From 65c5393ad6033cc35f8f847c8b6d49cfebe45a75 Mon Sep 17 00:00:00 2001 From: Rob Hudson Date: Thu, 11 Jul 2013 14:08:18 -0700 Subject: [PATCH] Updated origin validation (bug 892604) --- appvalidator/specs/webapps.py | 3 ++- tests/test_webapp.py | 27 ++++++++++++++++++++++++++- 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/appvalidator/specs/webapps.py b/appvalidator/specs/webapps.py index 966546d..41b0a3a 100644 --- a/appvalidator/specs/webapps.py +++ b/appvalidator/specs/webapps.py @@ -180,7 +180,8 @@ class WebappSpec(Spec): }, "origin": { "expected_type": types.StringTypes, - "value_matches": r"app://.+", + "value_matches": r"^app://[a-z0-9]+([-.]{1}[a-z0-9]+)*" + r"\.[a-z]{2,5}$" } } } diff --git a/tests/test_webapp.py b/tests/test_webapp.py index e33324c..5ac95fd 100644 --- a/tests/test_webapp.py +++ b/tests/test_webapp.py @@ -842,10 +842,25 @@ class TestWebapps(TestCase): self.assert_failed(with_errors=True) def test_origin_pass(self): - self.data['origin'] = 'app://hello' + self.data['origin'] = 'app://domain.com' self.analyze() self.assert_silent() + def test_origin_dashes(self): + self.data['origin'] = 'app://my-domain.com' + self.analyze() + self.assert_silent() + + def test_origin_subdomains(self): + self.data['origin'] = 'app://sub.domain.com' + self.analyze() + self.assert_silent() + + def test_origin_non_fqdn(self): + self.data['origin'] = 'app://hello' + self.analyze() + self.assert_failed(with_errors=True) + def test_origin_type(self): self.data['origin'] = 123 self.analyze() @@ -855,3 +870,13 @@ class TestWebapps(TestCase): self.data['origin'] = 'http://asdf' self.analyze() self.assert_failed(with_errors=True) + + def test_origin_path(self): + self.data['origin'] = 'app://domain.com/path' + self.analyze() + self.assert_failed(with_errors=True) + + def test_origin_path_trailing_slash(self): + self.data['origin'] = 'app://domain.com/' + self.analyze() + self.assert_failed(with_errors=True)