From 4fe5801c885088e5e6c11b8a20a561415941b864 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Wed, 18 Nov 2009 10:34:39 -0800 Subject: Simplify the maintenance of the xss golden file by having each module contibute its own golden file to a consolidated one. This will make it easier for -contrib modules or themes to be included in the xss security test w/o having to keep modifying a central golden file. --- modules/gallery/tests/Xss_Security_Test.php | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'modules/gallery/tests/Xss_Security_Test.php') diff --git a/modules/gallery/tests/Xss_Security_Test.php b/modules/gallery/tests/Xss_Security_Test.php index b296d97c..801db8dd 100644 --- a/modules/gallery/tests/Xss_Security_Test.php +++ b/modules/gallery/tests/Xss_Security_Test.php @@ -302,8 +302,20 @@ class Xss_Security_Test extends Unit_Test_Case { */ $new = TMPPATH . "xss_data.txt"; $fd = fopen($new, "wb"); + $canonical = TMPPATH . "xss_data_golden.txt"; + $fd_canonical = fopen($canonical, "wb"); + $current_type = $current_plugin = ""; ksort($found); foreach ($found as $view => $frames) { + list ($type, $plugin) = explode("/", $view); + if ($type != $current_type || $plugin != $current_plugin) { + $golden_file = ($type == "modules" ? MODPATH : THEMEPATH) . "{$plugin}/tests/xss_data.txt"; + if (file_exists($golden_file)) { + fwrite($fd_canonical, file_get_contents($golden_file)); + } + $current_type = $type; + $current_plugin = $plugin; + } foreach ($frames as $frame) { $state = "DIRTY"; if ($frame->in_script_block() && $frame->in_href_attribute()) { @@ -344,9 +356,9 @@ class Xss_Security_Test extends Unit_Test_Case { } } fclose($fd); + fclose($fd_canonical); // Compare with the expected report from our golden file. - $canonical = MODPATH . "gallery/tests/xss_data.txt"; exec("diff $canonical $new", $output, $return_value); $this->assert_false( $return_value, "XSS golden file mismatch. Output:\n" . implode("\n", $output) ); -- cgit v1.2.3