romanbsd-tarantula 0.1.8

data/vendor/xss-shield/test/test_safe_string.rb

@@ -0,0 +1,55 @@
+# Run from your Rails main directory
+require 'test/test_helper'
+
+class TestSafeString < Test::Unit::TestCase
+  def test_safe_string
+    assert_equal "foo", "foo".to_s_xss_protected
+    assert_equal "foo &amp; bar", "foo & bar".to_s_xss_protected
+    assert_equal "foo &amp; bar", "foo & bar".to_s_xss_protected
+    assert_equal "foo &amp;amp; bar", "foo &amp; bar".to_s_xss_protected
+    assert_equal "foo &amp; bar", "foo & bar".to_s_xss_protected.to_s_xss_protected
+    assert_equal "foo &amp; bar", h("foo & bar").to_s_xss_protected
+    assert_equal "foo &amp;amp; bar", h(h("foo & bar"))
+    
+    assert_not_equal "foo".mark_as_xss_protected.object_id, "foo".mark_as_xss_protected.object_id
+    x = "foo & bar".mark_as_xss_protected
+    assert_equal x.mark_as_xss_protected, x
+    # Not sure if this makes sense
+    assert_not_equal x.mark_as_xss_protected.object_id, x.object_id
+
+    assert_equal x.to_s, x
+    assert_equal x.to_s.object_id, x.object_id
+  end
+  
+  def test_nonstring_objects
+    assert_equal "15", 15.to_s_xss_protected
+    assert_equal SafeString, 15.to_s_xss_protected.class
+  end
+  
+  def test_nil
+    assert_equal "", nil.to_s_xss_protected
+    assert_equal SafeString, nil.to_s_xss_protected.class
+    assert_equal nil, nil.mark_as_xss_protected
+  end
+  
+  def test_join
+    assert_equal "", [].join_xss_protected
+    assert_equal "", [].join_xss_protected(",")
+    assert_equal "a", ["a"].join_xss_protected
+    assert_equal "a", ["a"].join_xss_protected(",")
+    assert_equal "ab", ["a", "b"].join_xss_protected
+    assert_equal "a,b", ["a", "b"].join_xss_protected(",")
+
+    assert_equal "a&amp;b", ["a", "b"].join_xss_protected("&")
+    assert_equal "a&amp;amp;b", ["a", "b"].join_xss_protected("&amp;")
+    assert_equal "a&amp;b", ["a", "b"].join_xss_protected("&amp;".mark_as_xss_protected)
+
+    assert_equal "&lt;&amp;&gt;", ["<", ">"].join_xss_protected("&")
+    assert_equal "&lt;&amp;amp;&gt;", ["<", ">"].join_xss_protected("&amp;")
+    assert_equal "&lt;&amp;&gt;", ["<", ">"].join_xss_protected("&amp;".mark_as_xss_protected)
+
+    assert_equal "< &amp; &gt;", ["<".mark_as_xss_protected, ">"].join_xss_protected(" & ")
+    assert_equal "&lt; &amp; >", ["<", ">".mark_as_xss_protected].join_xss_protected(" & ")
+    assert_equal "&lt; & &gt;", ["<", ">"].join_xss_protected(" & ".mark_as_xss_protected)
+  end
+end

metadata

@@ -0,0 +1,218 @@
+--- !ruby/object:Gem::Specification 
+name: romanbsd-tarantula
+version: !ruby/object:Gem::Version 
+  version: 0.1.8
+platform: ruby
+authors: 
+- Relevance, Inc.
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-04-14 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: htmlentities
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: hpricot
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+description: A big hairy fuzzy spider that crawls your site, wreaking havoc
+email: opensource@thinkrelevance.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README.rdoc
+files: 
+- CHANGELOG
+- MIT-LICENSE
+- README.rdoc
+- Rakefile
+- VERSION.yml
+- examples/example_helper.rb
+- examples/relevance/core_extensions/ellipsize_example.rb
+- examples/relevance/core_extensions/file_example.rb
+- examples/relevance/core_extensions/response_example.rb
+- examples/relevance/core_extensions/test_case_example.rb
+- examples/relevance/tarantula/attack_form_submission_example.rb
+- examples/relevance/tarantula/attack_handler_example.rb
+- examples/relevance/tarantula/crawler_example.rb
+- examples/relevance/tarantula/form_example.rb
+- examples/relevance/tarantula/form_submission_example.rb
+- examples/relevance/tarantula/html_document_handler_example.rb
+- examples/relevance/tarantula/html_report_helper_example.rb
+- examples/relevance/tarantula/html_reporter_example.rb
+- examples/relevance/tarantula/invalid_html_handler_example.rb
+- examples/relevance/tarantula/io_reporter_example.rb
+- examples/relevance/tarantula/link_example.rb
+- examples/relevance/tarantula/log_grabber_example.rb
+- examples/relevance/tarantula/rails_integration_proxy_example.rb
+- examples/relevance/tarantula/result_example.rb
+- examples/relevance/tarantula/tidy_handler_example.rb
+- examples/relevance/tarantula/transform_example.rb
+- examples/relevance/tarantula/w3c_validator_example.rb
+- examples/relevance/tarantula_example.rb
+- laf/images/button_active.png
+- laf/images/button_hover.png
+- laf/images/button_inactive.png
+- laf/images/header_bg.jpg
+- laf/images/logo.png
+- laf/images/tagline.png
+- laf/javascripts/jquery-1.2.3.js
+- laf/javascripts/jquery-ui-tabs.js
+- laf/javascripts/jquery.tablesorter.js
+- laf/javascripts/niftyLayout.js
+- laf/javascripts/niftycube-details.js
+- laf/javascripts/niftycube.js
+- laf/javascripts/tarantula.js
+- laf/stylesheets/tarantula.css
+- laf/v2/detail.html
+- laf/v2/images/button_active.png
+- laf/v2/images/button_hover.png
+- laf/v2/images/button_inactive.png
+- laf/v2/images/header_bg.jpg
+- laf/v2/images/logo.png
+- laf/v2/images/tagline.png
+- laf/v2/index.html
+- laf/v2/stylesheets/tarantula.v2.css
+- lib/relevance/core_extensions/ellipsize.rb
+- lib/relevance/core_extensions/file.rb
+- lib/relevance/core_extensions/metaclass.rb
+- lib/relevance/core_extensions/response.rb
+- lib/relevance/core_extensions/string_chars_fix.rb
+- lib/relevance/core_extensions/test_case.rb
+- lib/relevance/tarantula.rb
+- lib/relevance/tarantula/attack.rb
+- lib/relevance/tarantula/attack_form_submission.rb
+- lib/relevance/tarantula/attack_handler.rb
+- lib/relevance/tarantula/crawler.rb
+- lib/relevance/tarantula/detail.html.erb
+- lib/relevance/tarantula/form.rb
+- lib/relevance/tarantula/form_submission.rb
+- lib/relevance/tarantula/html_document_handler.rb
+- lib/relevance/tarantula/html_report_helper.rb
+- lib/relevance/tarantula/html_reporter.rb
+- lib/relevance/tarantula/index.html.erb
+- lib/relevance/tarantula/invalid_html_handler.rb
+- lib/relevance/tarantula/io_reporter.rb
+- lib/relevance/tarantula/link.rb
+- lib/relevance/tarantula/log_grabber.rb
+- lib/relevance/tarantula/rails_integration_proxy.rb
+- lib/relevance/tarantula/recording.rb
+- lib/relevance/tarantula/response.rb
+- lib/relevance/tarantula/result.rb
+- lib/relevance/tarantula/test_report.html.erb
+- lib/relevance/tarantula/tidy_handler.rb
+- lib/relevance/tarantula/transform.rb
+- lib/relevance/tarantula/w3c_validator.rb
+- tasks/tarantula_tasks.rake
+- template/tarantula_test.rb
+- vendor/w3c_validators/CHANGELOG
+- vendor/w3c_validators/LICENSE
+- vendor/w3c_validators/README
+- vendor/w3c_validators/README.svn
+- vendor/w3c_validators/lib/w3c_validators.rb
+- vendor/w3c_validators/lib/w3c_validators/constants.rb
+- vendor/w3c_validators/lib/w3c_validators/css_validator.rb
+- vendor/w3c_validators/lib/w3c_validators/exceptions.rb
+- vendor/w3c_validators/lib/w3c_validators/feed_validator.rb
+- vendor/w3c_validators/lib/w3c_validators/markup_validator.rb
+- vendor/w3c_validators/lib/w3c_validators/message.rb
+- vendor/w3c_validators/lib/w3c_validators/results.rb
+- vendor/w3c_validators/lib/w3c_validators/validator.rb
+- vendor/w3c_validators/rakefile.rb
+- vendor/w3c_validators/test/fixtures/invalid_css.css
+- vendor/w3c_validators/test/fixtures/invalid_encoding.html
+- vendor/w3c_validators/test/fixtures/invalid_feed.xml
+- vendor/w3c_validators/test/fixtures/invalid_html5.html
+- vendor/w3c_validators/test/fixtures/invalid_markup.html
+- vendor/w3c_validators/test/fixtures/valid_css.css
+- vendor/w3c_validators/test/fixtures/valid_feed.xml
+- vendor/w3c_validators/test/fixtures/valid_html5.html
+- vendor/w3c_validators/test/fixtures/valid_markup.html
+- vendor/w3c_validators/test/test_css_validator.rb
+- vendor/w3c_validators/test/test_exceptions.rb
+- vendor/w3c_validators/test/test_feed_validator.rb
+- vendor/w3c_validators/test/test_helper.rb
+- vendor/w3c_validators/test/test_html5_validator.rb
+- vendor/w3c_validators/test/test_markup_validator.rb
+- vendor/xss-shield/MIT-LICENSE
+- vendor/xss-shield/README
+- vendor/xss-shield/init.rb
+- vendor/xss-shield/lib/xss_shield.rb
+- vendor/xss-shield/lib/xss_shield/erb_hacks.rb
+- vendor/xss-shield/lib/xss_shield/haml_hacks.rb
+- vendor/xss-shield/lib/xss_shield/safe_string.rb
+- vendor/xss-shield/lib/xss_shield/secure_helpers.rb
+- vendor/xss-shield/test/test_actionview_integration.rb
+- vendor/xss-shield/test/test_erb.rb
+- vendor/xss-shield/test/test_haml.rb
+- vendor/xss-shield/test/test_helpers.rb
+- vendor/xss-shield/test/test_safe_string.rb
+has_rdoc: true
+homepage: http://github.com/relevance/tarantula
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: thinkrelevance
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 2
+summary: A big hairy fuzzy spider that crawls your site, wreaking havoc
+test_files: 
+- examples/relevance/core_extensions/ellipsize_example.rb
+- examples/relevance/core_extensions/test_case_example.rb
+- examples/relevance/core_extensions/file_example.rb
+- examples/relevance/core_extensions/response_example.rb
+- examples/relevance/tarantula_example.rb
+- examples/relevance/tarantula/crawler_example.rb
+- examples/relevance/tarantula/link_example.rb
+- examples/relevance/tarantula/html_document_handler_example.rb
+- examples/relevance/tarantula/w3c_validator_example.rb
+- examples/relevance/tarantula/log_grabber_example.rb
+- examples/relevance/tarantula/form_submission_example.rb
+- examples/relevance/tarantula/attack_form_submission_example.rb
+- examples/relevance/tarantula/attack_handler_example.rb
+- examples/relevance/tarantula/rails_integration_proxy_example.rb
+- examples/relevance/tarantula/io_reporter_example.rb
+- examples/relevance/tarantula/form_example.rb
+- examples/relevance/tarantula/html_reporter_example.rb
+- examples/relevance/tarantula/html_report_helper_example.rb
+- examples/relevance/tarantula/tidy_handler_example.rb
+- examples/relevance/tarantula/transform_example.rb
+- examples/relevance/tarantula/result_example.rb
+- examples/relevance/tarantula/invalid_html_handler_example.rb
+- examples/example_helper.rb