Chapril/xmpp.chapril.org-conversejs
Chapril
/
xmpp.chapril.org-conversejs
24
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

Move various tests to plugin folders

This commit is contained in:
JC Brand 2021-04-11 19:09:11 +02:00
parent 2b984e7851
commit a67603f689
27 changed files with 99 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
karma.conf.js
View File

@ -25,51 +25,52 @@ module.exports = function(config) {
{ pattern: "node_modules/sinon/pkg/sinon.js", type: 'module' },
{ pattern: "spec/mock.js", type: 'module' },
{ pattern: "spec/user-details-modal.js", type: 'module' },
{ pattern: "spec/spoilers.js", type: 'module' },
{ pattern: "spec/emojis.js", type: 'module' },
{ pattern: "spec/muclist.js", type: 'module' },
{ pattern: "spec/utils.js", type: 'module' },
{ pattern: "spec/converse.js", type: 'module' },
{ pattern: "spec/bookmarks.js", type: 'module' },
{ pattern: "spec/headline.js", type: 'module' },
{ pattern: "spec/disco.js", type: 'module' },
{ pattern: "spec/protocol.js", type: 'module' },
{ pattern: "spec/presence.js", type: 'module' },
{ pattern: "spec/eventemitter.js", type: 'module' },
{ pattern: "spec/smacks.js", type: 'module' },
{ pattern: "spec/ping.js", type: 'module' },
{ pattern: "spec/push.js", type: 'module' },
{ pattern: "spec/xmppstatus.js", type: 'module' },
{ pattern: "spec/mam.js", type: 'module' },
{ pattern: "spec/omemo.js", type: 'module' },
{ pattern: "spec/controlbox.js", type: 'module' },
{ pattern: "spec/roster.js", type: 'module' },
{ pattern: "spec/chatbox.js", type: 'module' },
{ pattern: "spec/messages.js", type: 'module' },
{ pattern: "spec/corrections.js", type: 'module' },
{ pattern: "spec/styling.js", type: 'module' },
{ pattern: "spec/receipts.js", type: 'module' },
{ pattern: "spec/markers.js", type: 'module' },
{ pattern: "spec/rai.js", type: 'module' },
{ pattern: "spec/muc_messages.js", type: 'module' },
{ pattern: "spec/unfurls.js", type: 'module' },
{ pattern: "spec/muc-mentions.js", type: 'module' },
{ pattern: "spec/me-messages.js", type: 'module' },
{ pattern: "spec/mentions.js", type: 'module' },
{ pattern: "spec/retractions.js", type: 'module' },
{ pattern: "spec/muc-api.js", type: 'module' },
{ pattern: "spec/muc.js", type: 'module' },
{ pattern: "spec/modtools.js", type: 'module' },
{ pattern: "spec/room_registration.js", type: 'module' },
{ pattern: "spec/autocomplete.js", type: 'module' },
{ pattern: "spec/minchats.js", type: 'module' },
{ pattern: "spec/notification.js", type: 'module' },
{ pattern: "spec/login.js", type: 'module' },
{ pattern: "spec/register.js", type: 'module' },
{ pattern: "spec/hats.js", type: 'module' },
{ pattern: "spec/disco.js", type: 'module' },
{ pattern: "spec/emojis.js", type: 'module' },
{ pattern: "spec/eventemitter.js", type: 'module' },
{ pattern: "spec/http-file-upload.js", type: 'module' },
{ pattern: "spec/xss.js", type: 'module' }
{ pattern: "spec/mam.js", type: 'module' },
{ pattern: "spec/markers.js", type: 'module' },
{ pattern: "spec/omemo.js", type: 'module' },
{ pattern: "spec/ping.js", type: 'module' },
{ pattern: "spec/presence.js", type: 'module' },
{ pattern: "spec/protocol.js", type: 'module' },
{ pattern: "spec/push.js", type: 'module' },
{ pattern: "spec/retractions.js", type: 'module' },
{ pattern: "spec/smacks.js", type: 'module' },
{ pattern: "spec/styling.js", type: 'module' },
{ pattern: "spec/unfurls.js", type: 'module' },
{ pattern: "spec/user-details-modal.js", type: 'module' },
{ pattern: "spec/utils.js", type: 'module' },
{ pattern: "spec/xmppstatus.js", type: 'module' },
{ pattern: "src/plugins/bookmark-views/tests/bookmarks.js", type: 'module' },
{ pattern: "src/plugins/chatview/tests/chatbox.js", type: 'module' },
{ pattern: "src/plugins/chatview/tests/me-messages.js", type: 'module' },
{ pattern: "src/plugins/chatview/tests/messages.js", type: 'module' },
{ pattern: "src/plugins/chatview/tests/receipts.js", type: 'module' },
{ pattern: "src/plugins/chatview/tests/spoilers.js", type: 'module' },
{ pattern: "src/plugins/chatview/tests/xss.js", type: 'module' },
{ pattern: "src/plugins/controlbox/tests/controlbox.js", type: 'module' },
{ pattern: "src/plugins/controlbox/tests/login.js", type: 'module' },
{ pattern: "src/plugins/headlines-view/tests/headline.js", type: 'module' },
{ pattern: "src/plugins/minimize/tests/minchats.js", type: 'module' },
{ pattern: "src/plugins/muc-views/tests/autocomplete.js", type: 'module' },
{ pattern: "src/plugins/muc-views/tests/hats.js", type: 'module' },
{ pattern: "src/plugins/muc-views/tests/mentions.js", type: 'module' },
{ pattern: "src/plugins/muc-views/tests/modtools.js", type: 'module' },
{ pattern: "src/plugins/muc-views/tests/muc-api.js", type: 'module' },
{ pattern: "src/plugins/muc-views/tests/muc-mentions.js", type: 'module' },
{ pattern: "src/plugins/muc-views/tests/muc-messages.js", type: 'module' },
{ pattern: "src/plugins/muc-views/tests/muc-registration.js", type: 'module' },
{ pattern: "src/plugins/muc-views/tests/muc.js", type: 'module' },
{ pattern: "src/plugins/muc-views/tests/muclist.js", type: 'module' },
{ pattern: "src/plugins/muc-views/tests/rai.js", type: 'module' },
{ pattern: "src/plugins/muc-views/tests/xss.js", type: 'module' },
{ pattern: "src/plugins/notifications/tests/notification.js", type: 'module' },
{ pattern: "src/plugins/register/tests/register.js", type: 'module' },
{ pattern: "src/plugins/rosterview/tests/roster.js", type: 'module' }
],
proxies: {

0
spec/bookmarks.js → src/plugins/bookmark-views/tests/bookmarks.js
View File

0
spec/chatbox.js → src/plugins/chatview/tests/chatbox.js
View File

0
spec/me-messages.js → src/plugins/chatview/tests/me-messages.js
View File

0
spec/messages.js → src/plugins/chatview/tests/messages.js
View File

0
spec/receipts.js → src/plugins/chatview/tests/receipts.js
View File

0
spec/spoilers.js → src/plugins/chatview/tests/spoilers.js
View File

51
spec/xss.js → src/plugins/chatview/tests/xss.js
View File

@ -1,6 +1,5 @@
/*global mock, converse */
const $pres = converse.env.$pres;
const sizzle = converse.env.sizzle;
const u = converse.env.utils;
@ -254,54 +253,4 @@ describe("XSS", function () {
done();
}));
});
describe("A Groupchat", function () {
it("escapes occupant nicknames when rendering them, to avoid JS-injection attacks",
mock.initConverse([], {}, async function (done, _converse) {
await mock.openAndEnterChatRoom(_converse, 'lounge@montague.lit', 'romeo');
/* <presence xmlns="jabber:client" to="jc@chat.example.org/converse.js-17184538"
* from="oo@conference.chat.example.org/&lt;img src=&quot;x&quot; onerror=&quot;alert(123)&quot;/&gt;">
* <x xmlns="http://jabber.org/protocol/muc#user">
* <item jid="jc@chat.example.org/converse.js-17184538" affiliation="owner" role="moderator"/>
* <status code="110"/>
* </x>
* </presence>"
*/
const presence = $pres({
to:'romeo@montague.lit/pda',
from:"lounge@montague.lit/&lt;img src=&quot;x&quot; onerror=&quot;alert(123)&quot;/&gt;"
}).c('x').attrs({xmlns:'http://jabber.org/protocol/muc#user'})
.c('item').attrs({
jid: 'someone@montague.lit',
role: 'moderator',
}).up()
.c('status').attrs({code:'110'}).nodeTree;
_converse.connection._dataRecv(mock.createRequest(presence));
const view = _converse.chatboxviews.get('lounge@montague.lit');
await u.waitUntil(() => view.querySelectorAll('.occupant-list .occupant-nick').length === 2);
const occupants = view.querySelectorAll('.occupant-list li .occupant-nick');
expect(occupants.length).toBe(2);
expect(occupants[0].textContent.trim()).toBe("&lt;img src=&quot;x&quot; onerror=&quot;alert(123)&quot;/&gt;");
done();
}));
it("escapes the subject before rendering it, to avoid JS-injection attacks",
mock.initConverse([], {}, async function (done, _converse) {
await mock.openAndEnterChatRoom(_converse, 'jdev@conference.jabber.org', 'jc');
spyOn(window, 'alert');
const subject = '<img src="x" onerror="alert(\'XSS\');"/>';
const view = _converse.chatboxviews.get('jdev@conference.jabber.org');
view.model.set({'subject': {
'text': subject,
'author': 'ralphm'
}});
const text = await u.waitUntil(() => view.querySelector('.chat-head__desc')?.textContent.trim());
expect(text).toBe(subject);
done();
}));
});
});

0
spec/controlbox.js → src/plugins/controlbox/tests/controlbox.js
View File

0
spec/login.js → src/plugins/controlbox/tests/login.js
View File

0
spec/headline.js → src/plugins/headlines-view/tests/headline.js
View File

0
spec/minchats.js → src/plugins/minimize/tests/minchats.js
View File

0
spec/autocomplete.js → src/plugins/muc-views/tests/autocomplete.js
View File

0
spec/hats.js → src/plugins/muc-views/tests/hats.js
View File

0
spec/mentions.js → src/plugins/muc-views/tests/mentions.js
View File

0
spec/modtools.js → src/plugins/muc-views/tests/modtools.js
View File

0
spec/muc-api.js → src/plugins/muc-views/tests/muc-api.js
View File

0
spec/muc-mentions.js → src/plugins/muc-views/tests/muc-mentions.js
View File

0
spec/muc_messages.js → src/plugins/muc-views/tests/muc-messages.js
View File

1
spec/room_registration.js → src/plugins/muc-views/tests/muc-registration.js
View File

@ -7,7 +7,6 @@ const $iq = converse.env.$iq,
describe("Chatrooms", function () {
describe("The /register commmand", function () {
it("allows you to register your nickname in a room",

0
spec/muc.js → src/plugins/muc-views/tests/muc.js
View File

0
spec/muclist.js → src/plugins/muc-views/tests/muclist.js
View File

0
spec/rai.js → src/plugins/muc-views/tests/rai.js
View File

56
src/plugins/muc-views/tests/xss.js Normal file
View File

@ -0,0 +1,56 @@
/*global mock, converse */
const $pres = converse.env.$pres;
const u = converse.env.utils;
describe("XSS", function () {
describe("A Groupchat", function () {
it("escapes occupant nicknames when rendering them, to avoid JS-injection attacks",
mock.initConverse([], {}, async function (done, _converse) {
await mock.openAndEnterChatRoom(_converse, 'lounge@montague.lit', 'romeo');
/* <presence xmlns="jabber:client" to="jc@chat.example.org/converse.js-17184538"
* from="oo@conference.chat.example.org/&lt;img src=&quot;x&quot; onerror=&quot;alert(123)&quot;/&gt;">
* <x xmlns="http://jabber.org/protocol/muc#user">
* <item jid="jc@chat.example.org/converse.js-17184538" affiliation="owner" role="moderator"/>
* <status code="110"/>
* </x>
* </presence>"
*/
const presence = $pres({
to:'romeo@montague.lit/pda',
from:"lounge@montague.lit/&lt;img src=&quot;x&quot; onerror=&quot;alert(123)&quot;/&gt;"
}).c('x').attrs({xmlns:'http://jabber.org/protocol/muc#user'})
.c('item').attrs({
jid: 'someone@montague.lit',
role: 'moderator',
}).up()
.c('status').attrs({code:'110'}).nodeTree;
_converse.connection._dataRecv(mock.createRequest(presence));
const view = _converse.chatboxviews.get('lounge@montague.lit');
await u.waitUntil(() => view.querySelectorAll('.occupant-list .occupant-nick').length === 2);
const occupants = view.querySelectorAll('.occupant-list li .occupant-nick');
expect(occupants.length).toBe(2);
expect(occupants[0].textContent.trim()).toBe("&lt;img src=&quot;x&quot; onerror=&quot;alert(123)&quot;/&gt;");
done();
}));
it("escapes the subject before rendering it, to avoid JS-injection attacks",
mock.initConverse([], {}, async function (done, _converse) {
await mock.openAndEnterChatRoom(_converse, 'jdev@conference.jabber.org', 'jc');
spyOn(window, 'alert');
const subject = '<img src="x" onerror="alert(\'XSS\');"/>';
const view = _converse.chatboxviews.get('jdev@conference.jabber.org');
view.model.set({'subject': {
'text': subject,
'author': 'ralphm'
}});
const text = await u.waitUntil(() => view.querySelector('.chat-head__desc')?.textContent.trim());
expect(text).toBe(subject);
done();
}));
});
});

0
spec/notification.js → src/plugins/notifications/tests/notification.js
View File

0
spec/register.js → src/plugins/register/tests/register.js
View File

0
spec/roster.js → src/plugins/rosterview/tests/roster.js
View File