Skip to content

Commit

Permalink
Add config module for xsslint
Browse files Browse the repository at this point in the history
  • Loading branch information
@amangano-edx
amangano-edx committed Mar 1, 2018
1 parent d815f5c commit 3e7df86
Show file tree
Hide file tree
Showing 9 changed files with 207 additions and 69 deletions.
3 changes: 2 additions & 1 deletion pavelib/quality.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -434,10 +434,11 @@ def run_xsslint(options):
_prepare_report_dir(xsslint_report_dir)

sh(
"{repo_root}/scripts/xsslint/{xsslint_script} --rule-totals >> {xsslint_report}".format(
"{repo_root}/scripts/xsslint/{xsslint_script} --rule-totals --config={cfg_module} >> {xsslint_report}".format(
repo_root=Env.REPO_ROOT,
xsslint_script=xsslint_script,
xsslint_report=xsslint_report,
cfg_module='scripts.xsslint_config'
),
ignore_error=True
)
Expand Down
2 changes: 1 addition & 1 deletion scripts/xss-commit-linter.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,6 @@ else
for f in $diff_files; do
echo ""
echo "Linting $f:"
./scripts/xsslint/xss_linter.py $f
./scripts/xsslint/xss_linter.py --config=scripts.xsslint_config $f
done
fi
74 changes: 44 additions & 30 deletions scripts/xsslint/tests/test_linters.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,19 @@
from xsslint.utils import ParseString


def _build_javascript_linter():
return JavaScriptLinter(
underscore_linter=UnderscoreTemplateLinter()
)


def _build_mako_linter():
return MakoTemplateLinter(
javascript_linter=_build_javascript_linter(),
python_linter=PythonLinter(),
)


class TestLinter(TestCase):
"""
Test Linter base class
Expand Down Expand Up @@ -219,7 +232,7 @@ def test_concat_with_html(self, data):
"""
Test check_javascript_file_is_safe with concatenating strings and HTML
"""
linter = JavaScriptLinter()
linter = _build_javascript_linter()
results = FileResults('')

linter.check_javascript_file_is_safe(data['template'], results)
Expand Down Expand Up @@ -249,7 +262,7 @@ def test_jquery_append(self, data):
"""
Test check_javascript_file_is_safe with JQuery append()
"""
linter = JavaScriptLinter()
linter = _build_javascript_linter()
results = FileResults('')

linter.check_javascript_file_is_safe(data['template'], results)
Expand Down Expand Up @@ -277,7 +290,7 @@ def test_jquery_prepend(self, data):
"""
Test check_javascript_file_is_safe with JQuery prepend()
"""
linter = JavaScriptLinter()
linter = _build_javascript_linter()
results = FileResults('')

linter.check_javascript_file_is_safe(data['template'], results)
Expand Down Expand Up @@ -309,7 +322,7 @@ def test_jquery_insertion(self, data):
other than append(), prepend() and html() that take content as an
argument (e.g. before(), after()).
"""
linter = JavaScriptLinter()
linter = _build_javascript_linter()
results = FileResults('')

linter.check_javascript_file_is_safe(data['template'], results)
Expand Down Expand Up @@ -340,7 +353,7 @@ def test_jquery_insert_to_target(self, data):
functions that take a target as an argument, like appendTo() and
prependTo().
"""
linter = JavaScriptLinter()
linter = _build_javascript_linter()
results = FileResults('')

linter.check_javascript_file_is_safe(data['template'], results)
Expand All @@ -364,7 +377,7 @@ def test_jquery_html(self, data):
"""
Test check_javascript_file_is_safe with JQuery html()
"""
linter = JavaScriptLinter()
linter = _build_javascript_linter()
results = FileResults('')

linter.check_javascript_file_is_safe(data['template'], results)
Expand All @@ -379,7 +392,7 @@ def test_javascript_interpolate(self, data):
"""
Test check_javascript_file_is_safe with interpolate()
"""
linter = JavaScriptLinter()
linter = _build_javascript_linter()
results = FileResults('')

linter.check_javascript_file_is_safe(data['template'], results)
Expand All @@ -394,7 +407,7 @@ def test_javascript_interpolate(self, data):
"""
Test check_javascript_file_is_safe with interpolate()
"""
linter = JavaScriptLinter()
linter = _build_javascript_linter()
results = FileResults('')

linter.check_javascript_file_is_safe(data['template'], results)
Expand Down Expand Up @@ -737,7 +750,8 @@ def test_is_valid_directory(self, data):
"""
Test _is_valid_directory correctly determines mako directories
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
linter._skip_mako_dirs = ('test_root',)

self.assertEqual(linter._is_valid_directory(data['directory']), data['expected'])

Expand Down Expand Up @@ -785,7 +799,7 @@ def test_check_page_default(self, data):
"""
Test _check_mako_file_is_safe with different page defaults
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

linter._check_mako_file_is_safe(data['template'], results)
Expand All @@ -808,7 +822,7 @@ def test_check_mako_expressions_in_html(self, data):
"""
Test _check_mako_file_is_safe in html context provides appropriate violations
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

mako_template = textwrap.dedent("""
Expand All @@ -825,7 +839,7 @@ def test_check_mako_expression_display_name(self):
Test _check_mako_file_is_safe with display_name_with_default_escaped
fails.
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

mako_template = textwrap.dedent("""
Expand Down Expand Up @@ -971,7 +985,7 @@ def test_check_mako_with_text_and_html(self, data):
"""
Test _check_mako_file_is_safe tests for proper use of Text() and Html().
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

mako_template = textwrap.dedent("""
Expand All @@ -988,7 +1002,7 @@ def test_check_mako_entity_with_no_default(self):
Test _check_mako_file_is_safe does not fail on entities when
safe-by-default is not set.
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

mako_template = "${'Rock & Roll'}"
Expand All @@ -1003,7 +1017,7 @@ def test_check_mako_expression_default_disabled(self):
Test _check_mako_file_is_safe with disable pragma for safe-by-default
works to designate that this is not a Mako file
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

mako_template = textwrap.dedent("""
Expand All @@ -1023,7 +1037,7 @@ def test_check_mako_expression_disabled(self):
Test _check_mako_file_is_safe with disable pragma results in no
violation
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

mako_template = textwrap.dedent("""
Expand All @@ -1047,7 +1061,7 @@ def test_check_mako_on_django_template(self, data):
Test _check_mako_file_is_safe with disable pragma results in no
violation
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

linter._check_mako_file_is_safe(data['template'], results)
Expand All @@ -1059,7 +1073,7 @@ def test_check_mako_expressions_in_html_with_escape_filter(self):
Test _check_mako_file_is_safe results in no violations,
when strip_all_tags_but_br filter is applied in html context
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

mako_template = textwrap.dedent("""
Expand All @@ -1075,7 +1089,7 @@ def test_check_mako_expressions_in_html_without_default(self):
Test _check_mako_file_is_safe in html context without the page level
default h filter suppresses expression level violation
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

mako_template = textwrap.dedent("""
Expand All @@ -1100,7 +1114,7 @@ def test_check_mako_expressions_in_javascript(self, data):
Test _check_mako_file_is_safe in JavaScript script context provides
appropriate violations
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

mako_template = textwrap.dedent("""
Expand All @@ -1126,7 +1140,7 @@ def test_check_mako_expressions_in_require_module(self, data):
Test _check_mako_file_is_safe in JavaScript require context provides
appropriate violations
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

mako_template = textwrap.dedent("""
Expand All @@ -1152,7 +1166,7 @@ def test_check_mako_expressions_in_require_js(self, data):
Test _check_mako_file_is_safe in JavaScript require js context provides
appropriate violations
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

mako_template = textwrap.dedent("""
Expand Down Expand Up @@ -1183,7 +1197,7 @@ def test_check_mako_expressions_in_script_type(self, data):
"""
Test _check_mako_file_is_safe in script tag with different media types
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

mako_template = textwrap.dedent("""
Expand All @@ -1205,7 +1219,7 @@ def test_check_mako_expressions_in_mixed_contexts(self):
Test _check_mako_file_is_safe in mixed contexts provides
appropriate violations
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

mako_template = textwrap.dedent("""
Expand Down Expand Up @@ -1242,7 +1256,7 @@ def test_check_mako_expressions_javascript_strings(self):
- mako_js_missing_quotes
- mako_js_html_string
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

mako_template = textwrap.dedent("""
Expand Down Expand Up @@ -1277,7 +1291,7 @@ def test_check_javascript_in_mako_javascript_context(self):
Test _check_mako_file_is_safe with JavaScript error in JavaScript
context.
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

mako_template = textwrap.dedent("""
Expand Down Expand Up @@ -1311,7 +1325,7 @@ def test_expression_detailed_results(self, data):
Test _check_mako_file_is_safe provides detailed results, including line
numbers, columns, and line
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()
results = FileResults('')

linter._check_mako_file_is_safe(data['template'], results)
Expand Down Expand Up @@ -1346,7 +1360,7 @@ def test_find_mako_expressions(self, data):
"""
Test _find_mako_expressions for parseable expressions
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()

expressions = linter._find_mako_expressions(data['template'])

Expand All @@ -1364,7 +1378,7 @@ def test_find_unparseable_mako_expressions(self, data):
"""
Test _find_mako_expressions for unparseable expressions
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()

expressions = linter._find_mako_expressions(data['template'])
self.assertTrue(2 <= len(expressions))
Expand Down Expand Up @@ -1401,7 +1415,7 @@ def test_parse_string(self, data):
"""
Test _parse_string helper
"""
linter = MakoTemplateLinter()
linter = _build_mako_linter()

parse_string = ParseString(data['template'], data['result']['start_index'], len(data['template']))
string_dict = {
Expand Down
20 changes: 15 additions & 5 deletions scripts/xsslint/tests/test_main.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,13 @@ def patch_is_valid_directory(self, linter_class):
self.addCleanup(patcher.stop)
return patch_start

def _build_linters(self):
underscore_linter = UnderscoreTemplateLinter()
python_linter = PythonLinter()
javascript_linter = JavaScriptLinter(underscore_linter=underscore_linter)
mako_linter = MakoTemplateLinter(javascript_linter=javascript_linter, python_linter=python_linter)
return [mako_linter, underscore_linter, javascript_linter, python_linter]

def test_lint_defaults(self):
"""
Tests the top-level linting with default options.
Expand All @@ -55,11 +62,12 @@ def test_lint_defaults(self):

_lint(
'scripts/xsslint/tests/templates',
template_linters=[MakoTemplateLinter(), UnderscoreTemplateLinter(), JavaScriptLinter(), PythonLinter()],
template_linters=self._build_linters(),
options={
'list_files': False,
'verbose': False,
'rule_totals': False,
'skip_dirs': ()
},
summary_results=summary_results,
out=out,
Expand Down Expand Up @@ -97,11 +105,12 @@ def test_lint_with_verbose(self):

_lint(
'scripts/xsslint/tests/templates',
template_linters=[MakoTemplateLinter(), UnderscoreTemplateLinter(), JavaScriptLinter(), PythonLinter()],
template_linters=self._build_linters(),
options={
'list_files': False,
'verbose': True,
'rule_totals': False,
'skip_dirs': ()
},
summary_results=summary_results,
out=out,
Expand Down Expand Up @@ -131,11 +140,12 @@ def test_lint_with_rule_totals(self):

_lint(
'scripts/xsslint/tests/templates',
template_linters=[MakoTemplateLinter(), UnderscoreTemplateLinter(), JavaScriptLinter(), PythonLinter()],
template_linters=self._build_linters(),
options={
'list_files': False,
'verbose': False,
'rule_totals': True,
'skip_dirs': ()
},
summary_results=summary_results,
out=out,
Expand All @@ -155,14 +165,14 @@ def test_lint_with_list_files(self):
"""
out = StringIO()
summary_results = SummaryResults()

_lint(
'scripts/xsslint/tests/templates',
template_linters=[MakoTemplateLinter(), UnderscoreTemplateLinter(), JavaScriptLinter(), PythonLinter()],
template_linters=self._build_linters(),
options={
'list_files': True,
'verbose': False,
'rule_totals': False,
'skip_dirs': ()
},
summary_results=summary_results,
out=out,
Expand Down
Loading

0 comments on commit 3e7df86

Please sign in to comment.