@Test(expected = RuntimeException.class) // Uses of JMockit API: 2
public void stubVoidMethodsWithExceptions() {
new Expectations() {
{
// void/non-void methods are handled the same way, with a consistent API:
mockedList.clear();
result = new RuntimeException();
}
};
mockedList.clear();
}
@Test // Uses of JMockit API: 2
public void stubbingVoidMethods() {
// The API is consistent, so this is the same as for non-void methods:
new Expectations() {
{
mockedList.clear();
result = new RuntimeException();
}
};
try {
// Following throws RuntimeException:
mockedList.clear();
fail();
} catch (RuntimeException ignore) {
}
}
@Test
public void testParseMulti() throws ParseException, TokeniserException {
List<Policy> pl;
ArrayList<Warning> warnings;
pl =
Parser.parseMulti(
"script-src a; script-src b, , script-src c; script-src d", "https://origin.com");
assertEquals(2, pl.size());
assertEquals("script-src a", pl.get(0).show());
assertEquals("script-src c", pl.get(1).show());
pl = Parser.parseMulti("script-src a,", URI.parse("https://origin.com"));
assertEquals(2, pl.size());
assertEquals("script-src a", pl.get(0).show());
assertEquals("", pl.get(1).show());
warnings = new ArrayList<>();
pl = Parser.parseMulti("script-src a,", URI.parse("https://origin.com"), warnings);
assertEquals(2, pl.size());
assertEquals("script-src a", pl.get(0).show());
assertEquals("", pl.get(1).show());
assertEquals(0, warnings.size());
warnings = new ArrayList<>();
pl = Parser.parseMulti("script-src a, sandbox", "https://origin.com", warnings);
assertEquals(2, pl.size());
assertEquals("script-src a", pl.get(0).show());
assertEquals("sandbox", pl.get(1).show());
assertEquals(0, warnings.size());
warnings = new ArrayList<>();
pl =
ParserWithLocation.parseMulti(
" plugin-types a/b , script-src 'unsafe-redirect'", "https://origin.com", warnings);
assertEquals(2, pl.size());
assertEquals("plugin-types a/b", pl.get(0).show());
assertEquals("script-src 'unsafe-redirect'", pl.get(1).show());
assertEquals(1, warnings.size());
assertEquals(
"1:36: 'unsafe-redirect' has been removed from CSP as of version 2.0",
warnings.get(0).show());
warnings = new ArrayList<>();
pl =
ParserWithLocation.parseMulti(
"script-src a, frame-src b", URI.parse("https://origin.com"), warnings);
assertEquals(2, pl.size());
assertEquals("script-src a", pl.get(0).show());
assertEquals("frame-src b", pl.get(1).show());
assertEquals(1, warnings.size());
assertEquals(
"1:15: The frame-src directive is deprecated as of CSP version 1.1. Authors who wish to govern nested browsing contexts SHOULD use the child-src directive instead.",
warnings.get(0).show());
try {
pl.clear();
pl = Parser.parseMulti("script-src a,b", "https://origin.com");
fail();
} catch (IllegalArgumentException e1) {
assertEquals(0, pl.size());
assertEquals("Unrecognised directive name: b", e1.getMessage());
}
try {
ParserWithLocation.parse(
"script-src a, script-src b", "https://origin.com", new ArrayList<>());
fail();
} catch (ParseException e1) {
assertEquals(0, pl.size());
assertEquals("1:13: expecting end of policy but found ,", e1.getMessage());
}
try {
Parser.parse("script-src a, script-src b", "https://origin.com");
fail();
} catch (ParseException e1) {
assertEquals(0, pl.size());
assertEquals("expecting end of policy but found ,", e1.getMessage());
}
try {
pl.clear();
pl = ParserWithLocation.parseMulti("allow 'none', options", "https://origin.com");
fail();
} catch (ParseException e1) {
assertEquals(0, pl.size());
assertEquals(
"1:1: The allow directive has been replaced with default-src and is not in the CSP specification.",
e1.getMessage());
}
try {
pl.clear();
pl = ParserWithLocation.parseMulti("allow 'none', referrer", URI.parse("https://origin.com"));
fail();
} catch (ParseException e1) {
assertEquals(0, pl.size());
assertEquals(
"1:1: The allow directive has been replaced with default-src and is not in the CSP specification.",
e1.getMessage());
}
failsToParse("script-src *, ");
}