increase nonce test coverage

thebee99 · Sep 10, 2020 · 32bc34d · 32bc34d
1 parent f70999c
commit 32bc34d
Show file tree

Hide file tree

Showing 4 changed files with 67 additions and 3 deletions.
diff --git a/core/src/main/resources/template/simple/nonce.ftl b/core/src/main/resources/template/simple/nonce.ftl
@@ -18,6 +18,4 @@
  * under the License.
  */
 -->
-<#if parameters.nonce?has_content>
-    nonce="${parameters.nonce}"<#rt/>
-</#if>
+<#if parameters.nonce?has_content>nonce="${parameters.nonce}"<#rt/></#if>
diff --git a/core/src/test/java/org/apache/struts2/views/freemarker/FreemarkerResultMockedTest.java b/core/src/test/java/org/apache/struts2/views/freemarker/FreemarkerResultMockedTest.java
@@ -238,6 +238,41 @@ public void testSequenceForSelect() throws Exception {
         assertTrue(result.contains("<option value=\"2\">2</option>"));
     }
 
+    public void testNonce() throws Exception {
+        File file = new File(ClassLoaderUtil.getResource("template/simple/common-attributes.ftl", getClass()).toURI());
+        EasyMock.expect(servletContext.getRealPath("/template/xhtml/common-attributes.ftl")).andReturn(file.getAbsolutePath());
+        EasyMock.expect(servletContext.getRealPath("/template/~~~xhtml/common-attributes.ftl")).andReturn(file.getAbsolutePath());
+
+        file = new File(ClassLoaderUtil.getResource("template/simple/dynamic-attributes.ftl", getClass()).toURI());
+        EasyMock.expect(servletContext.getRealPath("/template/xhtml/dynamic-attributes.ftl")).andReturn(file.getAbsolutePath());
+        EasyMock.expect(servletContext.getRealPath("/template/~~~xhtml/dynamic-attributes.ftl")).andReturn(file.getAbsolutePath());
+
+        file = new File(ClassLoaderUtil.getResource("template/simple/nonce.ftl", getClass()).toURI());
+        EasyMock.expect(servletContext.getRealPath("/template/simple/nonce.ftl")).andReturn(file.getAbsolutePath());
+
+        file = new File(ClassLoaderUtil.getResource("template/simple/script.ftl", getClass()).toURI());
+        EasyMock.expect(servletContext.getRealPath("/template/simple/script.ftl")).andReturn(file.getAbsolutePath());
+
+        file = new File(ClassLoaderUtil.getResource("template/simple/script-close.ftl", getClass()).toURI());
+        EasyMock.expect(servletContext.getRealPath("/template/simple/script-close.ftl")).andReturn(file.getAbsolutePath());
+
+        file = new File(ClassLoaderUtil.getResource("template/simple/link.ftl", getClass()).toURI());
+        EasyMock.expect(servletContext.getRealPath("/template/simple/link.ftl")).andReturn(file.getAbsolutePath());
+
+        file = new File(FreeMarkerResultTest.class.getResource("nonceTest.ftl").toURI());
+        EasyMock.expect(servletContext.getRealPath("/tutorial/org/apache/struts2/views/freemarker/nonceTest.ftl")).andReturn(file.getAbsolutePath());
+        EasyMock.replay(servletContext);
+
+        init();
+
+        request.setRequestURI("/tutorial/test10.action");
+        ActionMapping mapping = container.getInstance(ActionMapper.class).getMapping(request, configurationManager);
+        dispatcher.serviceAction(request, response, mapping);
+
+        assertTrue(stringWriter.toString().contains("<link nonce=\""));
+        assertTrue(stringWriter.toString().contains("<script nonce=\""));
+    }
+
     private void init() {
         stringWriter = new StringWriter();
         writer = new PrintWriter(stringWriter);

diff --git a/core/src/test/resources/org/apache/struts2/views/freemarker/nonceTest.ftl b/core/src/test/resources/org/apache/struts2/views/freemarker/nonceTest.ftl
@@ -0,0 +1,25 @@
+<#--
+/*
+ * $Id: someFreeMarkerFile.ftl 590812 2007-10-31 20:32:54Z apetrelli $
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+-->
+
+<@s.link/>
+<@s.script/>
diff --git a/core/src/test/resources/struts.xml b/core/src/test/resources/struts.xml
@@ -86,6 +86,12 @@
             </result>
         </action>
 
+        <action name="test10" class="com.opensymphony.xwork2.ActionSupport">
+            <result type="freemarker">
+                <param name="location">org/apache/struts2/views/freemarker/nonceTest.ftl</param>
+            </result>
+        </action>
+
     </package>
 
     <package name="sitegraph" namespace="/tutorial/sitegraph" extends="struts-default">