def test_apps_disallow_thunderbird_and_seamonkey(self): zip_file = utils.SafeZip(get_addon_file( 'valid_firefox_and_thunderbird_addon.xpi')) extracted = utils.RDFExtractor(zip_file).parse() apps = extracted['apps'] assert len(apps) == 1 assert apps[0].appdata == amo.FIREFOX assert apps[0].min.version == '38.0a1' assert apps[0].max.version == '43.0'
def test_apps(self): zip_file = utils.SafeZip( get_addon_file('valid_firefox_and_thunderbird_addon.xpi')) extracted = utils.RDFExtractor(zip_file).parse() apps = sorted(extracted['apps'], key=attrgetter('id')) assert len(apps) == 2 assert apps[0].appdata == amo.FIREFOX assert apps[0].min.version == '38.0a1' assert apps[0].max.version == '43.0' assert apps[1].appdata == amo.THUNDERBIRD assert apps[1].min.version == '42.0' assert apps[1].max.version == '45.0'
def test_general_entity_expansion_is_disabled(self): install_rdf_dir = os.path.join( os.path.dirname(__file__), '..', 'fixtures', 'files', 'xxe-example-install') # This asserts that the malicious install.rdf blows up with # a parse error. If it gets as far as this specific parse error # it means that the external entity was not processed. # # Before the patch in files/utils.py, this would raise an IOError # from the test suite refusing to make an external HTTP request to # the entity ref. with pytest.raises(EntitiesForbidden): utils.RDFExtractor(install_rdf_dir)