diff --git a/.gitignore b/.gitignore
index a752f8c..c17e3b4 100644
--- a/.gitignore
+++ b/.gitignore
@@ -30,6 +30,7 @@ vendor/**/build_phar.php
# Ignore local node modules, unit testing logs, api docs and eclipse project files
js/node_modules/
+js/test.log
tst/log/
tst/ConfigurationCombinationsTest.php
.settings
diff --git a/js/privatebin.js b/js/privatebin.js
index 65d8187..8cf7683 100644
--- a/js/privatebin.js
+++ b/js/privatebin.js
@@ -107,19 +107,6 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
return [v, 'month'];
}
- /**
- * checks if a string is valid text (and not onyl whitespace)
- *
- * @name Helper.isValidText
- * @function
- * @param {string} string
- * @return {bool}
- */
- me.isValidText = function(string)
- {
- return (string.length > 0 && $.trim(string) !== '')
- }
-
/**
* text range selection
*
@@ -319,7 +306,7 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
* @param {object} document
* @class
*/
- var I18n = (function (window, document) {
+ var I18n = (function () {
var me = {};
/**
@@ -551,8 +538,20 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
});
}
+ /**
+ * resets state, used for unit testing
+ *
+ * @name I18n.reset
+ * @function
+ */
+ me.reset = function(mockLanguage, mockTranslations)
+ {
+ language = mockLanguage || null;
+ translations = mockTranslations || {};
+ }
+
return me;
- })(window, document);
+ })();
/**
* handles everything related to en/decryption
@@ -823,7 +822,6 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
$cipherData = $templates = id = symmetricKey = null;
}
-
/**
* init navigation manager
*
diff --git a/js/test.js b/js/test.js
index 2d5a544..c6e5c7a 100644
--- a/js/test.js
+++ b/js/test.js
@@ -13,15 +13,22 @@ var jsc = require('jsverify'),
})
),
// schemas supported by the whatwg-url library
- schemas = ['ftp','gopher','http','https','ws','wss'];
+ schemas = ['ftp','gopher','http','https','ws','wss'],
+ supportedLanguages = ['de', 'es', 'fr', 'it', 'no', 'pl', 'pt', 'oc', 'ru', 'sl', 'zh'],
+ logFile = require('fs').createWriteStream('test.log');
global.$ = global.jQuery = require('./jquery-3.1.1');
global.sjcl = require('./sjcl-1.0.6');
-global.Base64 = require('./base64-2.1.9');
-global.RawDeflate = require('./rawdeflate-0.5');
-require('./rawinflate-0.3');
+global.Base64 = require('./base64-2.1.9').Base64;
+global.RawDeflate = require('./rawdeflate-0.5').RawDeflate;
+global.RawDeflate.inflate = require('./rawinflate-0.3').RawDeflate.inflate;
require('./privatebin');
+// redirect console messages to log file
+console.warn = console.error = function (msg) {
+ logFile.write(msg + '\n');
+}
+
describe('Helper', function () {
describe('secondsToHuman', function () {
after(function () {
@@ -195,9 +202,10 @@ describe('Helper', function () {
'(small nearray) string',
'string',
function (prefix, params, postfix) {
- var prefix = prefix.replace(/%(s|d)/g, '%%'),
- postfix = postfix.replace(/%(s|d)/g, '%%'),
- result = prefix + params[0] + postfix;
+ prefix = prefix.replace(/%(s|d)/g, '%%');
+ params[0] = params[0].replace(/%(s|d)/g, '%%');
+ postfix = postfix.replace(/%(s|d)/g, '%%');
+ var result = prefix + params[0] + postfix;
params.unshift(prefix + '%s' + postfix);
return result === $.PrivateBin.Helper.sprintf.apply(this, params);
}
@@ -208,9 +216,9 @@ describe('Helper', function () {
'(small nearray) nat',
'string',
function (prefix, params, postfix) {
- var prefix = prefix.replace(/%(s|d)/g, '%%'),
- postfix = postfix.replace(/%(s|d)/g, '%%'),
- result = prefix + params[0] + postfix;
+ prefix = prefix.replace(/%(s|d)/g, '%%');
+ postfix = postfix.replace(/%(s|d)/g, '%%');
+ var result = prefix + params[0] + postfix;
params.unshift(prefix + '%d' + postfix);
return result === $.PrivateBin.Helper.sprintf.apply(this, params);
}
@@ -221,9 +229,9 @@ describe('Helper', function () {
'(small nearray) falsy',
'string',
function (prefix, params, postfix) {
- var prefix = prefix.replace(/%(s|d)/g, '%%'),
- postfix = postfix.replace(/%(s|d)/g, '%%'),
- result = prefix + '0' + postfix;
+ prefix = prefix.replace(/%(s|d)/g, '%%');
+ postfix = postfix.replace(/%(s|d)/g, '%%');
+ var result = prefix + '0' + postfix;
params.unshift(prefix + '%d' + postfix);
return result === $.PrivateBin.Helper.sprintf.apply(this, params)
}
@@ -236,9 +244,10 @@ describe('Helper', function () {
'string',
'string',
function (prefix, uint, middle, string, postfix) {
- var prefix = prefix.replace(/%(s|d)/g, '%%'),
- postfix = postfix.replace(/%(s|d)/g, '%%'),
- params = [prefix + '%d' + middle + '%s' + postfix, uint, string],
+ prefix = prefix.replace(/%(s|d)/g, '%%');
+ middle = middle.replace(/%(s|d)/g, '%%');
+ postfix = postfix.replace(/%(s|d)/g, '%%');
+ var params = [prefix + '%d' + middle + '%s' + postfix, uint, string],
result = prefix + uint + middle + string + postfix;
return result === $.PrivateBin.Helper.sprintf.apply(this, params);
}
@@ -251,9 +260,10 @@ describe('Helper', function () {
'string',
'string',
function (prefix, uint, middle, string, postfix) {
- var prefix = prefix.replace(/%(s|d)/g, '%%'),
- postfix = postfix.replace(/%(s|d)/g, '%%'),
- params = [prefix + '%s' + middle + '%d' + postfix, string, uint],
+ prefix = prefix.replace(/%(s|d)/g, '%%');
+ middle = middle.replace(/%(s|d)/g, '%%');
+ postfix = postfix.replace(/%(s|d)/g, '%%');
+ var params = [prefix + '%s' + middle + '%d' + postfix, string, uint],
result = prefix + string + middle + uint + postfix;
return result === $.PrivateBin.Helper.sprintf.apply(this, params);
}
@@ -270,10 +280,11 @@ describe('Helper', function () {
cookieArray = [],
count = 0;
labels.forEach(function(item, i) {
- var key = item.replace(/[\s;,=]/g, 'x'),
+ // deliberatly using a non-ascii key for replacing invalid characters
+ var key = item.replace(/[\s;,=]/g, Array(i+2).join('£')),
value = (values[i] || values[0]).replace(/[\s;,=]/g, '');
cookieArray.push(key + '=' + value);
- if (Math.random() < 1 / i)
+ if (Math.random() < 1 / i || selectedKey === key)
{
selectedKey = key;
selectedValue = value;
@@ -325,10 +336,235 @@ describe('Helper', function () {
});
});
+describe('I18n', function () {
+ describe('translate', function () {
+ before(function () {
+ $.PrivateBin.I18n.reset();
+ });
+
+ jsc.property(
+ 'returns message ID unchanged if no translation found',
+ 'string',
+ function (messageId) {
+ messageId = messageId.replace(/%(s|d)/g, '%%');
+ var plurals = [messageId, messageId + 's'],
+ fake = [messageId],
+ result = $.PrivateBin.I18n.translate(messageId);
+ $.PrivateBin.I18n.reset();
+
+ var alias = $.PrivateBin.I18n._(messageId);
+ $.PrivateBin.I18n.reset();
+
+ var p_result = $.PrivateBin.I18n.translate(plurals);
+ $.PrivateBin.I18n.reset();
+
+ var p_alias = $.PrivateBin.I18n._(plurals);
+ $.PrivateBin.I18n.reset();
+
+ var f_result = $.PrivateBin.I18n.translate(fake);
+ $.PrivateBin.I18n.reset();
+
+ var f_alias = $.PrivateBin.I18n._(fake);
+ $.PrivateBin.I18n.reset();
+
+ return messageId === result && messageId === alias &&
+ messageId === p_result && messageId === p_alias &&
+ messageId === f_result && messageId === f_alias;
+ }
+ );
+ jsc.property(
+ 'replaces %s in strings with first given parameter',
+ 'string',
+ '(small nearray) string',
+ 'string',
+ function (prefix, params, postfix) {
+ prefix = prefix.replace(/%(s|d)/g, '%%');
+ params[0] = params[0].replace(/%(s|d)/g, '%%');
+ postfix = postfix.replace(/%(s|d)/g, '%%');
+ var translation = prefix + params[0] + postfix;
+ params.unshift(prefix + '%s' + postfix);
+ var result = $.PrivateBin.I18n.translate.apply(this, params);
+ $.PrivateBin.I18n.reset();
+ var alias = $.PrivateBin.I18n._.apply(this, params);
+ $.PrivateBin.I18n.reset();
+ return translation === result && translation === alias;
+ }
+ );
+ });
+
+ describe('getPluralForm', function () {
+ before(function () {
+ $.PrivateBin.I18n.reset();
+ });
+
+ jsc.property(
+ 'returns valid key for plural form',
+ jsc.elements(supportedLanguages),
+ 'integer',
+ function(language, n) {
+ $.PrivateBin.I18n.reset(language);
+ var result = $.PrivateBin.I18n.getPluralForm(n);
+ // arabic seems to have the highest plural count with 6 forms
+ return result >= 0 && result <= 5;
+ }
+ );
+ });
+
+ // loading of JSON via AJAX needs to be tested in the browser, this just mocks it
+ // TODO: This needs to be tested using a browser.
+ describe('loadTranslations', function () {
+ before(function () {
+ $.PrivateBin.I18n.reset();
+ });
+
+ jsc.property(
+ 'downloads and handles any supported language',
+ jsc.elements(supportedLanguages),
+ function(language) {
+ var clean = jsdom('', {url: 'https://privatebin.net/', cookie: ['lang=' + language]});
+
+ $.PrivateBin.I18n.reset('en');
+ $.PrivateBin.I18n.loadTranslations();
+ $.PrivateBin.I18n.reset(language, require('../i18n/' + language + '.json'));
+ var result = $.PrivateBin.I18n.translate('en'),
+ alias = $.PrivateBin.I18n._('en');
+
+ clean();
+ return language === result && language === alias;
+ }
+ );
+ });
+});
+
+describe('CryptTool', function () {
+ describe('cipher & decipher', function () {
+ this.timeout(30000);
+ it('can en- and decrypt any message', function () {
+ jsc.check(jsc.forall(
+ 'string',
+ 'string',
+ 'string',
+ function (key, password, message) {
+ return message === $.PrivateBin.CryptTool.decipher(
+ key,
+ password,
+ $.PrivateBin.CryptTool.cipher(key, password, message)
+ );
+ }
+ ),
+ // reducing amount of checks as running 100 takes about 5 minutes
+ {tests: 5, quiet: true});
+ });
+
+ // The below static unit tests are included to ensure deciphering of "classic"
+ // SJCL based pastes still works
+ it(
+ 'supports PrivateBin v1 ciphertext (SJCL & Base64 2.1.9)',
+ function () {
+ // Of course you can easily decipher the following texts, if you like.
+ // Bonus points for finding their sources and hidden meanings.
+ var paste1 = $.PrivateBin.CryptTool.decipher(
+ '6t2qsmLyfXIokNCL+3/yl15rfTUBQvm5SOnFPvNE7Q8=',
+ // -- "That's amazing. I've got the same combination on my luggage."
+ Array.apply(0, Array(6)).map(function(_,b) { return b + 1; }).join(''),
+ '{"iv":"4HNFIl7eYbCh6HuShctTIA==","v":1,"iter":10000,"ks":256,"ts":128,"mode":"gcm","adata":"","cipher":"aes","salt":"u0lQvePq6L0=","ct":"fGPUVrDyaVr1ZDGb+kqQ3CPEW8x4YKGfzHDmA0Vjkh250aWNe7Cnigkps9aaFVMX9AaerrTp3yZbojJtNqVGMfLdUTu+53xmZHqRKxCCqSfDNSNoW4Oxk5OVgAtRyuG4bXHDsWTXDNz2xceqzVFqhkwTwlUchrV7uuFK/XUKTNjPFM744moivIcBbfM2FOeKlIFs8RYPYuvqQhp2rMLlNGwwKh//4kykQsHMQDeSDuJl8stMQzgWR/btUBZuwNZEydkMH6IPpTdf5WTSrZ+wC2OK0GutCm4UaEe6txzaTMfu+WRVu4PN6q+N+2zljWJ1XdpVcN/i0Sv4QVMym0Xa6y0eccEhj/69o47PmExmMMeEwExImPalMNT9JUSiZdOZJ/GdzwrwoIuq1mdQR6vSH+XJ/8jXJQ7bjjJVJYXTcT0Di5jixArI2Kpp1GGlGVFbLgPugwU1wczg+byqeDOAECXRRnQcogeaJtVcRwXwfy4j3ORFcblYMilxyHqKBewcYPRVBGtBs50cVjSIkAfR84rnc1nfvnxK/Gmm+4VBNHI6ODWNpRolVMCzXjbKYnV3Are5AgSpsTqaGl41VJGpcco6cAwi4K0Bys1seKR+bLSdUgqRrkEqSRSdu3/VTu9HhEk8an0rjTE4CBB5/LMn16p0TGLoOb32odKFIEtpanVvLjeyiVMvSxcgYLNnTi/5FiaAC4pJxRD+AZHedU1FICUeEXxIcac/4E5qjkHjX9SpQtLl80QLIVnjNliZm7QLB/nKu7W8Jb0+/CiTdV3Q9LhxlH4ciprnX+W0B00BKYFHnL9jRVzKdXhf1EHydbXMAfpCjHAXIVCkFakJinQBDIIw/SC6Yig0u0ddEID2B7LYAP1iE4RZwzTrxCB+ke2jQr8c20Jj6u6ShFOPC9DCw9XupZ4HAalVG00kSgjus+b8zrVji3/LKEhb4EBzp1ctBJCFTeXwej8ZETLoXTylev5dlwZSYAbuBPPcbFR/xAIPx3uDabd1E1gTqUc68ICIGhd197Mb2eRWiSvHr5SPsASerMxId6XA6+iQlRiI+NDR+TGVNmCnfxSlyPFMOHGTmslXOGIqGfBR8l4ft8YVZ70lCwmwTuViGc75ULSf9mM57/LmRzQFMYQtvI8IFK9JaQEMY5xz0HLtR4iyQUUdwR9e0ytBNdWF2a2WPDEnJuY/QJo4GzTlgv4QUxMXI5htsn2rf0HxCFu7Po8DNYLxTS+67hYjDIYWYaEIc8LXWMLyDm9C5fARPJ4F2BIWgzgzkNj+dVjusft2XnziamWdbS5u3kuRlVuz5LQj+R5imnqQAincdZTkTT1nYx+DatlOLllCYIHffpI="}'
+ ),
+ paste2 = $.PrivateBin.CryptTool.decipher(
+ 's9pmKZKOBN7EVvHpTA8jjLFH3Xlz/0l8lB4+ONPACrM=',
+ '', // no password
+ '{"iv":"WA42mdxIVXUwBqZu7JYNiw==","v":1,"iter":10000,"ks":256,"ts":128,"mode":"gcm","adata":"","cipher":"aes","salt":"jN6CjbQMJCM=","ct":"kYYMo5DFG1+w0UHiYXT5pdV0IUuXxzOlslkW/c3DRCbGFROCVkAskHce7HoRczee1N9c5MhHjVMJUIZE02qIS8UyHdJ/GqcPVidTUcj9rnDNWsTXkjVv8jCwHS/cwmAjDTWpwp5ThECN+ov/wNp/NdtTj8Qj7f/T3rfZIOCWfwLH9s4Des35UNcUidfPTNQ1l0Gm0X+r98CCUSYZjQxkZc6hRZBLPQ8EaNVooUwd5eP4GiYlmSDNA0wOSA+5isPYxomVCt+kFf58VBlNhpfNi7BLYAUTPpXT4SfH5drR9+C7NTeZ+tTCYjbU94PzYItOpu8vgnB1/a6BAM5h3m9w+giUb0df4hgTWeZnZxLjo5BN8WV+kdTXMj3/Vv0gw0DQrDcCuX/cBAjpy3lQGwlAN1vXoOIyZJUjMpQRrOLdKvLB+zcmVNtGDbgnfP2IYBzk9NtodpUa27ne0T0ZpwOPlVwevsIVZO224WLa+iQmmHOWDFFpVDlS0t0fLfOk7Hcb2xFsTxiCIiyKMho/IME1Du3X4e6BVa3hobSSZv0rRtNgY1KcyYPrUPW2fxZ+oik3y9SgGvb7XpjVIta8DWlDWRfZ9kzoweWEYqz9IA8Xd373RefpyuWI25zlHoX3nwljzsZU6dC//h/Dt2DNr+IAvKO3+u23cWoB9kgcZJ2FJuqjLvVfCF+OWcig7zs2pTYJW6Rg6lqbBCxiUUlae6xJrjfv0pzD2VYCLY7v1bVTagppwKzNI3WaluCOrdDYUCxUSe56yd1oAoLPRVbYvomRboUO6cjQhEknERyvt45og2kORJOEJayHW+jZgR0Y0jM3Nk17ubpij2gHxNx9kiLDOiCGSV5mn9mV7qd3HHcOMSykiBgbyzjobi96LT2dIGLeDXTIdPOog8wyobO4jWq0GGs0vBB8oSYXhHvixZLcSjX2KQuHmEoWzmJcr3DavdoXZmAurGWLKjzEdJc5dSD/eNr99gjHX7wphJ6umKMM+fn6PcbYJkhDh2GlJL5COXjXfm/5aj/vuyaRRWZMZtmnYpGAtAPg7AUG"}'
+ );
+
+ if (!paste1.includes('securely packed in iron') || !paste2.includes('Sol is right')) {
+ throw Error('v1 (SJCL based) pastes could not be deciphered');
+ }
+ }
+ );
+
+ it(
+ 'supports ZeroBin ciphertext (SJCL & Base64 1.7)',
+ function () {
+ var newBase64 = global.Base64;
+ global.Base64 = require('./base64-1.7').Base64;
+ jsdom();
+ delete require.cache[require.resolve('./privatebin')];
+ require('./privatebin');
+
+ // Of course you can easily decipher the following texts, if you like.
+ // Bonus points for finding their sources and hidden meanings.
+ var paste1 = $.PrivateBin.CryptTool.decipher(
+ '6t2qsmLyfXIokNCL+3/yl15rfTUBQvm5SOnFPvNE7Q8=',
+ // -- "That's amazing. I've got the same combination on my luggage."
+ Array.apply(0, Array(6)).map(function(_,b) { return b + 1; }).join(''),
+ '{"iv":"aTnR2qBL1CAmLX8FdWe3VA==","v":1,"iter":10000,"ks":256,"ts":128,"mode":"gcm","adata":"","cipher":"aes","salt":"u0lQvePq6L0=","ct":"A3nBTvICZtYy6xqbIJE0c8Veored5lMJUGgGUm4581wjrPFlU0Q0tUZSf+RUUoZj2jqDa4kiyyZ5YNMe30hNMV0oVSalNhRgD9svVMnPuF162IbyhVCwr7ULjT981CHxVlGNqGqmIU6L/XixgdArxAA8x1GCrfAkBWWGeq8Qw5vJPG/RCHpwR4Wy3azrluqeyERBzmaOQjO/kM35TiI6IrLYFyYyL7upYlxAaxS0XBMZvN8QU8Lnerwvh5JVC6OkkKrhogajTJIKozCF79yI78c50LUh7tTuI3Yoh7+fXxhoODvQdYFmoiUlrutN7Y5ZMRdITvVu8fTYtX9c7Fiufmcq5icEimiHp2g1bvfpOaGOsFT+XNFgC9215jcp5mpBdN852xs7bUtw+nDrf+LsDEX6iRpRZ+PYgLDN5xQT1ByEtYbeP+tO38pnx72oZdIB3cj8UkOxnxdNiZM5YB5egn4jUj1fHot1I69WoTiUJipZ5PIATv7ScymRB+AYzjxjurQ9lVfX9QtAbEH2dhdmoUo3IDRSXpWNCe9RC1aUIyWfZO7oI7FEohNscHNTLEcT+wFnFUPByLlXmjNZ7FKeNpvUm3jTY4t4sbZH8o2dUl624PAw1INcJ6FKqWGWwoFT2j1MYC+YV/LkLTdjuWfayvwLMh27G/FfKCRbW36vqinegqpPDylsx9+3oFkEw3y5Z8+44oN91rE/4Md7JhPJeRVlFC9TNCj4dA+EVhbbQqscvSnIH2uHkMw7mNNo7xba/YT9KoPDaniqnYqb+q2pX1WNWE7dLS2wfroMAS3kh8P22DAV37AeiNoD2PcI6ZcHbRdPa+XRrRcJhSPPW7UQ0z4OvBfjdu/w390QxAxSxvZewoh49fKKB6hTsRnZb4tpHkjlww=="}'
+ ),
+ paste2 = $.PrivateBin.CryptTool.decipher(
+ 's9pmKZKOBN7EVvHpTA8jjLFH3Xlz/0l8lB4+ONPACrM=',
+ '', // no password
+ '{"iv":"Z7lAZQbkrqGMvruxoSm6Pw==","v":1,"iter":10000,"ks":256,"ts":128,"mode":"gcm","adata":"","cipher":"aes","salt":"jN6CjbQMJCM=","ct":"PuOPWB3i2FPcreSrLYeQf84LdE8RHjsc+MGtiOr4b7doNyWKYtkNorbRadxaPnEee2/Utrp1MIIfY5juJSy8RGwEPX5ciWcYe6EzsXWznsnvhmpKNj9B7eIIrfSbxfy8E2e/g7xav1nive+ljToka3WT1DZ8ILQd/NbnJeHWaoSEOfvz8+d8QJPb1tNZvs7zEY95DumQwbyOsIMKAvcZHJ9OJNpujXzdMyt6DpcFcqlldWBZ/8q5rAUTw0HNx/rCgbhAxRYfNoTLIcMM4L0cXbPSgCjwf5FuO3EdE13mgEDhcClW79m0QvcnIh8xgzYoxLbp0+AwvC/MbZM8savN/0ieWr2EKkZ04ggiOIEyvfCUuNprQBYO+y8kKduNEN6by0Yf4LRCPfmwN+GezDLuzTnZIMhPbGqUAdgV6ExqK2ULEEIrQEMoOuQIxfoMhqLlzG79vXGt2O+BY+4IiYfvmuRLks4UXfyHqxPXTJg48IYbGs0j4TtJPUgp3523EyYLwEGyVTAuWhYAmVIwd/hoV7d7tmfcF73w9dufDFI3LNca2KxzBnWNPYvIZKBwWbq8ncxkb191dP6mjEi7NnhqVk5A6vIBbu4AC5PZf76l6yep4xsoy/QtdDxCMocCXeAML9MQ9uPQbuspOKrBvMfN5igA1kBqasnxI472KBNXsdZnaDddSVUuvhTcETM="}'
+ );
+
+ global.Base64 = newBase64;
+ jsdom();
+ delete require.cache[require.resolve('./privatebin')];
+ require('./privatebin');
+ if (!paste1.includes('securely packed in iron') || !paste2.includes('Sol is right')) {
+ throw Error('v1 (SJCL based) pastes could not be deciphered');
+ }
+ }
+ );
+ });
+
+ describe('isEntropyReady & addEntropySeedListener', function () {
+ it(
+ 'lets us know that enough entropy is collected or make us wait for it',
+ function(done) {
+ if ($.PrivateBin.CryptTool.isEntropyReady()) {
+ done();
+ } else {
+ $.PrivateBin.CryptTool.addEntropySeedListener(function() {
+ done();
+ });
+ }
+ }
+ );
+ });
+
+ describe('getSymmetricKey', function () {
+ var keys = [];
+
+ // the parameter is used to ensure the test is run more then one time
+ jsc.property(
+ 'returns random, non-empty keys',
+ 'nat',
+ function(n) {
+ var key = $.PrivateBin.CryptTool.getSymmetricKey(),
+ result = (key !== '' && keys.indexOf(key) === -1);
+ keys.push(key);
+ return result;
+ }
+ );
+ });
+
+ describe('Base64.js vs SJCL.js vs abab.js', function () {
+ jsc.property(
+ 'these all return the same base64 string',
+ 'string',
+ function(string) {
+ var base64 = Base64.toBase64(string),
+ sjcl = global.sjcl.codec.base64.fromBits(global.sjcl.codec.utf8String.toBits(string)),
+ abab = window.btoa(Base64.utob(string));
+ return base64 === sjcl && sjcl === abab;
+ }
+ );
+ });
+});
+
describe('Model', function () {
describe('getPasteId', function () {
before(function () {
$.PrivateBin.Model.reset();
+ cleanup();
});
jsc.property(
@@ -349,6 +585,28 @@ describe('Model', function () {
return queryString === result;
}
);
+ jsc.property(
+ 'throws exception on empty query string',
+ jsc.nearray(jsc.elements(a2zString)),
+ jsc.nearray(jsc.elements(a2zString)),
+ 'string',
+ function (schema, address, fragment) {
+ var clean = jsdom('', {
+ url: schema.join('') + '://' + address.join('') +
+ '/#' + fragment
+ }),
+ result = false;
+ try {
+ $.PrivateBin.Model.getPasteId();
+ }
+ catch(err) {
+ result = true;
+ }
+ $.PrivateBin.Model.reset();
+ clean();
+ return result;
+ }
+ );
});
describe('getPasteKey', function () {
@@ -389,5 +647,27 @@ describe('Model', function () {
return fragmentString === result;
}
);
+ jsc.property(
+ 'throws exception on empty fragment of the URL',
+ jsc.nearray(jsc.elements(a2zString)),
+ jsc.nearray(jsc.elements(a2zString)),
+ jsc.array(jsc.elements(queryString)),
+ function (schema, address, query) {
+ var clean = jsdom('', {
+ url: schema.join('') + '://' + address.join('') +
+ '/?' + query.join('')
+ }),
+ result = false;
+ try {
+ $.PrivateBin.Model.getPasteKey();
+ }
+ catch(err) {
+ result = true;
+ }
+ $.PrivateBin.Model.reset();
+ clean();
+ return result;
+ }
+ );
});
});
diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php
index e1df5d7..6fc01bd 100644
--- a/tpl/bootstrap.php
+++ b/tpl/bootstrap.php
@@ -69,7 +69,7 @@ if ($MARKDOWN):
-
+
diff --git a/tpl/page.php b/tpl/page.php
index c38a1eb..46b8df1 100644
--- a/tpl/page.php
+++ b/tpl/page.php
@@ -47,7 +47,7 @@ if ($MARKDOWN):
-
+
diff --git a/tst/README.md b/tst/README.md
index 76e69ee..e11bc49 100644
--- a/tst/README.md
+++ b/tst/README.md
@@ -2,7 +2,7 @@ Running PHP unit tests
======================
In order to run these tests, you will need to install the following packages
-and its dependencies:
+and their dependencies:
* phpunit
* php-gd
* php-sqlite3
@@ -13,12 +13,30 @@ Example for Debian and Ubuntu:
$ sudo apt install phpunit php-gd php-sqlite php-xdebug
```
-To run the tests, just change into this directory and run phpunit:
+To run the tests, change into the `tst` directory and run phpunit:
```console
$ cd PrivateBin/tst
$ phpunit
```
+Additionally there is the `ConfigurationTestGenerator`. Based on the
+configurations defined in its constructor, it generates the unit test file
+`tst/ConfigurationCombinationsTest.php`, containing all possible combinations
+of these configurations and tests for (most of the) valid combinations. Some of
+combinations can't be tested with this method, i.e. a valid option combined with
+an invalid one. Other very specific test cases (i.e. to trigger multiple errors)
+are covered in `tst/PrivateBinTest.php`. Here is how to generate the
+configuration test and run it:
+
+```console
+$ cd PrivateBin/tst
+$ php ConfigurationTestGenerator.php
+$ phpunit ConfigurationCombinationsTest.php
+```
+
+Note that it can take an hour or longer to run the several thousand tests.
+
+
Running JavaScript unit tests
=============================
@@ -36,8 +54,8 @@ $ cd PrivateBin/js
$ npm install jsverify jsdom jsdom-global
```
-Example for Debian and Ubuntu, including steps to allow current user to install
-node modules globally:
+Example for Debian and Ubuntu, including steps to allow the current user to
+install node modules globally:
```console
$ sudo apt install npm
$ sudo mkdir /usr/local/lib/node_modules
@@ -54,3 +72,46 @@ $ cd PrivateBin/js
$ istanbul cover _mocha
```
+Property based unit testing
+---------------------------
+
+In the JavaScript unit tests we use the JSVerify library to leverage property
+based unit testing. Instead of artificially creating specific test cases to
+cover all relevant paths of the tested code (with the generated coverage reports
+providing means to check the tested paths), property based testing allows us to
+describe the patterns of data that are valid input.
+
+With each run of the tests, for each `jsc.property` 100 random inputs are
+generated and tested. For example we tell the test to generate random strings,
+which will include empty strings, numeric strings, long strings, unicode
+sequences, etc. This is great for finding corner cases that one might not think
+of when explicitly writing one test case at a time.
+
+There is another benefit, too: When an error is found, JSVerify will try to find
+the smallest, still failing test case for you and print this out including the
+associated random number generator (RNG) state, so you can reproduce it easily:
+
+```console
+[...]
+
+ 30 passing (3s)
+ 1 failing
+
+ 1) Helper getCookie returns the requested cookie:
+ Error: Failed after 30 tests and 11 shrinks. rngState: 88caf85079d32e416b; Counterexample: ["{", "9", "9", "YD8%fT"]; [" ", "_|K:"];
+
+[...]
+```
+
+Of course it may just be that you need to adjust a test case if the random
+pattern generated is ambiguous. In the above example the cookie string would
+contain two identical keys "9", something that may not be valid, but that our
+code could encounter and needs to be able to handle.
+
+After you adjusted the code of the library or the test you can rerun the test
+with the same RNG state as follows:
+
+```console
+$ istanbul cover _mocha -- test.js --jsverifyRngState 88caf85079d32e416b
+```
+