tarantula 0.0.8.1 → 0.1.4

data/vendor/xss-shield/test/test_actionview_integration.rb

@@ -1,40 +0,0 @@
-# Run from your Rails main directory
-require 'test/test_helper'
-
-class TestActionViewIntegration < Test::Unit::TestCase
-  def assert_renders(expected, input, extension)
-    base = ActionView::Base.new
-    actual = base.render_template(extension, input, "foo.#{extension}")
-    assert_equal expected, actual
-  end
-
-  def test_erb
-    assert_renders <<OUT, <<IN, :erb
-A & B
-A & B
-OUT
-<%= "A & B" %>
-<%= "A & B".mark_as_xss_protected %>
-IN
-  end
-
-  def test_rhtml
-    assert_renders <<OUT, <<IN, :rhtml
-A &amp; B
-A & B
-OUT
-<%= "A & B" %>
-<%= "A & B".mark_as_xss_protected %>
-IN
-  end
- 
-  def test_haml
-    assert_renders <<OUT, <<IN, :haml
-A &amp; B
-A & B
-OUT
-= "A & B"
-= "A & B".mark_as_xss_protected
-IN
-  end
-end

data/vendor/xss-shield/test/test_erb.rb

@@ -1,44 +0,0 @@
-# Run from your Rails main directory
-require 'test/test_helper'
-
-class TestERB < Test::Unit::TestCase
-  def assert_renders_erb(expected, input, shield=true)
-    erb_class = shield ? XSSProtectedERB : ERB
-
-    actual = eval(erb_class.new(input).src)
-    
-    assert_equal expected, actual
-  end
-  
-  def test_erb_with_shield
-    assert_renders_erb <<OUT, <<IN, true
-Foo &amp;amp; Bar
-Foo &amp;amp; Bar
-Foo &amp; Bar
-Foo &amp; Bar
-Foo &amp; Bar
-OUT
-<%= "Foo &amp; Bar"  %>
-<%= h("Foo &amp; Bar") %>
-<%= "Foo &amp; Bar".mark_as_xss_protected  %>
-<%= h("Foo & Bar") %>
-<%= "Foo & Bar" %>
-IN
-  end
-  
-  def test_erb_without_shield
-    assert_renders_erb <<OUT, <<IN, false
-Foo &amp;amp; Bar
-Foo &amp; Bar
-Foo &amp; Bar
-Foo &amp; Bar
-Foo & Bar
-OUT
-<%= h("Foo &amp; Bar") %>
-<%= "Foo &amp; Bar"  %>
-<%= "Foo &amp; Bar".mark_as_xss_protected  %>
-<%= h("Foo & Bar") %>
-<%= "Foo & Bar" %>
-IN
-  end
-end

data/vendor/xss-shield/test/test_haml.rb

@@ -1,43 +0,0 @@
-# Run from your Rails main directory
-require 'test/test_helper'
-
-class TestHaml < Test::Unit::TestCase
-  def setup
-    @base = ActionView::Base.new
-  end
-
-  def assert_haml_renders(expected, input)
-    actual = Haml::Engine.new(input).to_html(@base)
-    assert_equal expected, actual
-  end
-
-  def test_haml_engine
-    assert_haml_renders <<OUT, <<IN
-A & B
-C &amp; D
-E &amp; F
-G & H
-I &amp; J
-OUT
-A & B
-= "C & D"
-= h("E & F")
-= "G & H".mark_as_xss_protected
-= "I & J".to_s_xss_protected
-IN
-  end
-  
-  def test_attribute_escaping_in_haml
-    @base.instance_eval {
-      @foo = "A < & > ' \" B"
-    }
-    assert_haml_renders <<OUT, <<IN
-<div foo="A &lt; &amp; &gt; ' &quot; B" />
-<div foo="A < & > ' " B" />
-OUT
-%div{:foo => @foo}/
-%div{:foo => @foo.mark_as_xss_protected}/
-IN
-    # Note that '/" explicitly marked as XSS-protected can break validity
-  end
-end

data/vendor/xss-shield/test/test_helpers.rb

@@ -1,25 +0,0 @@
-# Run from your Rails main directory
-require 'test/test_helper'
-
-class TestHelpers < Test::Unit::TestCase
-  def setup
-    @base = ActionView::Base.new
-  end
-
-  def assert_haml_renders(expected, input)
-    actual = Haml::Engine.new(input).to_html(@base)
-    assert_equal expected, actual
-  end
-
-  def test_link_to
-    assert_haml_renders <<OUT, <<IN
-<a href="/bar">Foo</a>
-<a href="/bar">Foo &amp; Bar</a>
-<a href="/bar">Foo & Bar</a>
-OUT
-= link_to "Foo", "/bar"
-= link_to "Foo & Bar", "/bar"
-= link_to "Foo & Bar".mark_as_xss_protected, "/bar"
-IN
-  end
-end

data/vendor/xss-shield/test/test_safe_string.rb

@@ -1,55 +0,0 @@
-# Run from your Rails main directory
-require 'test/test_helper'
-
-class TestSafeString < Test::Unit::TestCase
-  def test_safe_string
-    assert_equal "foo", "foo".to_s_xss_protected
-    assert_equal "foo &amp; bar", "foo & bar".to_s_xss_protected
-    assert_equal "foo &amp; bar", "foo & bar".to_s_xss_protected
-    assert_equal "foo &amp;amp; bar", "foo &amp; bar".to_s_xss_protected
-    assert_equal "foo &amp; bar", "foo & bar".to_s_xss_protected.to_s_xss_protected
-    assert_equal "foo &amp; bar", h("foo & bar").to_s_xss_protected
-    assert_equal "foo &amp;amp; bar", h(h("foo & bar"))
-    
-    assert_not_equal "foo".mark_as_xss_protected.object_id, "foo".mark_as_xss_protected.object_id
-    x = "foo & bar".mark_as_xss_protected
-    assert_equal x.mark_as_xss_protected, x
-    # Not sure if this makes sense
-    assert_not_equal x.mark_as_xss_protected.object_id, x.object_id
-
-    assert_equal x.to_s, x
-    assert_equal x.to_s.object_id, x.object_id
-  end
-  
-  def test_nonstring_objects
-    assert_equal "15", 15.to_s_xss_protected
-    assert_equal SafeString, 15.to_s_xss_protected.class
-  end
-  
-  def test_nil
-    assert_equal "", nil.to_s_xss_protected
-    assert_equal SafeString, nil.to_s_xss_protected.class
-    assert_equal nil, nil.mark_as_xss_protected
-  end
-  
-  def test_join
-    assert_equal "", [].join_xss_protected
-    assert_equal "", [].join_xss_protected(",")
-    assert_equal "a", ["a"].join_xss_protected
-    assert_equal "a", ["a"].join_xss_protected(",")
-    assert_equal "ab", ["a", "b"].join_xss_protected
-    assert_equal "a,b", ["a", "b"].join_xss_protected(",")
-
-    assert_equal "a&amp;b", ["a", "b"].join_xss_protected("&")
-    assert_equal "a&amp;amp;b", ["a", "b"].join_xss_protected("&amp;")
-    assert_equal "a&amp;b", ["a", "b"].join_xss_protected("&amp;".mark_as_xss_protected)
-
-    assert_equal "&lt;&amp;&gt;", ["<", ">"].join_xss_protected("&")
-    assert_equal "&lt;&amp;amp;&gt;", ["<", ">"].join_xss_protected("&amp;")
-    assert_equal "&lt;&amp;&gt;", ["<", ">"].join_xss_protected("&amp;".mark_as_xss_protected)
-
-    assert_equal "< &amp; &gt;", ["<".mark_as_xss_protected, ">"].join_xss_protected(" & ")
-    assert_equal "&lt; &amp; >", ["<", ">".mark_as_xss_protected].join_xss_protected(" & ")
-    assert_equal "&lt; & &gt;", ["<", ">"].join_xss_protected(" & ".mark_as_xss_protected)
-  end
-end