File: test_mechanize_file.rb

package info (click to toggle)
ruby-mechanize 2.7.6-1%2Bdeb10u1
  • links: PTS, VCS
  • area: main
  • in suites: buster
  • size: 1,480 kB
  • sloc: ruby: 11,380; makefile: 5; sh: 4
file content (116 lines) | stat: -rw-r--r-- 2,768 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
 
require 'mechanize/test_case'

class TestMechanizeFile < Mechanize::TestCase

  def setup
    super

    @parser = Mechanize::File
  end

  def test_save
    uri = URI 'http://example/name.html'
    page = Mechanize::File.new uri, nil, '0123456789'

    Dir.mktmpdir do |dir|
      Dir.chdir dir do
        filename = page.save 'test.html'

        assert File.exist? 'test.html'
        assert_equal '0123456789', File.read('test.html')
        assert_equal "test.html", filename

        filename = page.save 'test.html'

        assert File.exist? 'test.html.1'
        assert_equal '0123456789', File.read('test.html.1')
        assert_equal "test.html.1", filename

        filename = page.save 'test.html'

        assert File.exist? 'test.html.2'
        assert_equal '0123456789', File.read('test.html.2')
        assert_equal "test.html.2", filename
      end
    end
  end

  def test_save_default
    uri = URI 'http://example/test.html'
    page = Mechanize::File.new uri, nil, ''

    Dir.mktmpdir do |dir|
      Dir.chdir dir do
        filename = page.save

        assert File.exist? 'test.html'
        assert_equal "test.html", filename

        filename = page.save

        assert File.exist? 'test.html.1'
        assert_equal "test.html.1", filename

        filename = page.save

        assert File.exist? 'test.html.2'
        assert_equal "test.html.2", filename
      end
    end
  end

  def test_save_default_dots
    uri = URI 'http://localhost/../test.html'
    page = Mechanize::File.new uri, nil, ''

    Dir.mktmpdir do |dir|
      Dir.chdir dir do
        filename = page.save
        assert File.exist? 'test.html'
        assert_equal "test.html", filename

        filename = page.save
        assert File.exist? 'test.html.1'
        assert_equal "test.html.1", filename
      end
    end
  end

  def test_filename
    uri = URI 'http://localhost/test.html'
    page = Mechanize::File.new uri, nil, ''

    assert_equal "test.html", page.filename
  end

  def test_save_overwrite
    uri = URI 'http://example/test.html'
    page = Mechanize::File.new uri, nil, ''

    Dir.mktmpdir do |dir|
      Dir.chdir dir do
        filename = page.save 'test.html'

        assert File.exist? 'test.html'
        assert_equal "test.html", filename

        filename = page.save! 'test.html'

        assert File.exist? 'test.html'
        refute File.exist? 'test.html.1'
        assert_equal "test.html", filename
      end
    end
  end

  def test_save_bang_does_not_allow_command_injection
    uri = URI 'http://example/test.html'
    page = Mechanize::File.new uri, nil, ''

    in_tmpdir do
      page.save!('| ruby -rfileutils -e \'FileUtils.touch("vul.txt")\'')
      refute_operator(File, :exist?, "vul.txt")
    end
  end
end