diff options
author | Kyle D <kdumontnu@gmail.com> | 2022-09-02 15:18:23 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-09-02 15:18:23 -0400 |
commit | c8ded77680db7344c8dc1ccee76bce0b4e02e103 (patch) | |
tree | bc63678ef62dc71ce68b29eeaf019c45cdb12034 /integrations/xss_test.go | |
parent | 5710ff343c9f16119ddbff06044e5d61388baa22 (diff) | |
download | gitea-c8ded77680db7344c8dc1ccee76bce0b4e02e103.tar.gz gitea-c8ded77680db7344c8dc1ccee76bce0b4e02e103.zip |
Kd/ci playwright go test (#20123)
* Add initial playwright config
* Simplify Makefile
* Simplify Makefile
* Use correct config files
* Update playwright settings
* Fix package-lock file
* Don't use test logger for e2e tests
* fix frontend lint
* Allow passing TEST_LOGGER variable
* Init postgres database
* use standard gitea env variables
* Update playwright
* update drone
* Move empty env var to commands
* Cleanup
* Move integrations to subfolder
* tests integrations to tests integraton
* Run e2e tests with go test
* Fix linting
* install CI deps
* Add files to ESlint
* Fix drone typo
* Don't log to console in CI
* Use go test http server
* Add build step before tests
* Move shared init function to common package
* fix drone
* Clean up tests
* Fix linting
* Better mocking for page + version string
* Cleanup test generation
* Remove dependency on gitea binary
* Fix linting
* add initial support for running specific tests
* Add ACCEPT_VISUAL variable
* don't require git-lfs
* Add initial documentation
* Review feedback
* Add logged in session test
* Attempt fixing drone race
* Cleanup and bump version
* Bump deps
* Review feedback
* simplify installation
* Fix ci
* Update install docs
Diffstat (limited to 'integrations/xss_test.go')
-rw-r--r-- | integrations/xss_test.go | 39 |
1 files changed, 0 insertions, 39 deletions
diff --git a/integrations/xss_test.go b/integrations/xss_test.go deleted file mode 100644 index d5ce94b0c6..0000000000 --- a/integrations/xss_test.go +++ /dev/null @@ -1,39 +0,0 @@ -// Copyright 2017 The Gitea Authors. All rights reserved. -// Use of this source code is governed by a MIT-style -// license that can be found in the LICENSE file. - -package integrations - -import ( - "net/http" - "testing" - - "code.gitea.io/gitea/models/unittest" - user_model "code.gitea.io/gitea/models/user" - - "github.com/stretchr/testify/assert" -) - -func TestXSSUserFullName(t *testing.T) { - defer prepareTestEnv(t)() - user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2}) - const fullName = `name & <script class="evil">alert('Oh no!');</script>` - - session := loginUser(t, user.Name) - req := NewRequestWithValues(t, "POST", "/user/settings", map[string]string{ - "_csrf": GetCSRF(t, session, "/user/settings"), - "name": user.Name, - "full_name": fullName, - "email": user.Email, - "language": "en-US", - }) - session.MakeRequest(t, req, http.StatusSeeOther) - - req = NewRequestf(t, "GET", "/%s", user.Name) - resp := session.MakeRequest(t, req, http.StatusOK) - htmlDoc := NewHTMLParser(t, resp.Body) - assert.EqualValues(t, 0, htmlDoc.doc.Find("script.evil").Length()) - assert.EqualValues(t, fullName, - htmlDoc.doc.Find("div.content").Find(".header.text.center").Text(), - ) -} |