forked from sparklemotion/mechanize
/
test_mechanize_file.rb
116 lines (86 loc) · 2.7 KB
/
test_mechanize_file.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
require 'mechanize/test_case'
class TestMechanizeFile < Mechanize::TestCase
def setup
super
@parser = Mechanize::File
end
def test_save
uri = URI 'http://example/name.html'
page = Mechanize::File.new uri, nil, '0123456789'
Dir.mktmpdir do |dir|
Dir.chdir dir do
filename = page.save 'test.html'
assert File.exist? 'test.html'
assert_equal '0123456789', File.read('test.html')
assert_equal "test.html", filename
filename = page.save 'test.html'
assert File.exist? 'test.html.1'
assert_equal '0123456789', File.read('test.html.1')
assert_equal "test.html.1", filename
filename = page.save 'test.html'
assert File.exist? 'test.html.2'
assert_equal '0123456789', File.read('test.html.2')
assert_equal "test.html.2", filename
end
end
end
def test_save_default
uri = URI 'http://example/test.html'
page = Mechanize::File.new uri, nil, ''
Dir.mktmpdir do |dir|
Dir.chdir dir do
filename = page.save
assert File.exist? 'test.html'
assert_equal "test.html", filename
filename = page.save
assert File.exist? 'test.html.1'
assert_equal "test.html.1", filename
filename = page.save
assert File.exist? 'test.html.2'
assert_equal "test.html.2", filename
end
end
end
def test_save_default_dots
uri = URI 'http://localhost/../test.html'
page = Mechanize::File.new uri, nil, ''
Dir.mktmpdir do |dir|
Dir.chdir dir do
filename = page.save
assert File.exist? 'test.html'
assert_equal "test.html", filename
filename = page.save
assert File.exist? 'test.html.1'
assert_equal "test.html.1", filename
end
end
end
def test_filename
uri = URI 'http://localhost/test.html'
page = Mechanize::File.new uri, nil, ''
assert_equal "test.html", page.filename
end
def test_save_overwrite
uri = URI 'http://example/test.html'
page = Mechanize::File.new uri, nil, ''
Dir.mktmpdir do |dir|
Dir.chdir dir do
filename = page.save 'test.html'
assert File.exist? 'test.html'
assert_equal "test.html", filename
filename = page.save! 'test.html'
assert File.exist? 'test.html'
refute File.exist? 'test.html.1'
assert_equal "test.html", filename
end
end
end
def test_save_bang_does_not_allow_command_injection
uri = URI 'http://example/test.html'
page = Mechanize::File.new uri, nil, ''
in_tmpdir do
page.save!('| ruby -rfileutils -e \'FileUtils.touch("vul.txt")\'')
refute_operator(File, :exist?, "vul.txt")
end
end
end