantula-0.0.7.1/tasks/tarantula_tasks.rake")
|
98
|
+
|
99
|
+
Substituting the proper version of relevance-tarantula in the path. This assumes that you have vendored tarantula. To do so simply run
|
100
|
+
|
101
|
+
gem unpack relevance-tarantula
|
102
|
+
|
103
|
+
from the vendor/gems directory of your application.
|
104
|
+
|
65
105
|
You can also grab it from Rubyforge, where we will push stable releases but may not be as bleeding edge as the Github gem.
|
66
106
|
|
67
107
|
gem install tarantula
|
@@ -1,5 +1,3 @@
|
|
1
|
-
/* RESET */
|
2
|
-
|
3
1
|
html, body, div, span, applet, object, iframe,
|
4
2
|
h1, h2, h3, h4, h5, h6, p, blockquote, pre,
|
5
3
|
a, abbr, acronym, address, big, cite, code,
|
@@ -9,580 +7,80 @@ b, u, i, center,
|
|
9
7
|
dl, dt, dd, ol, ul, li,
|
10
8
|
fieldset, form, label, legend,
|
11
9
|
table, caption, tbody, tfoot, thead, tr, th, td {
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
}
|
20
|
-
body {
|
21
|
-
line-height: 1;
|
22
|
-
}
|
23
|
-
ol, ul {
|
24
|
-
list-style: none;
|
25
|
-
}
|
26
|
-
blockquote, q {
|
27
|
-
quotes: none;
|
28
|
-
}
|
29
|
-
|
30
|
-
/* remember to define focus styles! */
|
31
|
-
:focus {
|
32
|
-
outline: 0;
|
10
|
+
margin: 0;
|
11
|
+
padding: 0;
|
12
|
+
border: 0;
|
13
|
+
outline: 0;
|
14
|
+
font-size: 100%;
|
15
|
+
vertical-align: baseline;
|
16
|
+
background: transparent;
|
33
17
|
}
|
34
18
|
|
35
|
-
/* remember to highlight inserts somehow! */
|
36
|
-
ins {
|
37
|
-
text-decoration: none;
|
38
|
-
}
|
39
|
-
del {
|
40
|
-
text-decoration: line-through;
|
41
|
-
}
|
42
|
-
|
43
|
-
/* tables still need 'cellspacing="0"' in the markup */
|
44
|
-
table {
|
45
|
-
border-collapse: collapse;
|
46
|
-
border-spacing: 0;
|
47
|
-
}
|
48
|
-
|
49
|
-
/* UTILITY */
|
50
|
-
|
51
|
-
/* IE Background Scroll Fix */
|
52
|
-
html {
|
53
|
-
background: url(null) fixed no-repeat;
|
54
|
-
}
|
55
|
-
|
56
|
-
|
57
|
-
/* Firefox Link Fix */
|
58
|
-
a:active, a:focus {
|
59
|
-
outline: 0;
|
60
|
-
}
|
61
|
-
|
62
|
-
.hide {
|
63
|
-
display: none;
|
64
|
-
}
|
65
|
-
|
66
|
-
/* TAGS */
|
67
19
|
body {
|
68
|
-
|
69
|
-
|
70
|
-
}
|
71
|
-
|
72
|
-
strong, b {
|
73
|
-
font-weight: 900;
|
74
|
-
}
|
75
|
-
|
76
|
-
em, i {
|
77
|
-
font-style: italic;
|
78
|
-
}
|
79
|
-
|
80
|
-
a:link { /* unvisited link */
|
81
|
-
color: #003399
|
82
|
-
}
|
83
|
-
|
84
|
-
a:visited { /* visited link */
|
85
|
-
color: #666666
|
86
|
-
}
|
87
|
-
|
88
|
-
a:hover { /* mouse over link */
|
89
|
-
|
90
|
-
}
|
91
|
-
|
92
|
-
a:active { /* selected link */
|
93
|
-
color: #003399
|
94
|
-
}
|
95
|
-
|
96
|
-
/* IMAGES */
|
97
|
-
#header, #header h1, #page-container hr.top, #footer, #footer h4, #header ul.navigation li, #header ul.navigation li a,
|
98
|
-
table.grid thead tr:first-child th, table.grid thead th a, table.output thead tr:first-child th, table.output thead th ul.tab li a,
|
99
|
-
table.output thead th ul.tab li a span, #page table thead tr th.asc span.sort, #page table thead tr th.desc span.sort {
|
100
|
-
background-image: url('../images/tarantula-sprites.png');
|
101
|
-
background-repeat: no-repeat;
|
20
|
+
background-color: #eee;
|
21
|
+
font-family: "Lucida Grande", veranda, arial, helvetica, sans-serif;
|
102
22
|
}
|
103
23
|
|
104
24
|
#header {
|
105
|
-
|
106
|
-
|
107
|
-
|
25
|
+
background-color: #003366;
|
26
|
+
font-size: 22px;
|
27
|
+
height: 70px;
|
108
28
|
}
|
109
29
|
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
width: 473px;
|
30
|
+
.header_text {
|
31
|
+
color: #ffcc00;
|
32
|
+
padding-top: 10px;
|
33
|
+
padding-left: 15px;
|
115
34
|
}
|
116
35
|
|
117
|
-
#
|
118
|
-
|
119
|
-
|
120
|
-
background-repeat: repeat-x;
|
121
|
-
width: 147px;
|
36
|
+
#tabs-container {
|
37
|
+
padding-top: 7px;
|
38
|
+
padding-left: 15px;
|
122
39
|
}
|
123
40
|
|
124
|
-
#
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
#header ul.navigation li a:hover {
|
131
|
-
background-position: 100% -164px;
|
132
|
-
}
|
133
|
-
|
134
|
-
#page-container hr.top {
|
135
|
-
background-position: 100% -211px;
|
136
|
-
background-repeat: repeat-x;
|
137
|
-
height: 13px;
|
138
|
-
}
|
139
|
-
|
140
|
-
#footer {
|
141
|
-
background-position: 100% -330px;
|
142
|
-
background-repeat: repeat-x;
|
143
|
-
height: 55px;
|
144
|
-
}
|
145
|
-
|
146
|
-
#footer > h4 {
|
147
|
-
background-position: 4px -390px;
|
148
|
-
display: block;
|
149
|
-
height: 65px;
|
150
|
-
width: 165px;
|
151
|
-
}
|
152
|
-
|
153
|
-
/* LAYOUT */
|
154
|
-
html {
|
155
|
-
background-color: #dac7ad;
|
156
|
-
color: #000;
|
157
|
-
}
|
158
|
-
|
159
|
-
body {
|
160
|
-
padding-top: .65em;
|
161
|
-
}
|
162
|
-
|
163
|
-
#header {
|
164
|
-
background-color: #000;
|
165
|
-
color: #000;
|
166
|
-
border-top: 10px solid #000;
|
167
|
-
height: 81px;
|
168
|
-
border-bottom: 1px solid #dac7ad;
|
169
|
-
position: inherit;
|
170
|
-
}
|
171
|
-
|
172
|
-
#header hr.top {
|
173
|
-
background-color: #dac7ad;
|
174
|
-
border: 0;
|
175
|
-
color: #dac7ad;
|
176
|
-
height: 1px;
|
177
|
-
margin: 0;
|
178
|
-
padding: 0;
|
179
|
-
}
|
180
|
-
|
181
|
-
#header > h1 {
|
182
|
-
display: -moz-inline-box;
|
183
|
-
display: inline-block;
|
184
|
-
}
|
185
|
-
|
186
|
-
#header ul.navigation {
|
187
|
-
display: inline;
|
188
|
-
left: 510px;
|
189
|
-
list-style: none;
|
190
|
-
position: relative;
|
191
|
-
top: 28px;
|
192
|
-
width: auto;
|
193
|
-
}
|
194
|
-
|
195
|
-
#header ul.navigation li {
|
196
|
-
display: -moz-inline-box;
|
197
|
-
display: inline-block;
|
198
|
-
font-size: 100%;
|
199
|
-
margin: 0;
|
200
|
-
text-align:left;
|
201
|
-
}
|
202
|
-
|
203
|
-
#header ul.navigation li a {
|
204
|
-
display: block;
|
205
|
-
margin-left: 1px;
|
206
|
-
font-family: Arial, Helvetica, sans-serif;
|
207
|
-
text-decoration: none;
|
208
|
-
padding-top: 5px;
|
209
|
-
padding-bottom: 0;
|
210
|
-
padding-left: 5px;
|
211
|
-
}
|
212
|
-
|
213
|
-
#header ul.navigation li a:hover {
|
214
|
-
border-top: 2px solid;
|
215
|
-
padding-top: 3px;
|
216
|
-
}
|
217
|
-
|
218
|
-
#header ul.navigation li a.result-all {
|
219
|
-
border-color: #003399;
|
220
|
-
}
|
221
|
-
|
222
|
-
#header ul.navigation li a.result-failure {
|
223
|
-
border-color: #990000;
|
224
|
-
}
|
225
|
-
|
226
|
-
#header ul.navigation li a.result-success {
|
227
|
-
border-color: #339900;
|
228
|
-
}
|
229
|
-
|
230
|
-
#header ul.navigation li span {
|
231
|
-
display: block;
|
232
|
-
color: #a8876e;
|
233
|
-
font-size: .70em;
|
234
|
-
font-weight: 900;
|
235
|
-
}
|
236
|
-
|
237
|
-
#header ul.navigation li em {
|
238
|
-
color: #727779;
|
239
|
-
display: block;
|
240
|
-
font-size: .70em;
|
241
|
-
font-style: normal;
|
242
|
-
}
|
243
|
-
|
244
|
-
h1 > span {
|
245
|
-
display: block;
|
246
|
-
margin-left: -9999em;
|
247
|
-
width: 475px;
|
248
|
-
clear: left;
|
249
|
-
}
|
250
|
-
|
251
|
-
#page-container {
|
252
|
-
border-top: 10px solid #000;
|
253
|
-
}
|
254
|
-
|
255
|
-
#page-container hr.top {
|
256
|
-
border: 0;
|
257
|
-
margin: 0;
|
258
|
-
padding: 0;
|
259
|
-
}
|
260
|
-
|
261
|
-
#page {
|
262
|
-
float: left;
|
263
|
-
margin: 1.5em;
|
264
|
-
padding-bottom: 40px;
|
265
|
-
width: 75%;
|
266
|
-
}
|
267
|
-
|
268
|
-
p, ul li, #sidebar p, #sidebar ul li {
|
269
|
-
font-family: Arial, Helvetica, sans-serif;
|
270
|
-
font-size: 82%;
|
271
|
-
margin: .45em;
|
272
|
-
text-align: justify;
|
273
|
-
}
|
274
|
-
|
275
|
-
ul {
|
276
|
-
margin-left: 2%;
|
277
|
-
|
278
|
-
}
|
279
|
-
|
280
|
-
ul li {
|
281
|
-
list-style: square;
|
282
|
-
margin: .15em 1.5%;
|
283
|
-
}
|
284
|
-
|
285
|
-
h2, h3, h4, h5
|
286
|
-
{
|
287
|
-
font-family: Arial, Helvetica, sans-serif;
|
288
|
-
padding-bottom: 4px;
|
289
|
-
margin: .25em;
|
290
|
-
}
|
291
|
-
|
292
|
-
#page h2 {
|
293
|
-
color: #1f1512;
|
294
|
-
border-bottom: 2px solid #cab8a0;
|
295
|
-
}
|
296
|
-
|
297
|
-
#page h3 {
|
298
|
-
font-size: 90%;
|
299
|
-
color: #48322c;
|
300
|
-
}
|
301
|
-
|
302
|
-
#page h4 {
|
303
|
-
font-size: 85%;
|
304
|
-
color: #82574f;
|
305
|
-
border-bottom: 1px solid #cab8a0;
|
41
|
+
#results-container {
|
42
|
+
float: left;
|
43
|
+
width: 625px;
|
44
|
+
margin-left: 20px;
|
45
|
+
margin-top: 10px;
|
46
|
+
background-color: #fff;
|
306
47
|
}
|
307
48
|
|
308
49
|
#sidebar {
|
309
|
-
|
310
|
-
|
311
|
-
|
312
|
-
|
313
|
-
|
314
|
-
|
315
|
-
#
|
316
|
-
font-size: 76%;
|
317
|
-
margin: .40em;
|
318
|
-
padding: .2em;
|
319
|
-
text-align: justify;
|
320
|
-
}
|
321
|
-
|
322
|
-
#sidebar h3 {
|
323
|
-
font-family: Arial;
|
324
|
-
color: #3f110f;
|
325
|
-
margin: .25em;
|
326
|
-
padding-bottom: 4px;
|
327
|
-
font-size: 90%;
|
328
|
-
border-bottom: 2px solid #342320;
|
329
|
-
}
|
330
|
-
|
331
|
-
#sidebar h4 {
|
332
|
-
color: #613737;
|
333
|
-
font-size: 85%;
|
334
|
-
}
|
335
|
-
|
336
|
-
#footer {
|
337
|
-
background-color: #000;
|
338
|
-
border-top: 1px solid #fff5da;
|
339
|
-
bottom: 0;
|
340
|
-
color: #fff;
|
341
|
-
position: fixed;
|
342
|
-
text-align: right;
|
343
|
-
width: 100%;
|
50
|
+
float: right;
|
51
|
+
width: 300px;
|
52
|
+
margin-right: 20px;
|
53
|
+
margin-top: 10px;
|
54
|
+
font-size: 12px;
|
55
|
+
padding: 20px;
|
56
|
+
background-color: #fff;
|
344
57
|
}
|
345
58
|
|
346
|
-
|
347
|
-
|
348
|
-
float: right;
|
349
|
-
clear: left;
|
350
|
-
}
|
351
|
-
|
352
|
-
#footer h4 > span {
|
353
|
-
display: block;
|
354
|
-
margin-right: -999em;
|
355
|
-
}
|
356
|
-
|
357
|
-
/* TABLES */
|
358
|
-
|
359
|
-
table {
|
360
|
-
width: 99%;
|
361
|
-
}
|
362
|
-
|
363
|
-
table th.desc span.sort,
|
364
|
-
table th.asc span.sort {
|
365
|
-
margin: 0 !important;
|
366
|
-
|
367
|
-
display: -moz-inline-block !important;
|
368
|
-
width: 18px !important;
|
369
|
-
height: 12px !important;
|
370
|
-
position: relative;
|
371
|
-
padding: 0 !important;
|
372
|
-
float: right;
|
373
|
-
}
|
374
|
-
|
375
|
-
table span.sort em {
|
376
|
-
margin-left: -9999px;
|
377
|
-
}
|
378
|
-
|
379
|
-
table th.asc span.sort{
|
380
|
-
background-position: 4px -304px;
|
381
|
-
background-repeat: repeat-x;
|
382
|
-
}
|
383
|
-
|
384
|
-
table th.desc span.sort {
|
385
|
-
background-position: 4px -316px;
|
386
|
-
background-repeat: repeat-x;
|
387
|
-
|
388
|
-
}
|
389
|
-
|
390
|
-
#page table {
|
391
|
-
margin: .45em 0 0 0 !important;
|
392
|
-
}
|
393
|
-
|
394
|
-
#page table th, #page table td {
|
395
|
-
font-family: Arial, Helvetica, sans-serif;
|
396
|
-
font-size: .75em;
|
397
|
-
color: #66463e;
|
398
|
-
}
|
399
|
-
|
400
|
-
#page table.grid {
|
401
|
-
border-collapse: separate;
|
402
|
-
padding: 1px;
|
403
|
-
margin-bottom: 1em;
|
404
|
-
width: 100%;
|
405
|
-
}
|
406
|
-
|
407
|
-
#page table.grid tbody td {
|
408
|
-
border-color: #d6bda7;
|
409
|
-
border-style: solid;
|
410
|
-
border-top-width: 1px;
|
411
|
-
border-right-width: 1px;
|
412
|
-
font-family: "Andale Mono","Monaco","Lucida Console", "Bitstream Vera Sans Mono", Courier, monospace;
|
413
|
-
font-size: .80em;
|
414
|
-
color: #1a1a1a;
|
59
|
+
.clearer {
|
60
|
+
clear: both;
|
415
61
|
}
|
416
62
|
|
417
|
-
|
418
|
-
|
63
|
+
.grid {
|
64
|
+
width: 100%;
|
65
|
+
font-size: 12px;
|
419
66
|
}
|
420
67
|
|
421
|
-
|
422
|
-
|
68
|
+
table caption {
|
69
|
+
font-size: 16px;
|
423
70
|
}
|
424
71
|
|
425
|
-
|
426
|
-
|
427
|
-
background-image: none;
|
428
|
-
border: none;
|
429
|
-
color: #66463e;
|
72
|
+
.even {
|
73
|
+
background-color: #eee;
|
430
74
|
}
|
431
75
|
|
432
|
-
|
433
|
-
padding: 4px;
|
434
|
-
font-weight: 900;
|
435
|
-
}
|
436
|
-
|
437
|
-
#page table.grid thead tr:first-child th {
|
438
|
-
background-position: 0 -223px;
|
439
|
-
background-repeat: repeat-x;
|
440
|
-
padding-left: 1px;
|
441
|
-
}
|
442
|
-
|
443
|
-
|
444
|
-
#page table.grid thead th a {
|
445
|
-
display: -moz-inline-block;
|
446
|
-
display: inline-block;
|
447
|
-
border-top: 1px solid #84574e;
|
448
|
-
background-image: none;
|
449
|
-
text-decoration: none;
|
450
|
-
height: 25px;
|
451
|
-
color: #dac7ad;
|
452
|
-
width: 100%;
|
453
|
-
font-size: 95%;
|
454
|
-
}
|
76
|
+
.odd {
|
455
77
|
|
456
|
-
#page table.grid thead th span.sort {
|
457
|
-
|
458
|
-
height: 19px;
|
459
|
-
vertical-align: middle;
|
460
|
-
margin-right: 12px;
|
461
|
-
padding: 6px 18px 0px 18px;
|
462
|
-
/* padding: 6px; */
|
463
|
-
}
|
464
|
-
|
465
|
-
#page table.grid tbody a {
|
466
|
-
color: #003399;
|
467
78
|
}
|
468
79
|
|
469
|
-
#
|
470
|
-
|
471
|
-
|
472
|
-
|
473
|
-
|
474
|
-
#page table.grid tbody tr.alt td {
|
475
|
-
background-color: #dfccb2
|
476
|
-
}
|
477
|
-
|
478
|
-
#page table.output {
|
479
|
-
width: 100%;
|
480
|
-
}
|
481
|
-
|
482
|
-
#page table.output thead tr:first-child th {
|
483
|
-
height: 20px;
|
484
|
-
background-position: 100% -250px;
|
485
|
-
background-repeat: repeat-x;
|
486
|
-
}
|
487
|
-
|
488
|
-
#page table.output thead th {
|
489
|
-
background-color: #d3bda4;
|
490
|
-
}
|
491
|
-
|
492
|
-
#page table.output thead tr th>span {
|
493
|
-
height: 17px;
|
494
|
-
padding: 4px;
|
495
|
-
display: block;
|
496
|
-
}
|
497
|
-
|
498
|
-
#page table.output thead tr th ul.tab {
|
499
|
-
display: block;
|
500
|
-
list-style: none;
|
501
|
-
position: relative;
|
502
|
-
margin-left: 0;
|
503
|
-
}
|
504
|
-
|
505
|
-
#page table.output thead th ul.tab li {
|
506
|
-
display: -moz-inline-box;
|
507
|
-
display: inline-block;
|
508
|
-
text-align: left;
|
509
|
-
width: 160px;
|
510
|
-
font-size: 100% !important;
|
511
|
-
margin: 0 !important;
|
512
|
-
padding: 0 !important;
|
513
|
-
text-align: left !important;
|
514
|
-
|
515
|
-
|
516
|
-
}
|
517
|
-
|
518
|
-
#page table.output thead th ul.tab li a {
|
519
|
-
background-position: 0 -250px;
|
520
|
-
background-repeat: repeat-x;
|
521
|
-
display: -moz-inline-box;
|
522
|
-
display: inline-block;
|
523
|
-
width: 160px;
|
524
|
-
height: 25px;
|
525
|
-
color: #dac7ad;
|
526
|
-
text-decoration: none;
|
527
|
-
}
|
528
|
-
|
529
|
-
#page table.output thead th ul.tab li a span {
|
530
|
-
margin-left: 1px;
|
531
|
-
background-position: 100% -250px;
|
532
|
-
background-repeat: repeat-x;
|
533
|
-
display: -moz-inline-box;
|
534
|
-
display: inline-block;
|
535
|
-
width: 162px;
|
536
|
-
padding: 4px 6px;
|
537
|
-
|
538
|
-
height: 17px;
|
539
|
-
}
|
540
|
-
|
541
|
-
#page table.output thead th ul.tab li.active a span {
|
542
|
-
background-position: 100% -277px;
|
543
|
-
background-repeat: repeat-x;
|
544
|
-
display: -moz-inline-box;
|
545
|
-
display: inline-block;
|
546
|
-
}
|
547
|
-
|
548
|
-
#page table.output tbody tr td:first-child {
|
549
|
-
background-color: #dfccb2;
|
550
|
-
|
551
|
-
border-right-width: 1px;
|
552
|
-
border-left-width: 1px;
|
553
|
-
}
|
554
|
-
|
555
|
-
#page table.output tbody tr td {
|
556
|
-
background-color: #dacab4;
|
557
|
-
|
558
|
-
border-style: solid;
|
559
|
-
border-color: #d6bda7;
|
560
|
-
border-bottom-width: 1px;
|
561
|
-
border-right-width: 1px;
|
562
|
-
|
563
|
-
font-family: "Andale Mono","Monaco","Lucida Console", "Bitstream Vera Sans Mono", Courier, monospace;
|
564
|
-
font-size: .80em;
|
565
|
-
|
566
|
-
padding: 4px;
|
567
|
-
|
568
|
-
color: #1a1a1a;
|
569
|
-
}
|
570
|
-
|
571
|
-
#page table.output tfoot tr td {
|
572
|
-
font-weight: 900;
|
573
|
-
padding: 4px;
|
574
|
-
}
|
575
|
-
|
576
|
-
table tr .left {
|
577
|
-
text-align: left;
|
578
|
-
}
|
579
|
-
|
580
|
-
table tr .right {
|
581
|
-
text-align: right;
|
582
|
-
}
|
583
|
-
|
584
|
-
table tr td.center {
|
585
|
-
text-align: center;
|
80
|
+
#details {
|
81
|
+
margin-left: 10px;
|
82
|
+
margin-top: 5px;
|
83
|
+
font-size: 12px;
|
586
84
|
}
|
587
85
|
|
588
86
|
/* Response Codes */
|
@@ -636,3 +134,37 @@ html*table th {
|
|
636
134
|
html*#header ul.navigation {
|
637
135
|
top: 30px;
|
638
136
|
} /**/
|
137
|
+
|
138
|
+
#results table.grid {
|
139
|
+
background-color: #003366;
|
140
|
+
}
|
141
|
+
|
142
|
+
|
143
|
+
#results table th, #results table td {
|
144
|
+
font-family: Arial, Helvetica, sans-serif;
|
145
|
+
color: #fff;
|
146
|
+
background-color: #003366;
|
147
|
+
}
|
148
|
+
|
149
|
+
#results table.grid {
|
150
|
+
border-collapse: separate;
|
151
|
+
margin-bottom: 1em;
|
152
|
+
width: 100%;
|
153
|
+
}
|
154
|
+
|
155
|
+
#results table.grid tfoot tr td {
|
156
|
+
padding: 4px;
|
157
|
+
font-weight: 900;
|
158
|
+
}
|
159
|
+
|
160
|
+
#results table.grid tbody a {
|
161
|
+
color: #003366;
|
162
|
+
}
|
163
|
+
|
164
|
+
#results table.grid tbody td {
|
165
|
+
padding: 2px 4px;
|
166
|
+
background-color: #f6ffcd;
|
167
|
+
color: #000;
|
168
|
+
}
|
169
|
+
|
170
|
+
|
data/laf/stylesheets/ui.tabs.css
CHANGED
@@ -36,7 +36,8 @@
|
|
36
36
|
.ui-tabs-nav a, .ui-tabs-nav a span {
|
37
37
|
display: block;
|
38
38
|
padding: 0 10px;
|
39
|
-
background:
|
39
|
+
background-color: #eee;
|
40
|
+
color: #13a013;
|
40
41
|
}
|
41
42
|
.ui-tabs-nav a {
|
42
43
|
margin: 1px 0 0; /* position: relative makes opacity fail for disabled tab in IE */
|
@@ -95,7 +96,6 @@
|
|
95
96
|
filter: alpha(opacity=40);
|
96
97
|
}
|
97
98
|
.ui-tabs-panel {
|
98
|
-
border-top: 1px solid #97a5b0;
|
99
99
|
padding: 1em 8px;
|
100
100
|
}
|
101
101
|
.ui-tabs-loading em {
|
@@ -5,70 +5,84 @@
|
|
5
5
|
<head>
|
6
6
|
<meta http-equiv="Content-type" content="text/html; charset=utf-8"/>
|
7
7
|
<title>Tarantula report detail <%= short_description %></title>
|
8
|
+
|
8
9
|
<script type="text/javascript" src="../javascripts/jquery-1.2.3.js"></script>
|
9
10
|
<script type="text/javascript" src="../javascripts/jquery.tablesorter.js"></script>
|
10
11
|
<script type="text/javascript" src="../javascripts/jquery-ui-tabs.js"></script>
|
11
12
|
<script type="text/javascript" src="../javascripts/tarantula.js"></script>
|
13
|
+
<script type="text/javascript" src="../javascripts/niftycube-details.js"></script>
|
12
14
|
<link type="text/css" media="screen" rel="stylesheet" href="../stylesheets/tarantula.css"/>
|
13
15
|
<link type="text/css" media="screen" rel="stylesheet" href="../stylesheets/ui.tabs.css"/>
|
14
16
|
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
17
|
+
<script type="text/javascript">
|
18
|
+
window.onload=function() {
|
19
|
+
Nifty("div#sidebar", "big");
|
20
|
+
Nifty("div#results-container", "big");
|
21
|
+
}
|
22
|
+
</script>
|
23
|
+
|
24
|
+
<!--[if lte IE 7]>
|
25
|
+
<link rel="stylesheet" href="jqeury.tabs-ie.css" type="text/css" media="projection, screen" />
|
26
|
+
<![endif]-->
|
19
27
|
</head>
|
20
28
|
|
21
|
-
<body
|
29
|
+
<body>
|
22
30
|
|
23
31
|
<div id="container">
|
24
|
-
|
32
|
+
|
25
33
|
<div id="header">
|
26
|
-
<
|
27
|
-
|
34
|
+
<div class="header_text">Tarantula : Eight Legs, Two Fangs, and an Attitude</div>
|
35
|
+
<div id="tabs-container">
|
36
|
+
<ul>
|
37
|
+
<li><a href="#fragment-1"><span>Data</span></a></li>
|
38
|
+
<li><a href="#fragment-2"><span>Body</span></a></li>
|
39
|
+
<li><a href="#fragment-3"><span>Log</span></a></li>
|
40
|
+
</ul>
|
41
|
+
</div>
|
28
42
|
</div>
|
29
43
|
|
30
|
-
<div id="
|
31
|
-
<
|
32
|
-
|
33
|
-
<h1>Tarantula report detail <%= short_description %></h1>
|
44
|
+
<div id="results-container">
|
45
|
+
<div id="details">
|
46
|
+
<p>Tarantula report detail <strong><%= short_description %></strong></p>
|
34
47
|
<p>Generated on <%= Time.now %> (<a href="../index.html">Back</a>)</p>
|
35
48
|
<p>Visit <a href="<%= full_url %>"><%= full_url %></a></p>
|
36
49
|
<p>Response: <%= code %></p>
|
37
50
|
<p>Referrer: <%= referrer || "" %></p>
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
<%= wrap_in_line_number_table(body) %>
|
54
|
-
<% else %>
|
55
|
-
<p>No Body</p>
|
56
|
-
<% end %>
|
57
|
-
</div>
|
58
|
-
<div id="fragment-3">
|
59
|
-
<% if log %>
|
60
|
-
<%= wrap_in_line_number_table(log) {|line| wrap_stack_trace_line(line)} %>
|
61
|
-
<% else %>
|
62
|
-
<p>No Log</p>
|
51
|
+
</div>
|
52
|
+
|
53
|
+
<div id="results">
|
54
|
+
<div id="fragment-1">
|
55
|
+
<% if data %>
|
56
|
+
<%= wrap_in_line_number_table(data) %>
|
57
|
+
<% else %>
|
58
|
+
<p>No Data</p>
|
59
|
+
<% end %>
|
60
|
+
</div>
|
61
|
+
<div id="fragment-2">
|
62
|
+
<% if body %>
|
63
|
+
<%= wrap_in_line_number_table(body) %>
|
64
|
+
<% else %>
|
65
|
+
<p>No Body</p>
|
63
66
|
<% end %>
|
64
|
-
</div>
|
65
67
|
</div>
|
66
|
-
|
68
|
+
<div id="fragment-3">
|
69
|
+
<% if log %>
|
70
|
+
<%= wrap_in_line_number_table(log) {|line| wrap_stack_trace_line(line)} %>
|
71
|
+
<% else %>
|
72
|
+
<p>No Log</p>
|
73
|
+
<% end %>
|
74
|
+
</div>
|
75
|
+
</div>
|
67
76
|
</div>
|
77
|
+
|
68
78
|
<div id="sidebar">
|
69
|
-
|
70
|
-
|
79
|
+
Tarantula is an open-source tool for testing Rails web applications. Tarantula is developed by
|
80
|
+
<a href="http://thinkrelevance.com">Relevance, Inc.</a>
|
81
|
+
and lives at <a href="http://github.com/relevance/tarantula">http://github.com/relevance/tarantula</a>.
|
71
82
|
</div>
|
83
|
+
|
84
|
+
<div class="clearer"></div>
|
85
|
+
|
72
86
|
</div>
|
73
87
|
</body>
|
74
88
|
|
@@ -7,27 +7,17 @@ module Relevance::Tarantula::HtmlReportHelper
|
|
7
7
|
x.table(:class => "grid tablesorter") do
|
8
8
|
x.thead do
|
9
9
|
x.tr do
|
10
|
-
x.th(:class => "sort asc") do
|
10
|
+
x.th(:class => "sort asc", :align => "left") do
|
11
11
|
x.span("Line \#")
|
12
|
-
x.span(:class => "sort") do
|
13
|
-
x.em do
|
14
|
-
x << '↥'
|
15
|
-
end
|
16
|
-
end
|
17
12
|
end
|
18
|
-
x.th(:class => "sort
|
13
|
+
x.th(:class => "sort", :align => "center") do
|
19
14
|
x.span("Line")
|
20
|
-
x.span(:class => "sort") do
|
21
|
-
x.em do
|
22
|
-
x << '↥'
|
23
|
-
end
|
24
|
-
end
|
25
15
|
end
|
26
16
|
end
|
27
17
|
end
|
28
18
|
text.split("\n").each_with_index do |line, index|
|
29
19
|
x.tr do
|
30
|
-
x.td(index+1)
|
20
|
+
x.td(index+1, :width => "30", :align => "center")
|
31
21
|
if block_given?
|
32
22
|
x.td {x << yield(line)}
|
33
23
|
else
|
@@ -60,7 +60,7 @@ class Relevance::Tarantula::HtmlReporter
|
|
60
60
|
File.open(File.join(basedir, "index.html"), "r+") do |file|
|
61
61
|
doc = Hpricot file.read
|
62
62
|
tabs_container = doc.search "#tabs-container ul"
|
63
|
-
results_container = doc.search "#
|
63
|
+
results_container = doc.search "#results-container"
|
64
64
|
tabs_container.append tab_html(test_name)
|
65
65
|
results_container.append results_html(test_name)
|
66
66
|
file.rewind
|
@@ -102,4 +102,4 @@ class Relevance::Tarantula::HtmlReporter
|
|
102
102
|
end
|
103
103
|
|
104
104
|
|
105
|
-
end
|
105
|
+
end
|
@@ -11,38 +11,43 @@
|
|
11
11
|
<script type="text/javascript" src="javascripts/jquery.tablesorter.js"></script>
|
12
12
|
<script type="text/javascript" src="javascripts/jquery-ui-tabs.js"></script>
|
13
13
|
<script type="text/javascript" src="javascripts/tarantula.js"></script>
|
14
|
+
<script type="text/javascript" src="javascripts/niftycube.js"></script>
|
14
15
|
<link type="text/css" media="screen" rel="stylesheet" href="stylesheets/tarantula.css"/>
|
15
16
|
<link type="text/css" media="screen" rel="stylesheet" href="stylesheets/ui.tabs.css"/>
|
16
|
-
</head>
|
17
17
|
|
18
|
-
|
18
|
+
<script type="text/javascript">
|
19
|
+
window.onload=function() {
|
20
|
+
Nifty("div#sidebar", "big");
|
21
|
+
Nifty("div#results-container", "big");
|
22
|
+
}
|
23
|
+
</script>
|
24
|
+
</head>
|
25
|
+
|
26
|
+
<body>
|
19
27
|
|
20
28
|
<div id="container">
|
21
29
|
|
22
30
|
<div id="header">
|
23
|
-
<
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
<li><a href="#" class="result-failure"><span>Failures</span> <em><%= failures.size %></em></a></li>
|
28
|
-
<li><a href="#" class="result-success"><span>Successful</span> <em><%= successes.size %></em></a></li>
|
29
|
-
</ul>
|
31
|
+
<div class="header_text">Tarantula : Eight Legs, Two Fangs, and an Attitude</div>
|
32
|
+
<div id="tabs-container">
|
33
|
+
<ul></ul>
|
34
|
+
</div>
|
30
35
|
</div>
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
<div id="page">
|
35
|
-
<p>Generated on <%= Time.now %></p>
|
36
|
-
<div id="tabs-container">
|
37
|
-
<ul>
|
38
|
-
</ul>
|
39
|
-
</div>
|
36
|
+
|
37
|
+
<div id="results-container">
|
38
|
+
|
40
39
|
</div>
|
40
|
+
|
41
41
|
<div id="sidebar">
|
42
|
-
|
43
|
-
|
42
|
+
Tarantula is an open-source tool for testing Rails web applications. Tarantula is developed by
|
43
|
+
<a href="http://thinkrelevance.com">Relevance, Inc.</a>
|
44
|
+
and lives at <a href="http://github.com/relevance/tarantula">http://github.com/relevance/tarantula</a>.
|
44
45
|
</div>
|
46
|
+
|
47
|
+
<div class="clearer"></div>
|
48
|
+
|
45
49
|
</div>
|
50
|
+
|
46
51
|
</body>
|
47
52
|
|
48
53
|
</html>
|
@@ -14,21 +14,21 @@
|
|
14
14
|
<tfoot>
|
15
15
|
<tr>
|
16
16
|
<td colspan="5">
|
17
|
-
|
17
|
+
<br /><br />
|
18
18
|
</td>
|
19
19
|
</tr>
|
20
20
|
</tfoot>
|
21
21
|
<tbody>
|
22
|
-
<% send(result_type).sort{|x,y| y.code.to_s <=> x.code.to_s}.
|
23
|
-
<tr>
|
24
|
-
<td
|
25
|
-
<td
|
26
|
-
<td
|
27
|
-
<td><%= result.description %></td>
|
28
|
-
<td><%= result.referrer.ellipsize(30) %></td>
|
22
|
+
<% send(result_type).sort{|x,y| y.code.to_s <=> x.code.to_s}.each_with_index do |result,i| %>
|
23
|
+
<tr class="<%= (i%2 == 0) ? 'even' : 'odd' %>">
|
24
|
+
<td align="center" width="120"><a href="<%= "#{test_name}/#{result.file_name}" %>"><%= result.url.ellipsize(30) %></a></td>
|
25
|
+
<td align="center" width="60"><%= result.method %></td>
|
26
|
+
<td align="center" width="60"><span class="<%= class_for_code(result.code) %>"><%= result.code %></span></td>
|
27
|
+
<td align="center"><%= result.description %></td>
|
28
|
+
<td align="center" width="120"><%= result.referrer.ellipsize(30) %></td>
|
29
29
|
</tr>
|
30
30
|
<% end %>
|
31
31
|
</tbody>
|
32
32
|
</table>
|
33
33
|
<% end %>
|
34
|
-
</div>
|
34
|
+
</div>
|
data/lib/relevance/tarantula.rb
CHANGED
data/tarantula.gemspec
CHANGED
@@ -2,11 +2,11 @@
|
|
2
2
|
|
3
3
|
Gem::Specification.new do |s|
|
4
4
|
s.name = %q{tarantula}
|
5
|
-
s.version = "0.0.
|
5
|
+
s.version = "0.0.8.0"
|
6
6
|
|
7
7
|
s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
|
8
8
|
s.authors = ["Relevance"]
|
9
|
-
s.date = %q{2008-11-
|
9
|
+
s.date = %q{2008-11-21}
|
10
10
|
s.description = %q{A big hairy fuzzy spider that crawls your site, wreaking havoc}
|
11
11
|
s.email = %q{opensource@thinkrelevance.com}
|
12
12
|
s.extra_rdoc_files = ["CHANGELOG", "lib/relevance/core_extensions/ellipsize.rb", "lib/relevance/core_extensions/file.rb", "lib/relevance/core_extensions/response.rb", "lib/relevance/core_extensions/test_case.rb", "lib/relevance/tarantula/attack.rb", "lib/relevance/tarantula/attack_form_submission.rb", "lib/relevance/tarantula/attack_handler.rb", "lib/relevance/tarantula/crawler.rb", "lib/relevance/tarantula/detail.html.erb", "lib/relevance/tarantula/form.rb", "lib/relevance/tarantula/form_submission.rb", "lib/relevance/tarantula/html_document_handler.rb", "lib/relevance/tarantula/html_report_helper.rb", "lib/relevance/tarantula/html_reporter.rb", "lib/relevance/tarantula/index.html.erb", "lib/relevance/tarantula/invalid_html_handler.rb", "lib/relevance/tarantula/io_reporter.rb", "lib/relevance/tarantula/link.rb", "lib/relevance/tarantula/log_grabber.rb", "lib/relevance/tarantula/rails_integration_proxy.rb", "lib/relevance/tarantula/recording.rb", "lib/relevance/tarantula/response.rb", "lib/relevance/tarantula/result.rb", "lib/relevance/tarantula/test_report.html.erb", "lib/relevance/tarantula/tidy_handler.rb", "lib/relevance/tarantula/transform.rb", "lib/relevance/tarantula.rb", "MIT-LICENSE", "README.rdoc", "vendor/xss-shield/MIT-LICENSE"]
|
data/tasks/tarantula_tasks.rake
CHANGED
@@ -2,7 +2,7 @@ require 'rake'
|
|
2
2
|
|
3
3
|
namespace :tarantula do
|
4
4
|
|
5
|
-
desc 'Run tarantula tests
|
5
|
+
desc 'Run tarantula tests.'
|
6
6
|
task :test do
|
7
7
|
rm_rf "tmp/tarantula"
|
8
8
|
task = Rake::TestTask.new(:tarantula_test) do |t|
|
@@ -11,11 +11,11 @@ namespace :tarantula do
|
|
11
11
|
t.verbose = true
|
12
12
|
end
|
13
13
|
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
14
|
+
Rake::Task[:tarantula_test].invoke
|
15
|
+
end
|
16
|
+
|
17
|
+
desc 'Run tarantula tests and open results in your browser.'
|
18
|
+
task :report => :test do
|
19
19
|
Dir.glob("tmp/tarantula/**/index.html") do |file|
|
20
20
|
if PLATFORM['darwin']
|
21
21
|
system("open #{file}")
|
@@ -16,7 +16,7 @@ describe 'Relevance::Tarantula::HtmlReportHelper#wrap_in_line_number_table' do
|
|
16
16
|
it "can wrap text in a line number table" do
|
17
17
|
html = @reporter.wrap_in_line_number_table("Line 1\nLine 2")
|
18
18
|
html.should == <<-END.strip
|
19
|
-
<table class
|
19
|
+
<table class=\"grid tablesorter\"><thead><tr><th class=\"sort asc\" align=\"left\"><span>Line #</span></th><th class=\"sort\" align=\"center\"><span>Line</span></th></tr></thead><tr><td align=\"center\" width=\"30\">1</td><td>Line 1</td></tr><tr><td align=\"center\" width=\"30\">2</td><td>Line 2</td></tr></table>
|
20
20
|
END
|
21
21
|
end
|
22
22
|
end
|
@@ -44,4 +44,4 @@ describe 'Relevance::Tarantula::HtmlReportHelper IDE help' do
|
|
44
44
|
@reporter.stubs(:rails_root).returns("STUB_RAILS_ROOT")
|
45
45
|
@reporter.textmate_url("/etc/somewhere", 100).should =~ %r{txmt://open\?url=.*/STUB_RAILS_ROOT/etc/somewhere&line_no=100}
|
46
46
|
end
|
47
|
-
end
|
47
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: relevance-tarantula
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.8.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Relevance
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
|
12
|
-
date: 2008-11-
|
12
|
+
date: 2008-11-21 00:00:00 -08:00
|
13
13
|
default_executable:
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|