paste.chapril.org-privatebin/js/common.js

'use strict';

// testing prerequisites
global.assert = require('assert');
global.jsc = require('jsverify');
global.jsdom = require('jsdom-global');
global.cleanup = global.jsdom();
global.fs = require('fs');
global.WebCrypto = require('node-webcrypto-ossl');

// application libraries to test
global.$ = global.jQuery = require('./jquery-3.3.1');
global.RawDeflate = require('./rawdeflate-0.5').RawDeflate;
global.RawDeflate.inflate = require('./rawinflate-0.3').RawDeflate.inflate;
require('./prettify');
global.prettyPrint = window.PR.prettyPrint;
global.prettyPrintOne = window.PR.prettyPrintOne;
global.showdown = require('./showdown-1.8.6');
global.DOMPurify = require('./purify-1.0.7');
require('./bootstrap-3.3.7');
require('./privatebin');

// internal variables
var a2zString = ['a','b','c','d','e','f','g','h','i','j','k','l','m',
                     'n','o','p','q','r','s','t','u','v','w','x','y','z'],
    alnumString = a2zString.concat(['0','1','2','3','4','5','6','7','8','9']),
    queryString = alnumString.concat(['+','%','&','.','*','-','_']),
    hashString = queryString.concat(['!']),
    base64String = alnumString.concat(['+','/','=']).concat(
        a2zString.map(function(c) {
            return c.toUpperCase();
        })
    ),
    schemas = ['ftp','gopher','http','https','ws','wss'],
    supportedLanguages = ['de', 'es', 'fr', 'it', 'no', 'pl', 'pt', 'oc', 'ru', 'sl', 'zh'],
    mimeTypes = ['image/png', 'application/octet-stream'],
    formats = ['plaintext', 'markdown', 'syntaxhighlighting'],
    /**
     * character to HTML entity lookup table
     *
     * @see    {@link https://github.com/janl/mustache.js/blob/master/mustache.js#L60}
     */
    entityMap = {
        '&': '&amp;',
        '<': '&lt;',
        '>': '&gt;',
        '"': '&quot;',
        "'": '&#39;',
        '/': '&#x2F;',
        '`': '&#x60;',
        '=': '&#x3D;'
    },
    logFile = fs.createWriteStream('test.log'),
    mimeFile = fs.createReadStream('/etc/mime.types'),
    mimeLine = '';

// redirect console messages to log file
console.info = console.warn = console.error = function () {
    logFile.write(Array.prototype.slice.call(arguments).join('') + '\n');
};

// populate mime types from environment
mimeFile.on('data', function(data) {
    mimeLine += data;
    var index = mimeLine.indexOf('\n');
    while (index > -1) {
        var line = mimeLine.substring(0, index);
        mimeLine = mimeLine.substring(index + 1);
        parseMime(line);
        index = mimeLine.indexOf('\n');
    }
});

mimeFile.on('end', function() {
    if (mimeLine.length > 0) {
        parseMime(mimeLine);
    }
});

function parseMime(line) {
    // ignore comments
    var index = line.indexOf('#');
    if (index > -1) {
        line = line.substring(0, index);
    }

    // ignore bits after tabs
    index = line.indexOf('\t');
    if (index > -1) {
        line = line.substring(0, index);
    }
    if (line.length > 0) {
        mimeTypes.push(line);
    }
}

// common testing helper functions

/**
 * convert all applicable characters to HTML entities
 *
 * @see    {@link https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content}
 * @name   htmlEntities
 * @function
 * @param  {string} str
 * @return {string} escaped HTML
 */
exports.htmlEntities = function(str) {
    return String(str).replace(
        /[&<>"'`=\/]/g, function(s) {
            return entityMap[s];
        });
};

// provides random lowercase characters from a to z
exports.jscA2zString = function() {
    return jsc.elements(a2zString);
};

// provides random lowercase alpha numeric characters (a to z and 0 to 9)
exports.jscAlnumString = function() {
    return jsc.elements(alnumString);
};

// provides random characters allowed in GET queries
exports.jscQueryString = function() {
    return jsc.elements(queryString);
};

// provides random characters allowed in hash queries
exports.jscHashString = function() {
    return jsc.elements(hashString);
};

// provides random characters allowed in base64 encoded strings
exports.jscBase64String = function() {
    return jsc.elements(base64String);
};

// provides a random URL schema supported by the whatwg-url library
exports.jscSchemas = function() {
    return jsc.elements(schemas);
};

// provides a random supported language string
exports.jscSupportedLanguages = function() {
    return jsc.elements(supportedLanguages);
};

// provides a random mime type
exports.jscMimeTypes = function() {
    return jsc.elements(mimeTypes);
};

// provides a random PrivateBin paste formatter
exports.jscFormats = function() {
    return jsc.elements(formats);
};
started to split humongous test.js into separate files 2017-12-13 07:40:48 +01:00			`'use strict';`

ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00			`// testing prerequisites`
introduce built in asserts, working on TopNav, correcting some docs 2018-03-01 06:43:30 +01:00			`global.assert = require('assert');`
started to split humongous test.js into separate files 2017-12-13 07:40:48 +01:00			`global.jsc = require('jsverify');`
			`global.jsdom = require('jsdom-global');`
			`global.cleanup = global.jsdom();`
			`global.fs = require('fs');`
implementing web crypto API for encryption 2018-09-01 19:42:22 +02:00			`global.WebCrypto = require('node-webcrypto-ossl');`
started to split humongous test.js into separate files 2017-12-13 07:40:48 +01:00
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00			`// application libraries to test`
updating jQuery 2018-07-01 08:08:21 +02:00			`global.$ = global.jQuery = require('./jquery-3.3.1');`
started to split humongous test.js into separate files 2017-12-13 07:40:48 +01:00			`global.RawDeflate = require('./rawdeflate-0.5').RawDeflate;`
			`global.RawDeflate.inflate = require('./rawinflate-0.3').RawDeflate.inflate;`
			`require('./prettify');`
			`global.prettyPrint = window.PR.prettyPrint;`
			`global.prettyPrintOne = window.PR.prettyPrintOne;`
updating Showdown library to 1.8.6 2018-07-01 13:29:57 +02:00			`global.showdown = require('./showdown-1.8.6');`
upgrading DOMpurify library 2018-08-11 19:45:57 +02:00			`global.DOMPurify = require('./purify-1.0.7');`
started to split humongous test.js into separate files 2017-12-13 07:40:48 +01:00			`require('./bootstrap-3.3.7');`
			`require('./privatebin');`

ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00			`// internal variables`
			`var a2zString = ['a','b','c','d','e','f','g','h','i','j','k','l','m',`
			`'n','o','p','q','r','s','t','u','v','w','x','y','z'],`
			`alnumString = a2zString.concat(['0','1','2','3','4','5','6','7','8','9']),`
			`queryString = alnumString.concat(['+','%','&','.','*','-','_']),`
expanded unit tests to cover mega links, reverted regex to old one, but fixed to cover mega links, just to prove it works 2018-08-11 07:33:33 +02:00			`hashString = queryString.concat(['!']),`
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00			`base64String = alnumString.concat(['+','/','=']).concat(`
			`a2zString.map(function(c) {`
			`return c.toUpperCase();`
			`})`
			`),`
			`schemas = ['ftp','gopher','http','https','ws','wss'],`
			`supportedLanguages = ['de', 'es', 'fr', 'it', 'no', 'pl', 'pt', 'oc', 'ru', 'sl', 'zh'],`
			`mimeTypes = ['image/png', 'application/octet-stream'],`
splitting out PasteViewer, DiscussionViewer, AttachmentViewer tests 2017-12-18 14:25:08 +01:00			`formats = ['plaintext', 'markdown', 'syntaxhighlighting'],`
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00			`/**`
			`* character to HTML entity lookup table`
			`*`
			`* @see {@link https://github.com/janl/mustache.js/blob/master/mustache.js#L60}`
			`*/`
			`entityMap = {`
			`'&': '&',`
			`'<': '<',`
			`'>': '>',`
			`'"': '"',`
			`"'": ''',`
			`'/': '/',`
			'`': '`',
			`'=': '='`
			`},`
			`logFile = fs.createWriteStream('test.log'),`
			`mimeFile = fs.createReadStream('/etc/mime.types'),`
			`mimeLine = '';`

started to split humongous test.js into separate files 2017-12-13 07:40:48 +01:00			`// redirect console messages to log file`
fix unit tests after merge from master, issues due to newly async tests that cause environment changes across test scripts 2018-09-02 11:33:27 +02:00			`console.info = console.warn = console.error = function () {`
started to split humongous test.js into separate files 2017-12-13 07:40:48 +01:00			`logFile.write(Array.prototype.slice.call(arguments).join('') + '\n');`
improving code quality issues reported by Codacy 2018-01-06 10:57:54 +01:00			`};`
started to split humongous test.js into separate files 2017-12-13 07:40:48 +01:00
			`// populate mime types from environment`
			`mimeFile.on('data', function(data) {`
			`mimeLine += data;`
			`var index = mimeLine.indexOf('\n');`
			`while (index > -1) {`
			`var line = mimeLine.substring(0, index);`
			`mimeLine = mimeLine.substring(index + 1);`
			`parseMime(line);`
			`index = mimeLine.indexOf('\n');`
			`}`
			`});`

			`mimeFile.on('end', function() {`
			`if (mimeLine.length > 0) {`
			`parseMime(mimeLine);`
			`}`
			`});`

			`function parseMime(line) {`
			`// ignore comments`
			`var index = line.indexOf('#');`
			`if (index > -1) {`
			`line = line.substring(0, index);`
			`}`

			`// ignore bits after tabs`
			`index = line.indexOf('\t');`
			`if (index > -1) {`
			`line = line.substring(0, index);`
			`}`
			`if (line.length > 0) {`
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00			`mimeTypes.push(line);`
started to split humongous test.js into separate files 2017-12-13 07:40:48 +01:00			`}`
			`}`

ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00			`// common testing helper functions`

started to split humongous test.js into separate files 2017-12-13 07:40:48 +01:00			`/**`
			`* convert all applicable characters to HTML entities`
			`*`
			`* @see {@link https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content}`
			`* @name htmlEntities`
			`* @function`
			`* @param {string} str`
			`* @return {string} escaped HTML`
			`*/`
			`exports.htmlEntities = function(str) {`
			`return String(str).replace(`
			/[&<>"'`=\/]/g, function(s) {
			`return entityMap[s];`
			`});`
handling further JSHint warnings and TODOs 2018-01-06 13:32:07 +01:00			`};`
started to split humongous test.js into separate files 2017-12-13 07:40:48 +01:00
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00			`// provides random lowercase characters from a to z`
			`exports.jscA2zString = function() {`
			`return jsc.elements(a2zString);`
handling further JSHint warnings and TODOs 2018-01-06 13:32:07 +01:00			`};`
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00
			`// provides random lowercase alpha numeric characters (a to z and 0 to 9)`
			`exports.jscAlnumString = function() {`
			`return jsc.elements(alnumString);`
handling further JSHint warnings and TODOs 2018-01-06 13:32:07 +01:00			`};`
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00
			`// provides random characters allowed in GET queries`
			`exports.jscQueryString = function() {`
			`return jsc.elements(queryString);`
handling further JSHint warnings and TODOs 2018-01-06 13:32:07 +01:00			`};`
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00
expanded unit tests to cover mega links, reverted regex to old one, but fixed to cover mega links, just to prove it works 2018-08-11 07:33:33 +02:00			`// provides random characters allowed in hash queries`
			`exports.jscHashString = function() {`
			`return jsc.elements(hashString);`
			`};`

splitting out Model tests 2017-12-14 07:31:09 +01:00			`// provides random characters allowed in base64 encoded strings`
			`exports.jscBase64String = function() {`
			`return jsc.elements(base64String);`
handling further JSHint warnings and TODOs 2018-01-06 13:32:07 +01:00			`};`
splitting out Model tests 2017-12-14 07:31:09 +01:00
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00			`// provides a random URL schema supported by the whatwg-url library`
			`exports.jscSchemas = function() {`
			`return jsc.elements(schemas);`
handling further JSHint warnings and TODOs 2018-01-06 13:32:07 +01:00			`};`
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00
			`// provides a random supported language string`
			`exports.jscSupportedLanguages = function() {`
			`return jsc.elements(supportedLanguages);`
handling further JSHint warnings and TODOs 2018-01-06 13:32:07 +01:00			`};`
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00
splitting out PasteViewer, DiscussionViewer, AttachmentViewer tests 2017-12-18 14:25:08 +01:00			`// provides a random mime type`
			`exports.jscMimeTypes = function() {`
			`return jsc.elements(mimeTypes);`
handling further JSHint warnings and TODOs 2018-01-06 13:32:07 +01:00			`};`
splitting out PasteViewer, DiscussionViewer, AttachmentViewer tests 2017-12-18 14:25:08 +01:00
			`// provides a random PrivateBin paste formatter`
			`exports.jscFormats = function() {`
			`return jsc.elements(formats);`
handling further JSHint warnings and TODOs 2018-01-06 13:32:07 +01:00			`};`
splitting out PasteViewer, DiscussionViewer, AttachmentViewer tests 2017-12-18 14:25:08 +01:00