GitHubParserHookTest::testNonMdContentIsPurified() - Code Metrics - Inspection of "Merge branch 'master' of github.com:JeroenDeDauw/G..." - JeroenDeDauw/GitHub - Measure and Improve Code Quality continuously with Scrutinizer

Test Failed

Push — master ( ab4f5a...dbca4e )

by Jeroen De

created 2017-06-06 02:31 UTC

GitHubParserHookTest::testNonMdContentIsPurified() A

↳ Parent: GitHubParserHookTest

Complexity

Conditions	1
Paths	1

Size

Total Lines	8
Code Lines	5

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	8
rs	9.4285
c	0
b	0
f	0
cc	1
eloc	5
nc	1
nop	0

<?php

namespace GitHub\Tests\System;

use FileFetcher\FileFetcher;
use GitHub\GitHubFetcher;
use GitHub\GitHubParserHook;
use ParamProcessor\ProcessedParam;
use ParamProcessor\ProcessingResult;
use PHPUnit\Framework\TestCase;

/**
 * @covers GitHub\GitHubParserHook
 *
 * @licence GNU GPL v2+
 * @author Jeroen De Dauw < [email protected] >
 */
class GitHubParserHookTest extends TestCase {

	private $file;
	private $repo;
	private $branch;
	private $lang;

	public function setUp() {
		$this->file = 'README.md';
		$this->repo = 'JeroenDeDauw/GitHub';
		$this->branch = 'master';
		$this->lang = '';
	}

	public function testUrlGetsBuildCorrectly() {
		$fileFetcher = $this->createMock( FileFetcher::class );

		$fileFetcher->expects( $this->once() )
			->method( 'fetchFile' )
			->with( 'https://cdn.rawgit.com/JeroenDeDauw/GitHub/master/README.md' );

		$this->runHookWithFileFetcher( $fileFetcher );
	}

	private function runHookWithFileFetcher( FileFetcher $fileFetcher ) {
		$parserHook = new GitHubParserHook( new GitHubFetcher( $fileFetcher, 'https://cdn.rawgit.com' ) );

		$parser = $this->createMock( 'Parser' );
		$params = $this->newParams();

		return $parserHook->handle( $parser, $params );
	}

	private function newParams() {
		return new ProcessingResult( array(
			'file' => new ProcessedParam( 'file', $this->file, false ),
			'repo' => new ProcessedParam( 'repo', $this->repo, false ),
			'branch' => new ProcessedParam( 'branch', $this->branch, false ),
			'lang' => new ProcessedParam( 'lang', $this->lang, false ),
			'line' => new ProcessedParam( 'line', false, true ),
			'start' => new ProcessedParam( 'start', 1, true ),
			'highlight' => new ProcessedParam( 'highlight', '', true ),
			'inline' => new ProcessedParam( 'inline', false, true ),
		) );
	}

	/**
	 * @dataProvider makrdownProvider
	 */
	public function testRenderWithMakrkdownFile( $markdown, $html ) {
		$this->assertFileContentRendersAs( $markdown, $html );
	}

	public function makrdownProvider() {
		return array(
			array(
				'# Ohai there!',
				"<h1>Ohai there!</h1>\n"
			),
			array(
				'foo bar baz',
				"<p>foo bar baz</p>\n"
			),
			array(
				'foo bar baz<script>alert(\'Greetings from github\')</script>',
				"<p>foo bar baz</p>\n"
			)
		);
	}

	private function assertFileContentRendersAs( $fileContent, $expectedRenderedResult ) {
		$fileFetcher = $this->createMock( FileFetcher::class );

		$fileFetcher->expects( $this->once() )
			->method( 'fetchFile' )
			->will( $this->returnValue( $fileContent ) );

		$renderResult = $this->runHookWithFileFetcher( $fileFetcher );

		$this->assertSame( $expectedRenderedResult, $renderResult );
	}

	public function nonMdProvider() {
		return array(
			array(
				'foo bar baz',
				'Foo.php',
			),
			array(
				'# Ohai there!',
				'README.wikitext',
			),
			array(
				'{ "you": { "can": "haz", "a": "json!" } }',
				'composer.json',
			),
			array(
				'{ "you": { "can": "haz", "a": "json!" } }',
				'someFileWithoutExtension',
			),
		);
	}

	/**
	 * @dataProvider nonMdProvider
	 */
	public function testRenderingWithNonMdFileAsIs( $notMd, $fileName ) {
		$this->file = $fileName;
		$this->assertFileContentRendersAs( $notMd, $notMd );
	}

	public function testNonMdContentIsPurified() {
		$this->file = 'Hello.html';

		$this->assertFileContentRendersAs(
			'<script>alert("Greetings from github")</script>foo<script>alert(\'Greetings from github\')</script>',
			'foo'
		);
	}

	public function testRenderingWithLangBash() {
		$this->file = 'hi.sh';
		$this->lang = 'bash';

		$fileFetcher = $this->createMock( FileFetcher::class );

		$fileFetcher->expects( $this->once() )
			->method( 'fetchFile' )
			->will( $this->returnValue( '# Ohai there!' ) );

		$parserHook = new GitHubParserHook( new GitHubFetcher( $fileFetcher, 'https://cdn.rawgit.com' ) );

		$parser = $this->createMock( 'Parser' );

		$parser->expects( $this->once() )
			->method( 'recursiveTagParse' )
			->with( $this->equalTo( '<syntaxhighlight lang="bash" start="1"># Ohai there!</syntaxhighlight>' ) )
			->willReturn( null );

		$this->assertSame( '', $parserHook->handle( $parser, $this->newParams() ) );
	}

	// TODO: syntaxhighlight: prevent content from terminating syntaxhighlight and embedding evil stuff

}


1			<?php
2
3			namespace GitHub\Tests\System;
4
5			use FileFetcher\FileFetcher;
6			use GitHub\GitHubFetcher;
7			use GitHub\GitHubParserHook;
8			use ParamProcessor\ProcessedParam;
9			use ParamProcessor\ProcessingResult;
10			use PHPUnit\Framework\TestCase;
11
12			/**
13			* @covers GitHub\GitHubParserHook
14			*
15			* @licence GNU GPL v2+
16			* @author Jeroen De Dauw < [email protected] >
17			*/
18			class GitHubParserHookTest extends TestCase {
19
20			private $file;
21			private $repo;
22			private $branch;
23			private $lang;
24
25			public function setUp() {
26			$this->file = 'README.md';
27			$this->repo = 'JeroenDeDauw/GitHub';
28			$this->branch = 'master';
29			$this->lang = '';
30			}
31
32			public function testUrlGetsBuildCorrectly() {
33			$fileFetcher = $this->createMock( FileFetcher::class );
34
35			$fileFetcher->expects( $this->once() )
36			->method( 'fetchFile' )
37			->with( 'https://cdn.rawgit.com/JeroenDeDauw/GitHub/master/README.md' );
38
39			$this->runHookWithFileFetcher( $fileFetcher );
40			}
41
42			private function runHookWithFileFetcher( FileFetcher $fileFetcher ) {
43			$parserHook = new GitHubParserHook( new GitHubFetcher( $fileFetcher, 'https://cdn.rawgit.com' ) );
44
45			$parser = $this->createMock( 'Parser' );
46			$params = $this->newParams();
47
48			return $parserHook->handle( $parser, $params );
49			}
50
51			private function newParams() {
52			return new ProcessingResult( array(
53			'file' => new ProcessedParam( 'file', $this->file, false ),
54			'repo' => new ProcessedParam( 'repo', $this->repo, false ),
55			'branch' => new ProcessedParam( 'branch', $this->branch, false ),
56			'lang' => new ProcessedParam( 'lang', $this->lang, false ),
57			'line' => new ProcessedParam( 'line', false, true ),
58			'start' => new ProcessedParam( 'start', 1, true ),
59			'highlight' => new ProcessedParam( 'highlight', '', true ),
60			'inline' => new ProcessedParam( 'inline', false, true ),
61			) );
62			}
63
64			/**
65			* @dataProvider makrdownProvider
66			*/
67			public function testRenderWithMakrkdownFile( $markdown, $html ) {
68			$this->assertFileContentRendersAs( $markdown, $html );
69			}
70
71			public function makrdownProvider() {
72			return array(
73			array(
74			'# Ohai there!',
75			"<h1>Ohai there!</h1>\n"
76			),
77			array(
78			'foo bar baz',
79			"<p>foo bar baz</p>\n"
80			),
81			array(
82			'foo bar baz<script>alert(\'Greetings from github\')</script>',
83			"<p>foo bar baz</p>\n"
84			)
85			);
86			}
87
88			private function assertFileContentRendersAs( $fileContent, $expectedRenderedResult ) {
89			$fileFetcher = $this->createMock( FileFetcher::class );
90
91			$fileFetcher->expects( $this->once() )
92			->method( 'fetchFile' )
93			->will( $this->returnValue( $fileContent ) );
94
95			$renderResult = $this->runHookWithFileFetcher( $fileFetcher );
96
97			$this->assertSame( $expectedRenderedResult, $renderResult );
98			}
99
100			public function nonMdProvider() {
101			return array(
102			array(
103			'foo bar baz',
104			'Foo.php',
105			),
106			array(
107			'# Ohai there!',
108			'README.wikitext',
109			),
110			array(
111			'{ "you": { "can": "haz", "a": "json!" } }',
112			'composer.json',
113			),
114			array(
115			'{ "you": { "can": "haz", "a": "json!" } }',
116			'someFileWithoutExtension',
117			),
118			);
119			}
120
121			/**
122			* @dataProvider nonMdProvider
123			*/
124			public function testRenderingWithNonMdFileAsIs( $notMd, $fileName ) {
125			$this->file = $fileName;
126			$this->assertFileContentRendersAs( $notMd, $notMd );
127			}
128
129			public function testNonMdContentIsPurified() {
130			$this->file = 'Hello.html';
131
132			$this->assertFileContentRendersAs(
133			'<script>alert("Greetings from github")</script>foo<script>alert(\'Greetings from github\')</script>',
134			'foo'
135			);
136			}
137
138			public function testRenderingWithLangBash() {
139			$this->file = 'hi.sh';
140			$this->lang = 'bash';
141
142			$fileFetcher = $this->createMock( FileFetcher::class );
143
144			$fileFetcher->expects( $this->once() )
145			->method( 'fetchFile' )
146			->will( $this->returnValue( '# Ohai there!' ) );
147
148			$parserHook = new GitHubParserHook( new GitHubFetcher( $fileFetcher, 'https://cdn.rawgit.com' ) );
149
150			$parser = $this->createMock( 'Parser' );
151
152			$parser->expects( $this->once() )
153			->method( 'recursiveTagParse' )
154			->with( $this->equalTo( '<syntaxhighlight lang="bash" start="1"># Ohai there!</syntaxhighlight>' ) )
155			->willReturn( null );
156
157			$this->assertSame( '', $parserHook->handle( $parser, $this->newParams() ) );
158			}
159
160			// TODO: syntaxhighlight: prevent content from terminating syntaxhighlight and embedding evil stuff
161
162			}
163

JeroenDeDauw / GitHub

Push — master ( ab4f5a...dbca4e )

GitHubParserHookTest::testNonMdContentIsPurified() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like