diff options
author | James Moger <james.moger@gitblit.com> | 2014-09-06 11:25:42 -0400 |
---|---|---|
committer | James Moger <james.moger@gitblit.com> | 2014-09-07 11:42:40 -0400 |
commit | fc3a39d464b1303f0b7d01d0160f81cbbb80a98b (patch) | |
tree | 9a45d2f99aa1393198e8610221eb51e982e0d5af /src/test | |
parent | 90eb5a08ddd6a3a246e8b73da9524c304838928a (diff) | |
download | gitblit-fc3a39d464b1303f0b7d01d0160f81cbbb80a98b.tar.gz gitblit-fc3a39d464b1303f0b7d01d0160f81cbbb80a98b.zip |
Create infrastructure for XSS sanitization
Diffstat (limited to 'src/test')
9 files changed, 45 insertions, 14 deletions
diff --git a/src/test/java/com/gitblit/tests/AuthenticationManagerTest.java b/src/test/java/com/gitblit/tests/AuthenticationManagerTest.java index f1d2711e..0cdee6cb 100644 --- a/src/test/java/com/gitblit/tests/AuthenticationManagerTest.java +++ b/src/test/java/com/gitblit/tests/AuthenticationManagerTest.java @@ -26,6 +26,8 @@ import com.gitblit.manager.RuntimeManager; import com.gitblit.manager.UserManager; import com.gitblit.models.UserModel; import com.gitblit.tests.mock.MemorySettings; +import com.gitblit.utils.XssFilter; +import com.gitblit.utils.XssFilter.AllowXssFilter; /** * Class for testing local authentication. @@ -42,7 +44,8 @@ public class AuthenticationManagerTest extends GitblitUnitTest { } IAuthenticationManager newAuthenticationManager() { - RuntimeManager runtime = new RuntimeManager(getSettings(), GitBlitSuite.BASEFOLDER).start(); + XssFilter xssFilter = new AllowXssFilter(); + RuntimeManager runtime = new RuntimeManager(getSettings(), xssFilter, GitBlitSuite.BASEFOLDER).start(); users = new UserManager(runtime, null).start(); AuthenticationManager auth = new AuthenticationManager(runtime, users).start(); return auth; diff --git a/src/test/java/com/gitblit/tests/BranchTicketServiceTest.java b/src/test/java/com/gitblit/tests/BranchTicketServiceTest.java index cc404abf..0a5de196 100644 --- a/src/test/java/com/gitblit/tests/BranchTicketServiceTest.java +++ b/src/test/java/com/gitblit/tests/BranchTicketServiceTest.java @@ -29,6 +29,8 @@ import com.gitblit.manager.UserManager; import com.gitblit.models.RepositoryModel; import com.gitblit.tickets.BranchTicketService; import com.gitblit.tickets.ITicketService; +import com.gitblit.utils.XssFilter; +import com.gitblit.utils.XssFilter.AllowXssFilter; /** * Tests the branch ticket service. @@ -50,8 +52,8 @@ public class BranchTicketServiceTest extends TicketServiceTest { protected ITicketService getService(boolean deleteAll) throws Exception { IStoredSettings settings = getSettings(deleteAll); - - IRuntimeManager runtimeManager = new RuntimeManager(settings).start(); + XssFilter xssFilter = new AllowXssFilter(); + IRuntimeManager runtimeManager = new RuntimeManager(settings, xssFilter).start(); IPluginManager pluginManager = new PluginManager(runtimeManager).start(); INotificationManager notificationManager = new NotificationManager(settings).start(); IUserManager userManager = new UserManager(runtimeManager, pluginManager).start(); diff --git a/src/test/java/com/gitblit/tests/FileTicketServiceTest.java b/src/test/java/com/gitblit/tests/FileTicketServiceTest.java index 6ede042a..1fb2eed9 100644 --- a/src/test/java/com/gitblit/tests/FileTicketServiceTest.java +++ b/src/test/java/com/gitblit/tests/FileTicketServiceTest.java @@ -29,6 +29,8 @@ import com.gitblit.manager.UserManager; import com.gitblit.models.RepositoryModel; import com.gitblit.tickets.FileTicketService; import com.gitblit.tickets.ITicketService; +import com.gitblit.utils.XssFilter; +import com.gitblit.utils.XssFilter.AllowXssFilter; /** * Tests the file ticket service. @@ -49,8 +51,8 @@ public class FileTicketServiceTest extends TicketServiceTest { protected ITicketService getService(boolean deleteAll) throws Exception { IStoredSettings settings = getSettings(deleteAll); - - IRuntimeManager runtimeManager = new RuntimeManager(settings).start(); + XssFilter xssFilter = new AllowXssFilter(); + IRuntimeManager runtimeManager = new RuntimeManager(settings, xssFilter).start(); IPluginManager pluginManager = new PluginManager(runtimeManager).start(); INotificationManager notificationManager = new NotificationManager(settings).start(); IUserManager userManager = new UserManager(runtimeManager, pluginManager).start(); diff --git a/src/test/java/com/gitblit/tests/HtpasswdAuthenticationTest.java b/src/test/java/com/gitblit/tests/HtpasswdAuthenticationTest.java index f4e24d4e..e2bb764e 100644 --- a/src/test/java/com/gitblit/tests/HtpasswdAuthenticationTest.java +++ b/src/test/java/com/gitblit/tests/HtpasswdAuthenticationTest.java @@ -32,6 +32,8 @@ import com.gitblit.manager.RuntimeManager; import com.gitblit.manager.UserManager; import com.gitblit.models.UserModel; import com.gitblit.tests.mock.MemorySettings; +import com.gitblit.utils.XssFilter; +import com.gitblit.utils.XssFilter.AllowXssFilter; /** * Test the Htpasswd user service. @@ -74,7 +76,8 @@ public class HtpasswdAuthenticationTest extends GitblitUnitTest { } private HtpasswdAuthProvider newHtpasswdAuthentication(IStoredSettings settings) { - RuntimeManager runtime = new RuntimeManager(settings, GitBlitSuite.BASEFOLDER).start(); + XssFilter xssFilter = new AllowXssFilter(); + RuntimeManager runtime = new RuntimeManager(settings, xssFilter, GitBlitSuite.BASEFOLDER).start(); UserManager users = new UserManager(runtime, null).start(); HtpasswdAuthProvider htpasswd = new HtpasswdAuthProvider(); htpasswd.setup(runtime, users); @@ -82,7 +85,8 @@ public class HtpasswdAuthenticationTest extends GitblitUnitTest { } private AuthenticationManager newAuthenticationManager(IStoredSettings settings) { - RuntimeManager runtime = new RuntimeManager(settings, GitBlitSuite.BASEFOLDER).start(); + XssFilter xssFilter = new AllowXssFilter(); + RuntimeManager runtime = new RuntimeManager(settings, xssFilter, GitBlitSuite.BASEFOLDER).start(); UserManager users = new UserManager(runtime, null).start(); HtpasswdAuthProvider htpasswd = new HtpasswdAuthProvider(); htpasswd.setup(runtime, users); diff --git a/src/test/java/com/gitblit/tests/LdapAuthenticationTest.java b/src/test/java/com/gitblit/tests/LdapAuthenticationTest.java index 646f7e9f..7c84ecc2 100644 --- a/src/test/java/com/gitblit/tests/LdapAuthenticationTest.java +++ b/src/test/java/com/gitblit/tests/LdapAuthenticationTest.java @@ -39,6 +39,8 @@ import com.gitblit.manager.UserManager; import com.gitblit.models.TeamModel; import com.gitblit.models.UserModel; import com.gitblit.tests.mock.MemorySettings; +import com.gitblit.utils.XssFilter; +import com.gitblit.utils.XssFilter.AllowXssFilter; import com.unboundid.ldap.listener.InMemoryDirectoryServer; import com.unboundid.ldap.listener.InMemoryDirectoryServerConfig; import com.unboundid.ldap.listener.InMemoryListenerConfig; @@ -96,7 +98,8 @@ public class LdapAuthenticationTest extends GitblitUnitTest { } private LdapAuthProvider newLdapAuthentication(IStoredSettings settings) { - RuntimeManager runtime = new RuntimeManager(settings, GitBlitSuite.BASEFOLDER).start(); + XssFilter xssFilter = new AllowXssFilter(); + RuntimeManager runtime = new RuntimeManager(settings, xssFilter, GitBlitSuite.BASEFOLDER).start(); userManager = new UserManager(runtime, null).start(); LdapAuthProvider ldap = new LdapAuthProvider(); ldap.setup(runtime, userManager); @@ -104,7 +107,8 @@ public class LdapAuthenticationTest extends GitblitUnitTest { } private AuthenticationManager newAuthenticationManager(IStoredSettings settings) { - RuntimeManager runtime = new RuntimeManager(settings, GitBlitSuite.BASEFOLDER).start(); + XssFilter xssFilter = new AllowXssFilter(); + RuntimeManager runtime = new RuntimeManager(settings, xssFilter, GitBlitSuite.BASEFOLDER).start(); AuthenticationManager auth = new AuthenticationManager(runtime, userManager); auth.addAuthenticationProvider(newLdapAuthentication(settings)); return auth; diff --git a/src/test/java/com/gitblit/tests/LuceneExecutorTest.java b/src/test/java/com/gitblit/tests/LuceneExecutorTest.java index 5c319e65..a8358b99 100644 --- a/src/test/java/com/gitblit/tests/LuceneExecutorTest.java +++ b/src/test/java/com/gitblit/tests/LuceneExecutorTest.java @@ -34,6 +34,8 @@ import com.gitblit.service.LuceneService; import com.gitblit.tests.mock.MemorySettings;
import com.gitblit.utils.FileUtils;
import com.gitblit.utils.JGitUtils;
+import com.gitblit.utils.XssFilter;
+import com.gitblit.utils.XssFilter.AllowXssFilter;
/**
* Tests Lucene indexing and querying.
@@ -48,7 +50,8 @@ public class LuceneExecutorTest extends GitblitUnitTest { private LuceneService newLuceneExecutor() {
MemorySettings settings = new MemorySettings();
settings.put(Keys.git.repositoriesFolder, GitBlitSuite.REPOSITORIES);
- RuntimeManager runtime = new RuntimeManager(settings, GitBlitSuite.BASEFOLDER).start();
+ XssFilter xssFilter = new AllowXssFilter();
+ RuntimeManager runtime = new RuntimeManager(settings, xssFilter, GitBlitSuite.BASEFOLDER).start();
UserManager users = new UserManager(runtime, null).start();
RepositoryManager repos = new RepositoryManager(runtime, null, users);
return new LuceneService(settings, repos);
diff --git a/src/test/java/com/gitblit/tests/RedisTicketServiceTest.java b/src/test/java/com/gitblit/tests/RedisTicketServiceTest.java index b782b449..48011ade 100644 --- a/src/test/java/com/gitblit/tests/RedisTicketServiceTest.java +++ b/src/test/java/com/gitblit/tests/RedisTicketServiceTest.java @@ -30,6 +30,8 @@ import com.gitblit.manager.UserManager; import com.gitblit.models.RepositoryModel; import com.gitblit.tickets.ITicketService; import com.gitblit.tickets.RedisTicketService; +import com.gitblit.utils.XssFilter; +import com.gitblit.utils.XssFilter.AllowXssFilter; /** * Tests the Redis ticket service. @@ -57,8 +59,8 @@ public class RedisTicketServiceTest extends TicketServiceTest { protected ITicketService getService(boolean deleteAll) throws Exception { IStoredSettings settings = getSettings(deleteAll); - - IRuntimeManager runtimeManager = new RuntimeManager(settings).start(); + XssFilter xssFilter = new AllowXssFilter(); + IRuntimeManager runtimeManager = new RuntimeManager(settings, xssFilter).start(); IPluginManager pluginManager = new PluginManager(runtimeManager).start(); INotificationManager notificationManager = new NotificationManager(settings).start(); IUserManager userManager = new UserManager(runtimeManager, pluginManager).start(); diff --git a/src/test/java/com/gitblit/tests/RedmineAuthenticationTest.java b/src/test/java/com/gitblit/tests/RedmineAuthenticationTest.java index 3b6b7bba..ad773b7a 100644 --- a/src/test/java/com/gitblit/tests/RedmineAuthenticationTest.java +++ b/src/test/java/com/gitblit/tests/RedmineAuthenticationTest.java @@ -13,6 +13,8 @@ import com.gitblit.manager.RuntimeManager; import com.gitblit.manager.UserManager; import com.gitblit.models.UserModel; import com.gitblit.tests.mock.MemorySettings; +import com.gitblit.utils.XssFilter; +import com.gitblit.utils.XssFilter.AllowXssFilter; public class RedmineAuthenticationTest extends GitblitUnitTest { @@ -25,7 +27,8 @@ public class RedmineAuthenticationTest extends GitblitUnitTest { } RedmineAuthProvider newRedmineAuthentication(IStoredSettings settings) { - RuntimeManager runtime = new RuntimeManager(settings, GitBlitSuite.BASEFOLDER).start(); + XssFilter xssFilter = new AllowXssFilter(); + RuntimeManager runtime = new RuntimeManager(settings, xssFilter, GitBlitSuite.BASEFOLDER).start(); UserManager users = new UserManager(runtime, null).start(); RedmineAuthProvider redmine = new RedmineAuthProvider(); redmine.setup(runtime, users); @@ -37,7 +40,8 @@ public class RedmineAuthenticationTest extends GitblitUnitTest { } AuthenticationManager newAuthenticationManager() { - RuntimeManager runtime = new RuntimeManager(getSettings(), GitBlitSuite.BASEFOLDER).start(); + XssFilter xssFilter = new AllowXssFilter(); + RuntimeManager runtime = new RuntimeManager(getSettings(), xssFilter, GitBlitSuite.BASEFOLDER).start(); UserManager users = new UserManager(runtime, null).start(); RedmineAuthProvider redmine = new RedmineAuthProvider(); redmine.setup(runtime, users); diff --git a/src/test/java/com/gitblit/tests/mock/MockRuntimeManager.java b/src/test/java/com/gitblit/tests/mock/MockRuntimeManager.java index 54be539f..7b563622 100644 --- a/src/test/java/com/gitblit/tests/mock/MockRuntimeManager.java +++ b/src/test/java/com/gitblit/tests/mock/MockRuntimeManager.java @@ -28,6 +28,8 @@ import com.gitblit.manager.IRuntimeManager; import com.gitblit.models.ServerSettings; import com.gitblit.models.ServerStatus; import com.gitblit.models.SettingModel; +import com.gitblit.utils.XssFilter; +import com.gitblit.utils.XssFilter.AllowXssFilter; public class MockRuntimeManager implements IRuntimeManager { @@ -148,6 +150,11 @@ public class MockRuntimeManager implements IRuntimeManager { } @Override + public XssFilter getXssFilter() { + return new AllowXssFilter(); + } + + @Override public boolean updateSettings(Map<String, String> updatedSettings) { return settings.saveSettings(updatedSettings); } |