-
Notifications
You must be signed in to change notification settings - Fork 474
/
test_mechanize_file_response.rb
48 lines (41 loc) · 1.36 KB
/
test_mechanize_file_response.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# frozen_string_literal: true
require 'mechanize/test_case'
class TestMechanizeFileResponse < Mechanize::TestCase
def test_file_path
res = Mechanize::FileResponse.new("/path/to/foo.html")
assert_equal("/path/to/foo.html", res.file_path)
end
def test_content_type
Tempfile.open %w[pi .nothtml] do |tempfile|
res = Mechanize::FileResponse.new tempfile.path
assert_nil res['content-type']
end
Tempfile.open %w[pi .xhtml] do |tempfile|
res = Mechanize::FileResponse.new tempfile.path
assert_equal 'text/html', res['content-type']
end
Tempfile.open %w[pi .html] do |tempfile|
res = Mechanize::FileResponse.new tempfile.path
assert_equal 'text/html', res['Content-Type']
end
end
def test_read_body
Tempfile.open %w[pi .html] do |tempfile|
tempfile.write("asdfasdfasdf")
tempfile.close
res = Mechanize::FileResponse.new(tempfile.path)
res.read_body do |input|
assert_equal("asdfasdfasdf", input)
end
end
end
def test_read_body_does_not_allow_command_injection
skip if windows?
in_tmpdir do
FileUtils.touch('| ruby -rfileutils -e \'FileUtils.touch("vul.txt")\'')
res = Mechanize::FileResponse.new('| ruby -rfileutils -e \'FileUtils.touch("vul.txt")\'')
res.read_body { |_| }
refute_operator(File, :exist?, "vul.txt")
end
end
end