$url, 'title' => $title, 'attributes' => $attributes, ); } /** * Takes a url, and sees if it can validate that the url is valid. */ protected function link_test_validate_url($url) { $field_name = $this->createLinkField(); $permission = 'create page content'; $this->checkPermissions(array($permission), TRUE); $this->drupalGet('node/add/page'); $label = $this->randomName(); $edit = array( 'title' => $label, $field_name . '[und][0][title]' => $label, $field_name . '[und][0][url]' => $url, ); $this->drupalPost(NULL, $edit, t('Save')); $this->assertRaw(' has been created.', 'Node created'); $nid = 1; //$matches[1]; $node = node_load($nid); $this->assertEqual($url, $node->{$field_name}['und'][0]['url']); } } class LinkValidateTest extends LinkValidateTestCase { public static function getInfo() { return array( 'name' => 'Link Validation Tests', 'description' => 'Tests the field validation.', 'group' => 'Link', ); } function test_link_validate_basic_url() { $this->link_test_validate_url('http://www.example.com'); } /** * Test if we're stopped from posting a bad url on default validation. */ function test_link_validate_bad_url_validate_default() { $this->web_user = $this->drupalCreateUser(array('administer content types', 'administer nodes', 'administer filters', 'access content', 'create page content', 'access administration pages')); $this->drupalLogin($this->web_user); // create field $name = strtolower($this->randomName()); $edit = array( 'fields[_add_new_field][label]' => $name, 'fields[_add_new_field][field_name]' => $name, 'fields[_add_new_field][type]' => 'link_field', 'fields[_add_new_field][widget_type]' => 'link_field', ); $this->drupalPost('admin/structure/types/manage/page/fields', $edit, t('Save')); $this->drupalPost(NULL, array(), t('Save field settings')); $this->drupalPost(NULL, array(), t('Save settings')); // Is field created? $this->assertRaw(t('Saved %label configuration', array('%label' => $name)), 'Field added'); node_types_rebuild(); menu_rebuild(); // create page form $this->drupalGet('node/add/page'); $field_name = 'field_' . $name; $this->assertField('edit-field-' . $name . '-und-0-title', 'Title found'); $this->assertField('edit-field-' . $name . '-und-0-url', 'URL found'); $edit = array( 'title' => 'Simple Title', $field_name . '[und][0][url]' => 'edik:naw', ); $this->drupalPost(NULL, $edit, t('Save')); $this->assertText(t('The value @value provided for @field is not a valid URL.', array('@value' => 'edik:naw', '@field' => $name))); } /** * Test if we're stopped from posting a bad url with validation on. */ function test_link_validate_bad_url_validate_on() { $this->web_user = $this->drupalCreateUser(array('administer content types', 'administer nodes', 'administer filters', 'access content', 'create page content', 'access administration pages')); $this->drupalLogin($this->web_user); // create field $name = strtolower($this->randomName()); $edit = array( 'fields[_add_new_field][label]' => $name, 'fields[_add_new_field][field_name]' => $name, 'fields[_add_new_field][type]' => 'link_field', 'fields[_add_new_field][widget_type]' => 'link_field', ); $this->drupalPost('admin/structure/types/manage/page/fields', $edit, t('Save')); $this->drupalPost(NULL, array(), t('Save field settings')); $this->drupalPost(NULL, array('instance[settings][validate_url]' => TRUE), t('Save settings')); // Is field created? $this->assertRaw(t('Saved %label configuration', array('%label' => $name)), 'Field added'); node_types_rebuild(); menu_rebuild(); // create page form $this->drupalGet('node/add/page'); $field_name = 'field_' . $name; $this->assertField('edit-field-' . $name . '-und-0-title', 'Title found'); $this->assertField('edit-field-' . $name . '-und-0-url', 'URL found'); $edit = array( 'title' => 'Simple Title', $field_name . '[und][0][url]' => 'edik:naw', ); $this->drupalPost(NULL, $edit, t('Save')); $this->assertText(t('The value @value provided for @field is not a valid URL.', array('@field' => $name, '@value' => 'edik:naw'))); } /** * Test if we can post a bad url if the validation is expressly turned off. */ function test_link_validate_bad_url_validate_off() { $this->web_user = $this->drupalCreateUser(array('administer content types', 'administer nodes', 'administer filters', 'access content', 'create page content', 'access administration pages')); $this->drupalLogin($this->web_user); // create field $name = strtolower($this->randomName()); $edit = array( 'fields[_add_new_field][label]' => $name, 'fields[_add_new_field][field_name]' => $name, 'fields[_add_new_field][type]' => 'link_field', 'fields[_add_new_field][widget_type]' => 'link_field', ); $this->drupalPost('admin/structure/types/manage/page/fields', $edit, t('Save')); $this->drupalPost(NULL, array(), t('Save field settings')); $this->drupalPost(NULL, array('instance[settings][validate_url]' => FALSE), t('Save settings')); /*$instance_details = db_query("SELECT * FROM {field_config_instance} WHERE field_name = :field_name AND bundle = 'page'", array(':field_name' => 'field_'. $name))->fetchObject(); $this->fail('
'. print_r($instance_details, TRUE) .'
'); $this->fail('
'. print_r(unserialize($instance_details->data), TRUE) .'
');*/ // Is field created? $this->assertRaw(t('Saved %label configuration', array('%label' => $name)), 'Field added'); node_types_rebuild(); menu_rebuild(); // create page form $this->drupalGet('node/add/page'); $field_name = 'field_' . $name; $this->assertField('edit-field-' . $name . '-und-0-title', 'Title found'); $this->assertField('edit-field-' . $name . '-und-0-url', 'URL found'); $edit = array( 'title' => 'Simple Title', $field_name . '[und][0][url]' => 'edik:naw', ); $this->drupalPost(NULL, $edit, t('Save')); $this->assertNoText(t('The value %value provided for %field is not a valid URL.', array('%field' => $name, '%value' => 'edik:naw'))); } /** * Test if a bad url can sneak through un-filtered if we play with the validation... */ function x_test_link_validate_switching_between_validation_status() { $this->acquireContentTypes(1); $this->web_user = $this->drupalCreateUser(array('administer content types', 'administer nodes', 'access administration pages', 'access content', 'create ' . $this->content_types[0]->type . ' content', 'edit any ' . $this->content_types[0]->type . ' content')); $this->drupalLogin($this->web_user); variable_set('node_options_' . $this->content_types[0]->name, array('status', 'promote')); $field_settings = array( 'type' => 'link', 'widget_type' => 'link', 'type_name' => $this->content_types[0]->name, 'attributes' => array(), // <-- This is needed or we have an error 'validate_url' => 0, ); $field = $this->createField($field_settings, 0); //$this->fail('
'. print_r($field, TRUE) .'
'); $field_db_info = content_database_info($field); $this->acquireNodes(2); $node = node_load($this->nodes[0]->nid); $this->drupalGet('node/' . $this->nodes[0]->nid); $edit = array(); $title = $this->randomName(); $url = 'javascript:alert("http://example.com/' . $this->randomName() . '")'; $edit[$field['field_name'] . '[0][url]'] = $url; $edit[$field['field_name'] . '[0][title]'] = $title; $this->drupalPost('node/' . $this->nodes[0]->nid . '/edit', $edit, t('Save')); //$this->pass($this->content); $this->assertNoText(t('The value %value provided for %field is not a valid URL.', array('%field' => $name, '%value' => trim($url)))); // Make sure we get a new version! $node = node_load($this->nodes[0]->nid, NULL, TRUE); $this->assertEqual($url, $node->{$field['field_name']}[0]['url']); $this->drupalGet('node/' . $node->nid); $this->assertNoRaw($url, 'Make sure Javascript does not display.'); // Turn the array validation back _on_. $edit = array('validate_url' => TRUE); $node_type_link = str_replace('_', '-', $node->type); //$this->drupalGet('admin/content/node-type/'. $node_type_link .'/fields'); ///'. $field['field_name']); //$this->fail($this->content); $this->drupalPost('admin/content/node-type/' . $node_type_link . '/fields/' . $field['field_name'], $edit, t('Save field settings')); $this->drupalGet('node/' . $node->nid); // This actually works because the display_url goes through the core // url() function. But we should have a test that makes sure it continues // to work. $this->assertNoRaw($url, 'Make sure Javascript does not display.'); //$this->fail($this->content); } // Validate that '' is a valid url. function test_link_front_url() { $this->link_test_validate_url(''); } // Validate that an internal url would be accepted. function test_link_internal_url() { $this->link_test_validate_url('node/32'); } // Validate a simple mailto. function test_link_mailto() { $this->link_test_validate_url('mailto:jcfiala@gmail.com'); } function test_link_external_https() { $this->link_test_validate_url('https://www.example.com/'); } function test_link_ftp() { $this->link_test_validate_url('ftp://www.example.com/'); } } class LinkValidateTestNews extends LinkValidateTestCase { public static function getInfo() { return array( 'name' => 'Link News Validation Tests', 'description' => 'Tests the field validation for usenet urls.', 'group' => 'Link', ); } // Validate a news link to a message group function test_link_news() { $this->link_test_validate_url('news:comp.infosystems.www.misc'); } // Validate a news link to a message id. Said ID copied off of google groups. function test_link_news_message() { $this->link_test_validate_url('news:hj0db8$vrm$1@news.eternal-september.org'); } } class LinkValidateSpecificURL extends LinkValidateTestCase { public static function getInfo() { return array( 'name' => 'Link Specific URL Validation Tests', 'description' => 'Tests field validation with unusual urls', 'group' => 'Link', ); } // Lets throw in a lot of umlouts for testing! function test_umlout_url() { $this->link_test_validate_url('http://üÜü.exämple.com/nöde'); } function test_umlout_mailto() { $this->link_test_validate_url('mailto:Üser@exÅmple.com'); } function test_german_b_url() { $this->link_test_validate_url('http://www.test.com/ßstuff'); } function test_special_n_url() { $this->link_test_validate_url('http://www.testÑñ.com/'); } function test_curly_brackets_in_query() { $this->link_test_validate_url('http://www.healthyteennetwork.org/index.asp?Type=B_PR&SEC={2AE1D600-4FC6-4B4D-8822-F1D5F072ED7B}&DE={235FD1E7-208D-4363-9854-4E6775EB8A4C}'); } /** * Here, we're testing that a very long url is stored properly in the db. * * Basicly, trying to test http://drupal.org/node/376818 */ function testLinkURLFieldIsBig() { $long_url = 'http://th.wikipedia.org/wiki/%E0%B9%82%E0%B8%A3%E0%B8%87%E0%B9%80%E0%B8%A3%E0%B8%B5%E0%B8%A2%E0%B8%99%E0%B9%80%E0%B8%9A%E0%B8%8D%E0%B8%88%E0%B8%A1%E0%B8%A3%E0%B8%B2%E0%B8%8A%E0%B8%B9%E0%B8%97%E0%B8%B4%E0%B8%A8_%E0%B8%99%E0%B8%84%E0%B8%A3%E0%B8%A8%E0%B8%A3%E0%B8%B5%E0%B8%98%E0%B8%A3%E0%B8%A3%E0%B8%A1%E0%B8%A3%E0%B8%B2%E0%B8%8A'; $this->link_test_validate_url($long_url); } } /** * A series of tests of links, only going against the link_validate_url function in link.module. * * Validation is guided by the rules in http://tools.ietf.org/html/rfc1738 ! */ class LinkValidateUrlLight extends DrupalWebTestCase { public static function getInfo() { return array( 'name' => 'Link Light Validation Tests', 'description' => 'Tests the link_validate_url() function by itself, without invoking the full drupal/cck lifecycle.', 'group' => 'Link', ); } /** * Translates the LINK type constants to english for display and debugging of tests */ function name_Link_Type($type) { switch ($type) { case LINK_FRONT: return "Front"; case LINK_EMAIL: return "Email"; case LINK_NEWS: return "Newsgroup"; case LINK_INTERNAL: return "Internal Link"; case LINK_EXTERNAL: return "External Link"; case FALSE: return "Invalid Link"; default: return "Bad Value:" . $type; } } // Make sure that a link labelled works. function testValidateFrontLink() { $valid = link_validate_url(''); $this->assertEqual(LINK_FRONT, $valid, 'Make sure that front link is verfied and identified'); } function testValidateEmailLink() { $valid = link_validate_url('mailto:bob@example.com'); $this->assertEqual(LINK_EMAIL, $valid, "Make sure a basic mailto is verified and identified"); } function testValidateEmailLinkBad() { $valid = link_validate_url(':bob@example.com'); $this->assertEqual(FALSE, $valid, 'Make sure just a bad address is correctly failed'); } function testValidateNewsgroupLink() { $valid = link_validate_url('news:comp.infosystems.www.misc'); $this->assertEqual(LINK_NEWS, $valid, 'Make sure link to newsgroup validates as news.'); } function testValidateNewsArticleLink() { $valid = link_validate_url('news:hj0db8$vrm$1@news.eternal-september.org'); $this->assertEqual(LINK_NEWS, $valid, 'Make sure link to specific article valiates as news.'); } function testValidateBadNewsgroupLink() { $valid = link_validate_url('news:comp.bad_name.misc'); $this->assertEqual(FALSE, $valid, 'newsgroup names can\'t contain underscores, so it should come back as invalid.'); } function testValidateInternalLinks() { $links = array( 'node/5', 'rss.xml', 'files/test.jpg', '/var/www/test', ); foreach ($links as $link) { $valid = link_validate_url($link); $this->assertEqual(LINK_INTERNAL, $valid, 'Test ' . $link . ' internal link.'); } } function testValidateExternalLinks() { $links = array( 'http://localhost:8080/', 'www.example.com', 'www.example.com/', 'http://username:p%40ssw0rd!@www.example.com/', 'http://@www.example.com/', 'http://username:@www.example.com/', 'http://username:password@www.example.com:8080/', 'http://127.0.0.1:80/', 'http://127.173.24.255:4723/', '127.173.24.255:4723/', 'http://255.255.255.255:4823/', 'www.test-site.com', 'http://example.com/index.php?q=node/123', 'http://example.com/index.php?page=this\that', 'http://example.com/?first_name=Joe Bob&last_name=Smith', // Anchors 'http://www.example.com/index.php#test', 'http://www.example.com/index.php#this@that.', 'http://www.example.com/index.php#', 'http://www.cnn.com/video/#/video/politics/2008/12/09/intv.madeleine.albright.cnn', 'http://www.archive.org/stream/aesopsfables00aesorich#page/n7/mode/2up', 'http://www.example.com/blah/#this@that?', ); // Test all of the protocols. $allowed_protocols = variable_get('filter_allowed_protocols', array('http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'mailto', 'irc', 'ssh', 'sftp', 'webcal')); foreach ($allowed_protocols as $protocol) { if ($protocol !== 'news' && $protocol !== 'mailto') { $links[] = $protocol . '://www.example.com'; } } foreach ($links as $link) { $valid = link_validate_url($link); $this->assertEqual(LINK_EXTERNAL, $valid, 'Testing that ' . $link . ' is a valid external link.'); // The following two lines are commented out and only used for comparisons. //$valid2 = valid_url($link, TRUE); //$this->assertEqual(TRUE, $valid2, "Using valid_url() on $link."); } // Test if we can make a tld valid: variable_set('link_extra_domains', array('frog')); $valid = link_validate_url('http://www.example.frog'); $this->assertEqual(LINK_EXTERNAL, $valid, "Testing that http://www.example.frog is a valid external link if we've added 'frog' to the list of valid domains."); } function testInvalidExternalLinks() { $links = array( 'http://www.ex ample.com/', 'http://25.0.0/', // bad ip! 'http://4827.0.0.2/', '//www.example.com/', 'http://www.testß.com/', // ß not allowed in domain names! 'http://www.example.frog/', // Bad TLD //'http://www.-fudge.com/', // domains can't have sections starting with a dash. ); foreach ($links as $link) { $valid = link_validate_url($link); $this->assertEqual(FALSE, $valid, 'Testing that ' . $link . ' is not a valid link.'); } } }