mrpastewart/platform
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

1.1.0

Browse source
This commit is contained in:
Tobe O 2017-12-22 08:39:21 -05:00
parent 155736d647
commit ec7bff58c1
6 changed files with 91 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
.idea/libraries/Dart_Packages.xml
View file

@ -135,6 +135,13 @@
</list> </list>
</value> </value>
</entry> </entry>
<entry key="console">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/console-2.2.4/lib" />
</list>
</value>
</entry>
<entry key="container"> <entry key="container">
<value> <value>
<list> <list>
@ -345,6 +352,13 @@
</list> </list>
</value> </value>
</entry> </entry>
<entry key="quiver">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/quiver-0.22.0/lib" />
</list>
</value>
</entry>
<entry key="quiver_hashcode"> <entry key="quiver_hashcode">
<value> <value>
<list> <list>
@ -471,6 +485,13 @@
</list> </list>
</value> </value>
</entry> </entry>
<entry key="vector_math">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/vector_math-1.4.7/lib" />
</list>
</value>
</entry>
<entry key="watcher"> <entry key="watcher">
<value> <value>
<list> <list>
@ -514,6 +535,7 @@
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/cli_util-0.1.2+1/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/cli_util-0.1.2+1/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/collection-1.14.3/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/collection-1.14.3/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/combinator-1.0.0-beta+7/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/combinator-1.0.0-beta+7/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/console-2.2.4/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/container-0.1.2/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/container-0.1.2/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/convert-2.0.1/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/convert-2.0.1/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/crypto-2.0.2+1/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/crypto-2.0.2+1/lib" />
@ -544,6 +566,7 @@
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/plugin-0.2.0+2/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/plugin-0.2.0+2/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/pool-1.3.3/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/pool-1.3.3/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/pub_semver-1.3.2/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/pub_semver-1.3.2/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/quiver-0.22.0/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/quiver_hashcode-1.0.0/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/quiver_hashcode-1.0.0/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/random_string-0.0.1/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/random_string-0.0.1/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/shelf-0.7.1/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/shelf-0.7.1/lib" />
@ -562,6 +585,7 @@
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/typed_data-1.1.5/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/typed_data-1.1.5/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/utf-0.9.0+3/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/utf-0.9.0+3/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/uuid-0.5.3/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/uuid-0.5.3/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/vector_math-1.4.7/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/watcher-0.9.7+4/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/watcher-0.9.7+4/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/web_socket_channel-1.0.6/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/web_socket_channel-1.0.6/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/yaml-2.1.13/lib" /> <root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/yaml-2.1.13/lib" />

8
.idea/runConfigurations/tests_in_security.xml Normal file
View file

@ -0,0 +1,8 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="tests in security" type="DartTestRunConfigurationType" factoryName="Dart Test" singleton="true" nameIsGenerated="true">
<option name="filePath" value="$PROJECT_DIR$" />
<option name="scope" value="FOLDER" />
<option name="testRunnerOptions" value="-j 4" />
<method />
</configuration>
</component>

25
pubspec.yaml
View file

@ -1,14 +1,15 @@
name: angel_security author: "Tobe O <thosakwe@gmail.com>"
version: 1.1.0 description: "Angel middleware designed to enhance application security by patching common Web security holes."
description: Angel middleware designed to enhance application security by patching common Web security holes. homepage: "https://github.com/angel-dart/security"
author: Tobe O <thosakwe@gmail.com> name: "angel_security"
version: "1.1.0"
dependencies:
angel_framework: "^1.1.0"
dev_dependencies:
angel_auth: "^1.1.0"
angel_test: "^1.1.0"
angel_validate: "^1.0.0"
console: "^2.2.4"
test: "^0.12.0"
environment: environment:
sdk: ">=1.19.0" sdk: ">=1.19.0"
homepage: https://github.com/angel-dart/security
dependencies:
angel_framework: ^1.1.0
dev_dependencies:
angel_auth: ^1.1.0
angel_validate: ^1.0.0
angel_test: ^1.1.0
test: ^0.12.0

32
test/pretty_logging.dart Normal file
View file

@ -0,0 +1,32 @@
import 'package:console/console.dart';
import 'package:logging/logging.dart';
/// Prints the contents of a [LogRecord] with pretty colors.
prettyLog(LogRecord record) async {
var pen = new TextPen();
chooseLogColor(pen.reset(), record.level);
pen(record.toString());
if (record.error != null)
pen(record.error.toString());
if (record.stackTrace != null)
pen(record.stackTrace.toString());
pen();
}
/// Chooses a color based on the logger [level].
void chooseLogColor(TextPen pen, Level level) {
if (level == Level.SHOUT)
pen.darkRed();
else if (level == Level.SEVERE)
pen.red();
else if (level == Level.WARNING)
pen.yellow();
else if (level == Level.INFO)
pen.magenta();
else if (level == Level.FINER)
pen.blue();
else if (level == Level.FINEST)
pen.darkBlue();
}

6
test/sanitize_test.dart
View file

@ -1,11 +1,12 @@
import 'dart:io'; import 'dart:io';
import 'package:angel_diagnostics/angel_diagnostics.dart';
import 'package:angel_framework/angel_framework.dart'; import 'package:angel_framework/angel_framework.dart';
import 'package:angel_security/angel_security.dart'; import 'package:angel_security/angel_security.dart';
import 'package:angel_test/angel_test.dart'; import 'package:angel_test/angel_test.dart';
import 'package:angel_validate/server.dart'; import 'package:angel_validate/server.dart';
import 'package:logging/logging.dart';
import 'package:matcher/matcher.dart'; import 'package:matcher/matcher.dart';
import 'package:test/test.dart'; import 'package:test/test.dart';
import 'pretty_logging.dart';
final Validator untrustedSchema = new Validator({'html*': isString}); final Validator untrustedSchema = new Validator({'html*': isString});
@ -45,7 +46,8 @@ main() async {
</html>'''); </html>''');
}); });
await app.configure(logRequests(new File('log.txt'))); app.logger = new Logger.detached('angel_security')
..onRecord.listen(prettyLog);
client = await connectTo(app); client = await connectTo(app);
}); });

12
test/throttle_test.dart
View file

@ -25,12 +25,16 @@ main() {
test('once per hour', () async { test('once per hour', () async {
// First request within the hour is fine // First request within the hour is fine
var response = await client.get('/once-per-hour'); var response = await client.get('/once-per-hour', headers: {
'accept': 'application/json',
});
print(response.body); print(response.body);
expect(response, hasBody('"OK"')); expect(response, hasBody('"OK"'));
// Second request within an hour? No no no! // Second request within an hour? No no no!
response = await client.get('/once-per-hour'); response = await client.get('/once-per-hour', headers: {
'accept': 'application/json',
});
print(response.body); print(response.body);
expect(response, isAngelHttpException(statusCode: 429)); expect(response, isAngelHttpException(statusCode: 429));
}); });
@ -54,7 +58,9 @@ main() {
expect(response, hasBody('"OK"')); expect(response, hasBody('"OK"'));
// Fourth request within a minute? No no no! // Fourth request within a minute? No no no!
response = await client.get('/thrice-per-minute'); response = await client.get('/thrice-per-minute', headers: {
'accept': 'application/json',
});
print(response.body); print(response.body);
expect(response, isAngelHttpException(statusCode: 429)); expect(response, isAngelHttpException(statusCode: 429));
}); });