Author: olamy
Date: Mon Sep 19 10:10:14 2011
New Revision: 1172554

URL: http://svn.apache.org/viewvc?rev=1172554&view=rev
Log:
fix more selenium tests no need to wait server response for client side 
validation

Modified:
    
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/AppearanceTest.java
    
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/XSSSecurityTest.java
    
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/parent/AbstractArchivaTest.java
    
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/parent/AbstractSeleniumTest.java

Modified: 
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/AppearanceTest.java
URL: 
http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/AppearanceTest.java?rev=1172554&r1=1172553&r2=1172554&view=diff
==============================================================================
--- 
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/AppearanceTest.java
 (original)
+++ 
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/AppearanceTest.java
 Mon Sep 19 10:10:14 2011
@@ -30,55 +30,67 @@ public class AppearanceTest
     {
         goToAppearancePage();
         clickLinkWithText( "Edit" );
-        addEditAppearance( "", "", "" );
+        addEditAppearance( "", "", "", false );
         assertTextPresent( "You must enter a name" );
     }
 
-    @Test( dependsOnMethods = { "testAddAppearanceEmptyValues" })
-       public void testAddAppearanceInvalidValues()
-       {
-               addEditAppearance( "<>~+[ ]'\"" , 
"/home/user/abcXYZ0129._/\\~:?!&=-<> ~+[ ]'\"" , 
"/home/user/abcXYZ0129._/\\~:?!&=-<> ~+[ ]'\"" );
-               assertTextPresent( "Organisation name must only contain 
alphanumeric characters, white-spaces(' '), equals(=), question-marks(?), 
exclamation-points(!), ampersands(&), forward-slashes(/), back-slashes(\\), 
underscores(_), dots(.), colons(:), tildes(~), and dashes(-)." );
+    @Test( dependsOnMethods = { "testAddAppearanceEmptyValues" } )
+    public void testAddAppearanceInvalidValues()
+    {
+        addEditAppearance( "<>~+[ ]'\"", "/home/user/abcXYZ0129._/\\~:?!&=-<> 
~+[ ]'\"",
+                           "/home/user/abcXYZ0129._/\\~:?!&=-<> ~+[ ]'\"", 
false );
+        assertTextPresent(
+            "Organisation name must only contain alphanumeric characters, 
white-spaces(' '), equals(=), question-marks(?), exclamation-points(!), 
ampersands(&), forward-slashes(/), back-slashes(\\), underscores(_), dots(.), 
colons(:), tildes(~), and dashes(-)." );
+        assertTextPresent( "You must enter a URL" );
+        //assertXpathCount( "//tr errorfor='saveAppearance_organisationUrl'", 
1 );
+        assertXpathCount( "//span[@class='errorMessage/text()='You must enter 
a URL']", 1 );
+        assertTextPresent( "You must enter a URL for your logo" );
+        assertXpathCount( "//span[@class='errorMessage/text()='You must enter 
a URL for your logo']", 1 );
+
+    }
+
+    @Test( dependsOnMethods = { "testAddAppearanceInvalidValues" } )
+    public void testAddAppearanceInvalidOrganisationName()
+    {
+        addEditAppearance( "<>~+[ ]'\"", "http://www.apache.org/";, 
"http://www.apache.org/images/asf_logo_wide.gifs";,
+                           false );
+        assertTextPresent(
+            "Organisation name must only contain alphanumeric characters, 
white-spaces(' '), equals(=), question-marks(?), exclamation-points(!), 
ampersands(&), forward-slashes(/), back-slashes(\\), underscores(_), dots(.), 
colons(:), tildes(~), and dashes(-)." );
+    }
+
+    @Test( dependsOnMethods = { "testAddAppearanceInvalidOrganisationName" } )
+    public void testAddAppearanceInvalidOrganisationUrl()
+    {
+        addEditAppearance( "The Apache Software Foundation", 
"/home/user/abcXYZ0129._/\\~:?!&=-<> ~+[ ]'\"",
+                           "http://www.apache.org/images/asf_logo_wide.gifs";, 
false );
         assertTextPresent( "You must enter a URL" );
-        assertXpathCount("//span[@class='errorMessage' and text()='You must 
enter a URL']", 2);
+        assertXpathCount( "//span[@class='errorMessage/text()='You must enter 
a URL']", 1 );
     }
 
-    @Test( dependsOnMethods = { "testAddAppearanceInvalidValues" })
-       public void testAddAppearanceInvalidOrganisationName()
-       {
-               addEditAppearance( "<>~+[ ]'\"" , "http://www.apache.org/"; , 
"http://www.apache.org/images/asf_logo_wide.gifs"; );
-        assertTextPresent( "Organisation name must only contain alphanumeric 
characters, white-spaces(' '), equals(=), question-marks(?), 
exclamation-points(!), ampersands(&), forward-slashes(/), back-slashes(\\), 
underscores(_), dots(.), colons(:), tildes(~), and dashes(-)." );
-       }
-
-    @Test( dependsOnMethods = { "testAddAppearanceInvalidOrganisationName" })
-       public void testAddAppearanceInvalidOrganisationUrl()
-       {
-               addEditAppearance( "The Apache Software Foundation" , 
"/home/user/abcXYZ0129._/\\~:?!&=-<> ~+[ ]'\"" , 
"http://www.apache.org/images/asf_logo_wide.gifs"; );
-               assertTextPresent( "You must enter a URL" );
-        assertXpathCount("//span[@class='errorMessage' and text()='You must 
enter a URL']", 1);
-    }
-
-    @Test( dependsOnMethods = { "testAddAppearanceInvalidOrganisationUrl" })
-       public void testAddAppearanceInvalidOrganisationLogo()
-       {
-               addEditAppearance( "The Apache Software Foundation" , 
"http://www.apache.org/"; , "/home/user/abcXYZ0129._/\\~:?!&=-<> ~+[ ]'\"" );
-               assertTextPresent( "You must enter a URL" );
-        assertXpathCount("//span[@class='errorMessage' and text()='You must 
enter a URL']", 1);
-    }
-
-       @Test( dependsOnMethods = { "testAddAppearanceInvalidOrganisationLogo" 
})
-       public void testAddAppearanceValidValues()
-       {
-               addEditAppearance( "The Apache Software Foundation" , 
"http://www.apache.org/"; , "http://www.apache.org/images/asf_logo_wide.gifs"; );
-               assertTextPresent( "The Apache Software Foundation" );
-       }
-       
-       @Test( dependsOnMethods = { "testAddAppearanceValidValues" })
-       public void testEditAppearance()
-       {
-               clickLinkWithText( "Edit" );
-               addEditAppearance( "Apache Software Foundation" , 
"http://www.apache.org/"; , "http://www.apache.org/images/asf_logo_wide.gifs"; );
-               assertTextPresent( "Apache Software Foundation" );
+    @Test( dependsOnMethods = { "testAddAppearanceInvalidOrganisationUrl" } )
+    public void testAddAppearanceInvalidOrganisationLogo()
+    {
+        addEditAppearance( "The Apache Software Foundation", 
"http://www.apache.org/";,
+                           "/home/user/abcXYZ0129._/\\~:?!&=-<> ~+[ ]'\"", 
false );
+        assertTextPresent( "You must enter a URL" );
+        assertXpathCount( "//span[@class='errorMessage'/text()='You must enter 
a URL']", 1 );
+    }
+
+    @Test( dependsOnMethods = { "testAddAppearanceInvalidOrganisationLogo" } )
+    public void testAddAppearanceValidValues()
+    {
+        addEditAppearance( "The Apache Software Foundation", 
"http://www.apache.org/";,
+                           "http://www.apache.org/images/asf_logo_wide.gifs";, 
true );
+        assertTextPresent( "The Apache Software Foundation" );
+    }
+
+    @Test( dependsOnMethods = { "testAddAppearanceValidValues" } )
+    public void testEditAppearance()
+    {
+        clickLinkWithText( "Edit" );
+        addEditAppearance( "Apache Software Foundation", 
"http://www.apache.org/";,
+                           "http://www.apache.org/images/asf_logo_wide.gifs";, 
true );
+        assertTextPresent( "Apache Software Foundation" );
     }
 
 }
\ No newline at end of file

Modified: 
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/XSSSecurityTest.java
URL: 
http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/XSSSecurityTest.java?rev=1172554&r1=1172553&r2=1172554&view=diff
==============================================================================
--- 
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/XSSSecurityTest.java
 (original)
+++ 
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/XSSSecurityTest.java
 Mon Sep 19 10:10:14 2011
@@ -19,8 +19,8 @@ package org.apache.archiva.web.test;
  * under the License.
  */
 
-import org.testng.annotations.Test;
 import org.apache.archiva.web.test.parent.AbstractArchivaTest;
+import org.testng.annotations.Test;
 
 /**
  * Test all actions affected with XSS security issue.
@@ -31,97 +31,125 @@ public class XSSSecurityTest
 {
     public void testDeleteArtifactImmunityToURLCrossSiteScripting()
     {
-        getSelenium().open( 
"/archiva/deleteArtifact!doDelete.action?groupId=\"/>1<script>alert('xss')</script>&artifactId=\"/>1<script>alert('xss')</script>&version=\"/>1<script>alert('xss')</script>&repositoryId=\"/>1<script>alert('xss')</script>");
+        getSelenium().open(
+            
"/archiva/deleteArtifact!doDelete.action?groupId=\"/>1<script>alert('xss')</script>&artifactId=\"/>1<script>alert('xss')</script>&version=\"/>1<script>alert('xss')</script>&repositoryId=\"/>1<script>alert('xss')</script>"
 );
         assertDeleteArtifactPage();
         assertTextPresent( "Invalid version." );
-        assertTextPresent( "User is not authorized to delete artifacts in 
repository '\"/>1<script>alert('xss')</script>'." );
-        assertTextPresent( "Group id must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
-        assertTextPresent( "Artifact id must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
-        assertTextPresent( "Repository id must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
-        assertElementValue("//input[@id='deleteArtifact_groupId']", 
"\"/>1<script>alert('xss')</script>");
-        assertElementValue("//input[@id='deleteArtifact_artifactId']", 
"\"/>1<script>alert('xss')</script>");
-        assertElementValue("//input[@id='deleteArtifact_version']", 
"\"/>1<script>alert('xss')</script>");
-        assertElementValue("//select[@id='deleteArtifact_repositoryId']", 
"internal");
+        assertTextPresent(
+            "User is not authorized to delete artifacts in repository 
'\"/>1<script>alert('xss')</script>'." );
+        assertTextPresent(
+            "Group id must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Artifact id must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Repository id must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertElementValue( "//input[@id='deleteArtifact_groupId']", 
"\"/>1<script>alert('xss')</script>" );
+        assertElementValue( "//input[@id='deleteArtifact_artifactId']", 
"\"/>1<script>alert('xss')</script>" );
+        assertElementValue( "//input[@id='deleteArtifact_version']", 
"\"/>1<script>alert('xss')</script>" );
+        assertElementValue( "//select[@id='deleteArtifact_repositoryId']", 
"internal" );
     }
 
     public void testDeleteArtifactImmunityToEncodedURLCrossSiteScripting()
     {
-        getSelenium().open( 
"/archiva/deleteArtifact!doDelete.action?groupId=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E&artifactId=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E&version=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E&repositoryId=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E");
+        getSelenium().open(
+            
"/archiva/deleteArtifact!doDelete.action?groupId=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E&artifactId=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E&version=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E&repositoryId=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E"
 );
         assertDeleteArtifactPage();
         assertTextPresent( "Invalid version." );
-        assertTextPresent( "User is not authorized to delete artifacts in 
repository '\"/>1<script>alert('xss')</script>'." );
-        assertTextPresent( "Group id must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
-        assertTextPresent( "Artifact id must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
-        assertTextPresent( "Repository id must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
-        assertElementValue("//input[@id='deleteArtifact_groupId']", 
"\"/>1<script>alert('xss')</script>");
-        assertElementValue("//input[@id='deleteArtifact_artifactId']", 
"\"/>1<script>alert('xss')</script>");
-        assertElementValue("//input[@id='deleteArtifact_version']", 
"\"/>1<script>alert('xss')</script>");
-        assertElementValue("//select[@id='deleteArtifact_repositoryId']", 
"internal");
+        assertTextPresent(
+            "User is not authorized to delete artifacts in repository 
'\"/>1<script>alert('xss')</script>'." );
+        assertTextPresent(
+            "Group id must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Artifact id must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Repository id must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertElementValue( "//input[@id='deleteArtifact_groupId']", 
"\"/>1<script>alert('xss')</script>" );
+        assertElementValue( "//input[@id='deleteArtifact_artifactId']", 
"\"/>1<script>alert('xss')</script>" );
+        assertElementValue( "//input[@id='deleteArtifact_version']", 
"\"/>1<script>alert('xss')</script>" );
+        assertElementValue( "//select[@id='deleteArtifact_repositoryId']", 
"internal" );
     }
 
     public void testEditAppearanceImmunityToURLCrossSiteScripting()
     {
-        getSelenium().open( 
"/archiva/admin/configureAppearance.action?organisationName=<script>alert('xss')</script>&organisationUrl=<script>alert('xss')</script>&organisationLogo=<script>alert('xss')</script>");
+        getSelenium().open(
+            
"/archiva/admin/configureAppearance.action?organisationName=<script>alert('xss')</script>&organisationUrl=<script>alert('xss')</script>&organisationLogo=<script>alert('xss')</script>"
 );
         assertAppearancePage();
-        assertXpathCount("//td[text()=\"<script>alert('xss')</script>\"]", 1);
-        assertXpathCount("//code[text()=\"<script>alert('xss')</script>\"]", 
2);
+        assertXpathCount( "//td[text()=\"<script>alert('xss')</script>\"]", 1 
);
+        assertXpathCount( "//code[text()=\"<script>alert('xss')</script>\"]", 
2 );
 
     }
 
     public void testEditAppearanceImmunityToEncodedURLCrossSiteScripting()
     {
-        getSelenium().open( 
"/archiva/admin/configureAppearance.action?organisationName=%3Cscript%3Ealert('xss')%3C%2Fscript%3E&organisationUrl=%3Cscript%3Ealert('xss')%3C%2Fscript%3E&organisationLogo=%3Cscript%3Ealert('xss')%3C%2Fscript%3E");
+        getSelenium().open(
+            
"/archiva/admin/configureAppearance.action?organisationName=%3Cscript%3Ealert('xss')%3C%2Fscript%3E&organisationUrl=%3Cscript%3Ealert('xss')%3C%2Fscript%3E&organisationLogo=%3Cscript%3Ealert('xss')%3C%2Fscript%3E"
 );
         assertAppearancePage();
-        assertXpathCount("//td[text()=\"<script>alert('xss')</script>\"]", 1);
-        assertXpathCount("//code[text()=\"<script>alert('xss')</script>\"]", 
2);
+        assertXpathCount( "//td[text()=\"<script>alert('xss')</script>\"]", 1 
);
+        assertXpathCount( "//code[text()=\"<script>alert('xss')</script>\"]", 
2 );
     }
 
     public void testAddLegacyArtifactImmunityToURLCrossSiteScripting()
     {
-        getSelenium().open( 
"/archiva/admin/addLegacyArtifactPath!commit.action?legacyArtifactPath.path=\"/>1<script>alert('xss')</script>&groupId=\"/>1<script>alert('xss')</script>&artifactId=\"/>1<script>alert('xss')</script>&version=\"/>1<script>alert('xss')</script>&classifier=\"/>1<script>alert('xss')</script>&type=\"/>1<script>alert('xss')</script>");
+        getSelenium().open(
+            
"/archiva/admin/addLegacyArtifactPath!commit.action?legacyArtifactPath.path=\"/>1<script>alert('xss')</script>&groupId=\"/>1<script>alert('xss')</script>&artifactId=\"/>1<script>alert('xss')</script>&version=\"/>1<script>alert('xss')</script>&classifier=\"/>1<script>alert('xss')</script>&type=\"/>1<script>alert('xss')</script>"
 );
         assertAddLegacyArtifactPathPage();
-        assertTextPresent( "Legacy path must only contain alphanumeric 
characters, forward-slashes(/), back-slashes(\\), underscores(_), dots(.), and 
dashes(-)." );
-        assertTextPresent( "Group id must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
-        assertTextPresent( "Artifact id must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
-        assertTextPresent( "Version must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
-        assertTextPresent( "Classifier must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Legacy path must only contain alphanumeric characters, 
forward-slashes(/), back-slashes(\\), underscores(_), dots(.), and dashes(-)." 
);
+        assertTextPresent(
+            "Group id must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Artifact id must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Version must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Classifier must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
         assertTextPresent( "Type must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
-        
assertElementValue("//input[@id='addLegacyArtifactPath_legacyArtifactPath_path']",
 "\"/>1<script>alert('xss')</script>");
-        assertElementValue("//input[@id='addLegacyArtifactPath_artifactId']", 
"\"/>1<script>alert('xss')</script>");
-        assertElementValue("//input[@id='addLegacyArtifactPath_version']", 
"\"/>1<script>alert('xss')</script>");
-        assertElementValue("//input[@id='addLegacyArtifactPath_groupId']", 
"\"/>1<script>alert('xss')</script>");
-        assertElementValue("//input[@id='addLegacyArtifactPath_classifier']", 
"\"/>1<script>alert('xss')</script>");
-        assertElementValue("//input[@id='addLegacyArtifactPath_type']", 
"\"/>1<script>alert('xss')</script>");
+        assertElementValue( 
"//input[@id='addLegacyArtifactPath_legacyArtifactPath_path']",
+                            "\"/>1<script>alert('xss')</script>" );
+        assertElementValue( "//input[@id='addLegacyArtifactPath_artifactId']", 
"\"/>1<script>alert('xss')</script>" );
+        assertElementValue( "//input[@id='addLegacyArtifactPath_version']", 
"\"/>1<script>alert('xss')</script>" );
+        assertElementValue( "//input[@id='addLegacyArtifactPath_groupId']", 
"\"/>1<script>alert('xss')</script>" );
+        assertElementValue( "//input[@id='addLegacyArtifactPath_classifier']", 
"\"/>1<script>alert('xss')</script>" );
+        assertElementValue( "//input[@id='addLegacyArtifactPath_type']", 
"\"/>1<script>alert('xss')</script>" );
     }
 
     public void testAddLegacyArtifactImmunityToEncodedURLCrossSiteScripting()
     {
-        getSelenium().open( 
"/archiva/admin/addLegacyArtifactPath!commit.action?legacyArtifactPath.path=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E&groupId=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E&artifactId=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E&version=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E&classifier=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E&type=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E");
+        getSelenium().open(
+            
"/archiva/admin/addLegacyArtifactPath!commit.action?legacyArtifactPath.path=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E&groupId=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E&artifactId=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E&version=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E&classifier=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E&type=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E"
 );
         assertAddLegacyArtifactPathPage();
-        assertTextPresent( "Legacy path must only contain alphanumeric 
characters, forward-slashes(/), back-slashes(\\), underscores(_), dots(.), and 
dashes(-)." );
-        assertTextPresent( "Group id must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
-        assertTextPresent( "Artifact id must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
-        assertTextPresent( "Version must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
-        assertTextPresent( "Classifier must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Legacy path must only contain alphanumeric characters, 
forward-slashes(/), back-slashes(\\), underscores(_), dots(.), and dashes(-)." 
);
+        assertTextPresent(
+            "Group id must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Artifact id must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Version must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Classifier must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
         assertTextPresent( "Type must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
-        
assertElementValue("//input[@id='addLegacyArtifactPath_legacyArtifactPath_path']",
 "\"/>1<script>alert('xss')</script>");
-        assertElementValue("//input[@id='addLegacyArtifactPath_artifactId']", 
"\"/>1<script>alert('xss')</script>");
-        assertElementValue("//input[@id='addLegacyArtifactPath_version']", 
"\"/>1<script>alert('xss')</script>");
-        assertElementValue("//input[@id='addLegacyArtifactPath_groupId']", 
"\"/>1<script>alert('xss')</script>");
-        assertElementValue("//input[@id='addLegacyArtifactPath_classifier']", 
"\"/>1<script>alert('xss')</script>");
-        assertElementValue("//input[@id='addLegacyArtifactPath_type']", 
"\"/>1<script>alert('xss')</script>");
+        assertElementValue( 
"//input[@id='addLegacyArtifactPath_legacyArtifactPath_path']",
+                            "\"/>1<script>alert('xss')</script>" );
+        assertElementValue( "//input[@id='addLegacyArtifactPath_artifactId']", 
"\"/>1<script>alert('xss')</script>" );
+        assertElementValue( "//input[@id='addLegacyArtifactPath_version']", 
"\"/>1<script>alert('xss')</script>" );
+        assertElementValue( "//input[@id='addLegacyArtifactPath_groupId']", 
"\"/>1<script>alert('xss')</script>" );
+        assertElementValue( "//input[@id='addLegacyArtifactPath_classifier']", 
"\"/>1<script>alert('xss')</script>" );
+        assertElementValue( "//input[@id='addLegacyArtifactPath_type']", 
"\"/>1<script>alert('xss')</script>" );
     }
 
     public void testDeleteNetworkProxyImmunityToURLCrossSiteScripting()
     {
-        getSelenium().open( 
"/archiva/admin/deleteNetworkProxy!confirm.action?proxyid=\"/>1<script>alert('xss')</script>");
+        getSelenium().open(
+            
"/archiva/admin/deleteNetworkProxy!confirm.action?proxyid=\"/>1<script>alert('xss')</script>"
 );
         assertTextPresent( "Security Alert - Invalid Token Found" );
         assertTextPresent( "Possible CSRF attack detected! Invalid token found 
in the request." );
     }
 
     public void testDeleteNetworkProxyImmunityToEncodedURLCrossSiteScripting()
     {
-        getSelenium().open( 
"/archiva/admin/deleteNetworkProxy!confirm.action?proxyid=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E");
+        getSelenium().open(
+            
"/archiva/admin/deleteNetworkProxy!confirm.action?proxyid=%22%2F%3E1%3Cscript%3Ealert('xss')%3C%2Fscript%3E"
 );
         assertTextPresent( "Security Alert - Invalid Token Found" );
         assertTextPresent( "Possible CSRF attack detected! Invalid token found 
in the request." );
     }
@@ -130,61 +158,83 @@ public class XSSSecurityTest
     {
         goToRepositoriesPage();
         getSelenium().open( "/archiva/admin/addRepository.action" );
-       addManagedRepository( "test\"><script>alert('xss')</script>", 
"test\"><script>alert('xss')</script>" , "test\"><script>alert('xss')</script>" 
, "test\"><script>alert('xss')</script>", "Maven 2.x Repository", "", "-1", 
"101" );
+        addManagedRepository( "test\"><script>alert('xss')</script>", 
"test\"><script>alert('xss')</script>",
+                              "test\"><script>alert('xss')</script>", 
"test\"><script>alert('xss')</script>",
+                              "Maven 2.x Repository", "", "-1", "101" );
         // xss inputs are blocked by validation.
-       assertTextPresent( "Identifier must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
-       assertTextPresent( "Directory must only contain alphanumeric 
characters, equals(=), question-marks(?), exclamation-points(!), ampersands(&), 
forward-slashes(/), back-slashes(\\), underscores(_), dots(.), colons(:), 
tildes(~), and dashes(-)." );
-       assertTextPresent( "Repository Name must only contain alphanumeric 
characters, white-spaces(' '), forward-slashes(/), open-parenthesis('('), 
close-parenthesis(')'), underscores(_), dots(.), and dashes(-)." );
-        assertTextPresent( "Index directory must only contain alphanumeric 
characters, equals(=), question-marks(?), exclamation-points(!), ampersands(&), 
forward-slashes(/), back-slashes(\\), underscores(_), dots(.), colons(:), 
tildes(~), and dashes(-)." );
-        assertTextPresent( "Repository Purge By Retention Count needs to be 
between 1 and 100.");
-        assertTextPresent( "Repository Purge By Days Older Than needs to be 
larger than 0.");
-       assertTextPresent( "Invalid cron expression." );
+        assertTextPresent(
+            "Identifier must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Directory must only contain alphanumeric characters, equals(=), 
question-marks(?), exclamation-points(!), ampersands(&), forward-slashes(/), 
back-slashes(\\), underscores(_), dots(.), colons(:), tildes(~), and 
dashes(-)." );
+        assertTextPresent(
+            "Repository Name must only contain alphanumeric characters, 
white-spaces(' '), forward-slashes(/), open-parenthesis('('), 
close-parenthesis(')'), underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Index directory must only contain alphanumeric characters, 
equals(=), question-marks(?), exclamation-points(!), ampersands(&), 
forward-slashes(/), back-slashes(\\), underscores(_), dots(.), colons(:), 
tildes(~), and dashes(-)." );
+        assertTextPresent( "Repository Purge By Retention Count needs to be 
between 1 and 100." );
+        assertTextPresent( "Repository Purge By Days Older Than needs to be 
larger than 0." );
+        assertTextPresent( "Invalid cron expression." );
     }
 
     public void testEditAppearanceImmunityToInputFieldCrossSiteScripting()
     {
         goToAppearancePage();
         clickLinkWithText( "Edit" );
-        addEditAppearance( "test<script>alert('xss')</script>" , 
"test<script>alert('xss')</script>" , "test<script>alert('xss')</script>" );
+        addEditAppearance( "test<script>alert('xss')</script>", 
"test<script>alert('xss')</script>",
+                           "test<script>alert('xss')</script>", false );
         // xss inputs are blocked by validation.
-        assertTextPresent( "Organisation name must only contain alphanumeric 
characters, white-spaces(' '), equals(=), question-marks(?), 
exclamation-points(!), ampersands(&), forward-slashes(/), back-slashes(\\), 
underscores(_), dots(.), colons(:), tildes(~), and dashes(-)." );
+        assertTextPresent(
+            "Organisation name must only contain alphanumeric characters, 
white-spaces(' '), equals(=), question-marks(?), exclamation-points(!), 
ampersands(&), forward-slashes(/), back-slashes(\\), underscores(_), dots(.), 
colons(:), tildes(~), and dashes(-)." );
         assertTextPresent( "You must enter a URL" );
-        assertXpathCount("//span[@class='errorMessage' and text()='You must 
enter a URL']", 2);
+        assertXpathCount( "//span[@class='errorMessage' and text()='You must 
enter a URL']", 2 );
     }
 
     public void testEditAppearanceImmunityToCrossSiteScriptingRendering()
     {
         goToAppearancePage();
         clickLinkWithText( "Edit" );
-        addEditAppearance( "xss" , 
"http://\";>test<script>alert(\"xss\")</script>" , 
"http://\";>test<script>alert(\"xss\")</script>" );
+        addEditAppearance( "xss", 
"http://\";>test<script>alert(\"xss\")</script>",
+                           "http://\";>test<script>alert(\"xss\")</script>", 
false );
         // escaped html/url prevents cross-site scripting exploits
-        assertXpathCount("//td[text()=\"xss\"]", 1);
-        
assertXpathCount("//code[text()='http://\";>test<script>alert(\"xss\")</script>']",
 2);
+        assertXpathCount( "//td[text()=\"xss\"]", 1 );
+        assertXpathCount( 
"//code[text()='http://\";>test<script>alert(\"xss\")</script>']", 2 );
     }
 
     public void 
testAddLegacyArtifactPathImmunityToInputFieldCrossSiteScripting()
     {
         goToLegacySupportPage();
-       clickLinkWithText( "Add" );
-        addLegacyArtifactPath( "test<script>alert('xss')</script>" , 
"test<script>alert('xss')</script>" , "test<script>alert('xss')</script>" , 
"test<script>alert('xss')</script>" , "test<script>alert('xss')</script>" , 
"test<script>alert('xss')</script>");
-       // xss inputs are blocked by validation.
-        assertTextPresent( "Legacy path must only contain alphanumeric 
characters, forward-slashes(/), back-slashes(\\), underscores(_), dots(.), and 
dashes(-)." );
-        assertTextPresent( "Group id must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
-        assertTextPresent( "Artifact id must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
-        assertTextPresent( "Version must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
-        assertTextPresent( "Classifier must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
+        clickLinkWithText( "Add" );
+        addLegacyArtifactPath( "test<script>alert('xss')</script>", 
"test<script>alert('xss')</script>",
+                               "test<script>alert('xss')</script>", 
"test<script>alert('xss')</script>",
+                               "test<script>alert('xss')</script>", 
"test<script>alert('xss')</script>" );
+        // xss inputs are blocked by validation.
+        assertTextPresent(
+            "Legacy path must only contain alphanumeric characters, 
forward-slashes(/), back-slashes(\\), underscores(_), dots(.), and dashes(-)." 
);
+        assertTextPresent(
+            "Group id must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Artifact id must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Version must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Classifier must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
         assertTextPresent( "Type must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
     }
 
     public void testAddNetworkProxyImmunityToInputFieldCrossSiteScripting()
     {
         goToNetworkProxiesPage();
-       addNetworkProxy( "test<script>alert('xss')</script>", 
"test<script>alert('xss')</script>", "test<script>alert('xss')</script>", 
"test<script>alert('xss')</script>", "test<script>alert('xss')</script>", "");
-       // xss inputs are blocked by validation.
-        assertTextPresent( "Proxy id must only contain alphanumeric 
characters, underscores(_), dots(.), and dashes(-)." );
-        assertTextPresent( "Protocol must only contain alphanumeric 
characters, forward-slashes(/), back-slashes(\\), dots(.), colons(:), and 
dashes(-)." );
-        assertTextPresent( "Host must only contain alphanumeric characters, 
equals(=), question-marks(?), exclamation-points(!), ampersands(&), 
forward-slashes(/), back-slashes(\\), underscores(_), dots(.), colons(:), 
tildes(~), and dashes(-)." );
+        addNetworkProxy( "test<script>alert('xss')</script>", 
"test<script>alert('xss')</script>",
+                         "test<script>alert('xss')</script>", 
"test<script>alert('xss')</script>",
+                         "test<script>alert('xss')</script>", "" );
+        // xss inputs are blocked by validation.
+        assertTextPresent(
+            "Proxy id must only contain alphanumeric characters, 
underscores(_), dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Protocol must only contain alphanumeric characters, 
forward-slashes(/), back-slashes(\\), dots(.), colons(:), and dashes(-)." );
+        assertTextPresent(
+            "Host must only contain alphanumeric characters, equals(=), 
question-marks(?), exclamation-points(!), ampersands(&), forward-slashes(/), 
back-slashes(\\), underscores(_), dots(.), colons(:), tildes(~), and 
dashes(-)." );
         assertTextPresent( "Invalid field value for field \"proxy.port\"." );
-        assertTextPresent( "Username must only contain alphanumeric 
characters, at's(@), forward-slashes(/), back-slashes(\\), underscores(_), 
dots(.), and dashes(-)." );
+        assertTextPresent(
+            "Username must only contain alphanumeric characters, at's(@), 
forward-slashes(/), back-slashes(\\), underscores(_), dots(.), and dashes(-)." 
);
     }
 }
\ No newline at end of file

Modified: 
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/parent/AbstractArchivaTest.java
URL: 
http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/parent/AbstractArchivaTest.java?rev=1172554&r1=1172553&r2=1172554&view=diff
==============================================================================
--- 
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/parent/AbstractArchivaTest.java
 (original)
+++ 
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/parent/AbstractArchivaTest.java
 Mon Sep 19 10:10:14 2011
@@ -480,12 +480,12 @@ public abstract class AbstractArchivaTes
         assertLinkPresent( "Change your appearance" );
     }
 
-    public void addEditAppearance( String name, String url, String logoUrl )
+    public void addEditAppearance( String name, String url, String logoUrl, 
boolean wait)
     {
         setFieldValue( "organisationName", name );
         setFieldValue( "organisationUrl", url );
         setFieldValue( "organisationLogo", logoUrl );
-        clickButtonWithValue( "Save" );
+        clickButtonWithValue( "Save", wait );
     }
 
     public void goToHomePage()

Modified: 
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/parent/AbstractSeleniumTest.java
URL: 
http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/parent/AbstractSeleniumTest.java?rev=1172554&r1=1172553&r2=1172554&view=diff
==============================================================================
--- 
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/parent/AbstractSeleniumTest.java
 (original)
+++ 
archiva/trunk/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/parent/AbstractSeleniumTest.java
 Mon Sep 19 10:10:14 2011
@@ -431,7 +431,8 @@ public abstract class AbstractSeleniumTe
 
     public void assertXpathCount( String locator, int expectedCount )
     {
-        Assert.assertEquals( getSelenium().getXpathCount( locator 
).intValue(), expectedCount );
+        int count = getSelenium().getXpathCount( locator ).intValue();
+        Assert.assertEquals( count, expectedCount );
     }
 
     public void assertElementValue( String locator, String expectedValue )


Reply via email to