def test_URISourceExpression_str_unicode(self):
"""Test URISourceExpression serialisation with unicode characters."""
url = u'http://handbook5.com/a/a-security-analysis-of-amazon%E2%80%99s-elastic-compute-cloud-service-w14847.html'
unicodePath = u"/a/a-security-analysis-of-amazon’s-elastic-compute-cloud-service-w14847.html"
parsed = SourceExpressionParser().parse(url)
assert parsed == URISourceExpression("http", "handbook5.com", None,
unicodePath)
assert str(parsed) == url # must use quoted version
def test_parse_uri_full(self):
exprStr = "http://seclab.nu:80/path"
srcExpr = SourceExpressionParser().parse(exprStr)
assert srcExpr == URISourceExpression("http", "seclab.nu", 80, "/path")
assert srcExpr.getType() == "uri"
assert srcExpr.getScheme() == "http"
assert srcExpr.getHost() == "seclab.nu"
assert srcExpr.getPort() == 80
assert srcExpr.getPath() == "/path"
assert str(srcExpr) == exprStr
def test_parse_uri_scheme(self):
exprStr = "chrome-extension:"
srcExpr = SourceExpressionParser().parse(exprStr)
assert srcExpr == URISourceExpression("chrome-extension", None, None,
None)
assert srcExpr.getType() == "uri"
assert srcExpr.getScheme() == "chrome-extension"
assert srcExpr.getHost() == None
assert srcExpr.getPort() == None
assert srcExpr.getPath() == None
assert str(srcExpr) == exprStr
def test_parse_uri_scheme(self):
exprStr = "chrome-extension:"
srcExpr = SourceExpressionParser().parse(exprStr)
assert srcExpr == URISourceExpression("chrome-extension", None, None, None)
assert srcExpr.getType() == "uri"
assert srcExpr.getScheme() == "chrome-extension"
assert srcExpr.getHost() == None
assert srcExpr.getPort() == None
assert srcExpr.getPath() == None
assert str(srcExpr) == exprStr
def test_parse_uri_full(self):
exprStr = "http://seclab.nu:80/path"
srcExpr = SourceExpressionParser().parse(exprStr)
assert srcExpr == URISourceExpression("http", "seclab.nu", 80, "/path")
assert srcExpr.getType() == "uri"
assert srcExpr.getScheme() == "http"
assert srcExpr.getHost() == "seclab.nu"
assert srcExpr.getPort() == 80
assert srcExpr.getPath() == "/path"
assert str(srcExpr) == exprStr
def test_parse_self(self):
srcExpr = SourceExpressionParser().parse("'self'")
assert srcExpr == SelfSourceExpression.SELF()
assert srcExpr.getType() == "self"
assert srcExpr == SourceExpressionParser().parse("'SELF'")
def test_parse_inline(self):
srcExpr = SourceExpressionParser().parse("'unsafe-inline'")
assert srcExpr == SourceExpression.UNSAFE_INLINE()
assert srcExpr.getType() == "unsafe-inline"
assert srcExpr == SourceExpressionParser().parse("'UNSAFE-INLINE'")
def test_parse_eval(self):
srcExpr = SourceExpressionParser().parse("'unsafe-eval'")
assert srcExpr == SourceExpression.UNSAFE_EVAL()
assert srcExpr.getType() == "unsafe-eval"
assert srcExpr == SourceExpressionParser().parse("'UNSAFE-EVAL'")
def test_parse_unsupported_scheme_fails(self):
exprStr = "my-scheme://domain/path"
srcExpr = SourceExpressionParser(knownSchemes=('http',
'https')).parse(exprStr)
assert srcExpr == SourceExpression.INVALID()
def test_parse_uri_decoding(self):
exprStr = "http://domain/path%20space"
srcExpr = SourceExpressionParser().parse(exprStr)
assert srcExpr == URISourceExpression("http", "domain", None,
"/path space")
def test_parse_uri_scheme_starport(self):
exprStr = "http://host:*/path"
srcExpr = SourceExpressionParser().parse(exprStr)
assert srcExpr == URISourceExpression("http", "host", "*", "/path")
def test_parse_inline(self):
srcExpr = SourceExpressionParser().parse("'unsafe-inline'")
assert srcExpr == SourceExpression.UNSAFE_INLINE()
assert srcExpr.getType() == "unsafe-inline"
assert srcExpr == SourceExpressionParser().parse("'UNSAFE-INLINE'")
def test_parse_uri_noport(self):
exprStr = "https://seclab.nu/"
srcExpr = SourceExpressionParser().parse(exprStr)
assert srcExpr == URISourceExpression("https", "seclab.nu", None, "/")
def test_parse_eval(self):
srcExpr = SourceExpressionParser().parse("'unsafe-eval'")
assert srcExpr == SourceExpression.UNSAFE_EVAL()
assert srcExpr.getType() == "unsafe-eval"
assert srcExpr == SourceExpressionParser().parse("'UNSAFE-EVAL'")
def test_parse_uri_starsubdomain(self):
exprStr = "http://*.seclab.nu"
srcExpr = SourceExpressionParser().parse(exprStr)
assert srcExpr == URISourceExpression("http", "*.seclab.nu", None,
None)
def test_parse_uri_noscheme_port_path(self):
exprStr = "seclab.nu:443/blah"
srcExpr = SourceExpressionParser().parse(exprStr)
assert srcExpr == URISourceExpression(None, "seclab.nu", 443, "/blah")
def test_parse_uri_noscheme(self):
exprStr = "seclab.nu"
srcExpr = SourceExpressionParser().parse(exprStr)
assert srcExpr == URISourceExpression(None, "seclab.nu", None, None)
def test_parse_uri_star(self):
exprStr = "*"
srcExpr = SourceExpressionParser().parse(exprStr)
assert srcExpr == URISourceExpression(None, "*", None, None)
def test_parse_uri_scheme_star_port_path(self):
exprStr = "http://*:80/path"
srcExpr = SourceExpressionParser(knownSchemes=('blubb',
'http')).parse(exprStr)
assert srcExpr == URISourceExpression("http", "*", 80, "/path")
def test_parse_uri_nopath(self):
exprStr = "http://localhost:8080"
srcExpr = SourceExpressionParser().parse(exprStr)
assert srcExpr == URISourceExpression("http", "localhost", 8080, None)
def test_parse_self(self):
srcExpr = SourceExpressionParser().parse("'self'")
assert srcExpr == SelfSourceExpression.SELF()
assert srcExpr.getType() == "self"
assert srcExpr == SourceExpressionParser().parse("'SELF'")