diff options
author | Joanna Hulboj <joanna.hulboj@isode.com> | 2019-09-12 08:54:19 (GMT) |
---|---|---|
committer | Joanna Hulboj <joanna.hulboj@isode.com> | 2019-09-16 08:17:07 (GMT) |
commit | 181ac4a83ba4a82be683fb0a6f08393d3c91320c (patch) | |
tree | 76e41aac0cda8be5582137d34cb0c9f5683c9dc2 /Swiften/Parser/UnitTest | |
parent | 415870c04a7e6cabf13e6acf3a94bb0f68732907 (diff) | |
download | swift-181ac4a83ba4a82be683fb0a6f08393d3c91320c.zip swift-181ac4a83ba4a82be683fb0a6f08393d3c91320c.tar.bz2 |
Close the stream for disallowed XML features
According to RFC 6120 if any disallowed XML feature is encountered,
we should close the stream with a <restricted-xml/>. The following
features of XML are prohibited in XMPP:
- processing instructions
- internal or external DTD subsets
- internal or external entity references
- comments
Test-information:
Unit tests pass on Windows 10 and Ubuntu 18.04.1 LTS
Change-Id: I475920c91b7f9da51ab37c106a4783a52f6e3cae
Diffstat (limited to 'Swiften/Parser/UnitTest')
-rw-r--r-- | Swiften/Parser/UnitTest/XMLParserTest.cpp | 42 |
1 files changed, 39 insertions, 3 deletions
diff --git a/Swiften/Parser/UnitTest/XMLParserTest.cpp b/Swiften/Parser/UnitTest/XMLParserTest.cpp index c026b4b..63d30ea 100644 --- a/Swiften/Parser/UnitTest/XMLParserTest.cpp +++ b/Swiften/Parser/UnitTest/XMLParserTest.cpp @@ -39,6 +39,10 @@ class XMLParserTest : public CppUnit::TestFixture { CPPUNIT_TEST(testParse_InternalEntity); //CPPUNIT_TEST(testParse_UndefinedPrefix); //CPPUNIT_TEST(testParse_UndefinedAttributePrefix); + CPPUNIT_TEST(testParse_AllowCommentsInXML); + CPPUNIT_TEST(testParse_DisallowCommentsInXML); + CPPUNIT_TEST(testParse_Doctype); + CPPUNIT_TEST(testParse_ProcessingInstructions); CPPUNIT_TEST_SUITE_END(); public: @@ -185,7 +189,7 @@ class XMLParserTest : public CppUnit::TestFixture { } void testParse_UnhandledXML() { - ParserType testling(&client_); + ParserType testling(&client_, true); CPPUNIT_ASSERT(testling.parse("<iq><!-- Testing --></iq>")); @@ -331,13 +335,44 @@ class XMLParserTest : public CppUnit::TestFixture { void testParse_UndefinedAttributePrefix() { ParserType testling(&client_); - CPPUNIT_ASSERT(testling.parse( - "<foo bar:baz='bla'/>")); + CPPUNIT_ASSERT(testling.parse("<foo bar:baz='bla'/>")); CPPUNIT_ASSERT_EQUAL(static_cast<size_t>(1), client_.events[0].attributes.getEntries().size()); CPPUNIT_ASSERT_EQUAL(std::string("bar:baz"), client_.events[0].attributes.getEntries()[0].getAttribute().getName()); } + void testParse_AllowCommentsInXML() { + ParserType testling(&client_, true); + + CPPUNIT_ASSERT(testling.parse("<message><!-- Some More Comments Testing --></message>")); + + CPPUNIT_ASSERT_EQUAL(static_cast<size_t>(2), client_.events.size()); + + CPPUNIT_ASSERT_EQUAL(Client::StartElement, client_.events[0].type); + CPPUNIT_ASSERT_EQUAL(std::string("message"), client_.events[0].data); + + CPPUNIT_ASSERT_EQUAL(Client::EndElement, client_.events[1].type); + CPPUNIT_ASSERT_EQUAL(std::string("message"), client_.events[1].data); + } + + void testParse_DisallowCommentsInXML() { + ParserType testling(&client_); + + CPPUNIT_ASSERT(!testling.parse("<message><!-- Some More Comments Testing --></message>")); + } + + void testParse_Doctype() { + ParserType testling(&client_); + + CPPUNIT_ASSERT(!testling.parse("<!DOCTYPE greeting SYSTEM \"hello.dtd\">")); + } + + void testParse_ProcessingInstructions() { + ParserType testling(&client_); + + CPPUNIT_ASSERT(!testling.parse("<?xml-stylesheet type=\"text/xsl\" href=\"Sample.xsl\"?>")); + } + private: class Client : public XMLParserClient { public: @@ -378,6 +413,7 @@ class XMLParserTest : public CppUnit::TestFixture { void handleNamespaceDeclaration(const std::string& prefix, const std::string& uri) override { namespaces_[prefix] = uri; } + std::vector<Event> events; private: NamespaceMap namespaces_; |