• last updated 15 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Replicate injection attempt by penetration tools

bugfix: fixed test test_ad_register_proc when running in a container

When runnig in a container, one cannot use util_current_localtion, which refers

to the URL to reach the server from the container host. To address the server

inside the container, acs::test::url should be used.

This change does not matter for non-containerized applications

Provide facilities to validate against invalid SQL strings

We introduce a new page contract filter and nsf validator called "dbtext". They implement enforcing of a value to be useable in an SQL query. Currently, this means that the value should not contain the NUL character, but the definition may change in the future or become database-specific.

The html contract filter has also be extended to reject the NUL character.

The test suite has been updated/extended to reflect the changes.

  1. … 2 more files in changeset.
improved spelling

Move test from acs-kernel to acs-tcl, add remarks

  1. … 1 more file in changeset.
Make URLs assumed to be hosted on openacs.org absolute

  1. … 3 more files in changeset.
Improve test for singleton package parameters (aka instance parameters of singleton packages):

- do not choose a parameter at random, test them all instead

- do not test for global parameters. For those, the api will behave differently

- do not test for parameters coming from the configuration file. The parameter::* api does not allow to manipulate those

- do not check for packages that are not mounted. A value would not be found for those

fix typo

skip "-url" in "export_vars -url" since it is the default

  1. … 11 more files in changeset.
Disable tests to check for executables on the system

  1. … 7 more files in changeset.
improve spelling

  1. … 5 more files in changeset.
Deprecate apm_file_type_keys, which can be inlined by a simple dict idiom

  1. … 2 more files in changeset.
Test apm_workspace directory api

Test creating and extracting an APM Package tarball

file apm-file-procs.tcl was initially added on branch oacs-5-10.

As tcllib was released in 2016, I believe we can cleanup the legacy zip implementation

  1. … 1 more file in changeset.
Extend the test to cover also cornercase behavior concerning overwriting of files

Test zipping and unzipping utilities

Make test less tautological

Test for psql only when this is expected

Test external command dependencies

This will currently fail because of a bug in db_get_pgbin

Test ad_change_password

addeded page contract filter: safetclchars

safetclchars should be used in cases, were the variable value is passed

to "subst", or "eval"...

  1. … 1 more file in changeset.
Save and restore all variables properly to not be influenced or interfere with other tests

Increase proc coverage

Test ad_schedule_proc

Make test more robust with respect to side effects from other code around

Test ad_raise and ad_exception

file exception-procs.tcl was initially added on branch oacs-5-10.

Test ad_safe_eval api