com.atlassian.confluence
Class SpaceKeyDirectoryTraversalAcceptanceTest

java.lang.Object
  extended by junit.framework.Assert
      extended by junit.framework.TestCase
          extended by com.atlassian.confluence.ThreadLocalWebTestCase
              extended by com.atlassian.confluence.AbstractAtlassianWebTestCase
                  extended by com.atlassian.confluence.AbstractConfluenceAcceptanceTest
                      extended by com.atlassian.confluence.SpaceKeyDirectoryTraversalAcceptanceTest
All Implemented Interfaces:
junit.framework.Test

public class SpaceKeyDirectoryTraversalAcceptanceTest
extends AbstractConfluenceAcceptanceTest

Ensures a directory traversal exploit is not accessible.


Field Summary
 
Fields inherited from class com.atlassian.confluence.AbstractConfluenceAcceptanceTest
adminConsole, adminToken, ANONYMOUS_USER, BLOG_DATE_FORMAT, BROWSE_MENU_LINK_ID, CONFLUENCE_ADMIN_GROUP, CONFLUENCE_USERS_GROUP, context, CROWD_MODE, DIRECTORY_CONFIG, filesToDelete, log, logAdjuster, mailServices, RANDOM, rpc, SMTP_SUBJECT_PREFIX, TEST_ADMIN, TEST_ADMIN_EMAIL, TEST_ADMIN_FULLNAME, TEST_ADMIN_PASSWORD, TEST_ADMIN_USERNAME, TEST_BLOG, TEST_COMMENT, TEST_GEN_EMAIL1, TEST_GEN_EMAIL2, TEST_GEN_FULLNAME1, TEST_GEN_FULLNAME2, TEST_GEN_PASSWORD1, TEST_GEN_PASSWORD2, TEST_GEN_USERNAME1, TEST_GEN_USERNAME2, TEST_GROUP1, TEST_PAGE, TEST_SPACE, TEST_SPACE2, TEST_USER1, TEST_USER2, TESTBLOG_CONTENT, TESTBLOG_TITLE, TESTMAILSERVER_HOSTNAME, TESTMAILSERVER_NAME, TESTPAGE_COMMENT, TESTPAGE_CONTENT, TESTPAGE_TITLE, TESTSPACE_DESCRIPTION, TESTSPACE_KEY, TESTSPACE_TITLE, TESTSPACE2_DESCRIPTION, TESTSPACE2_KEY, TESTSPACE2_TITLE, testUser2Token, testUserToken, userHelper, VIEW_PERSONAL_SPACE_LINK, wikiMarkupRpc, xmlrpc
 
Fields inherited from class com.atlassian.confluence.AbstractAtlassianWebTestCase
SITE_TITLE_SUFFIX, TITLE_SEPARATOR
 
Constructor Summary
SpaceKeyDirectoryTraversalAcceptanceTest()
           
 
Method Summary
 void testParentDirExploit()
           
 
Methods inherited from class com.atlassian.confluence.AbstractConfluenceAcceptanceTest
addAnonymousPermissionsToSpace, addComment, addCommentToBlogPost, addSpaceLabel, addUserToGroupViaHelper, addWatchPage, assertImagePresent, assertImageValid, assertLinkPresentWithExactTextAndClass, assertLoggedInAs, assertMailReceived, assertNoMailReceived, attachFile, attachFile, attachFileWithName, chooseRandomBaseUrl, createBlog, createBlogInTestSpace, createGroup, createGroupViaHelper, createMail, createPage, createPageWithViewRestrictions, createSpaceViaWebUI, createSpaceViaWebUI, createSpaceViaWebUI, createTemplate, createTestMailServer, createTestSpaceViaWebUI, createUserViaHelper, createUserViaHelper, disableAnonymousAccess, disableAnonymousAccessToSpace, editBlog, editBlogLabels, editPage, editPageContent, editPageContentViaForm, editPageWithContent, editSpaceDescription, editSpacePermsForm, enableAnonymousAccess, enableAnonymousAccessToSpace, ensureTestUserCanViewTestSpace, forceViewGlobalAdmin, generateBaseUrl, generateFile, getAppContext, getBaseUrl, getConfiguredBaseUrl, getCurrentMailQueueSize, getCurrentPageId, getFriendlyRelativeDate, getPageId, getPluginHelper, getTodaysBlogPostDate, gotoPageWithError, grantAnonymousUseConfluencePermission, grantGlobalBrowsePermissionToGroup, grantGlobalPermissionToGroup, grantGlobalPermissionToUser, grantSpacePermissionToGroup, grantSpacePermissionToGroupAndDelegate, grantSpacePermissionToUser, grantSpacePermissionToUserAndDelegate, grantViewSpacePermissionToGroup, grantViewSpacePermissionToGroupAndDelegate, grantViewSpacePermissionToUser, importGlobalBackup, importGlobalBackup, importMail, importMailAndAssertNoRunningTask, importSpaceBackup, isClustered, logIn, logIn, logInAs, logInAs, loginAs, logInAsAdminAtDashboard, logInAsAtDashboard, loginAsAtDashboard, loginAsTestUser, loginAsTestUser2, loginAsTestUserAtDashboard, loginViaForm, logout, makeParams, movePage, movePage, movePageToNewParent, movePageToNewParent, movePageToNewSpace, rebuildIndex, removeAnonymousPermissionToSpace, removeGroup, removePageLabel, removePageOrBlogById, removePersonalSpace, removeTestUser1, removeTestUser1ViaHelper, removeUser, removeUserFromGroupViaHelper, removeUserViaHelper, renamePage, revokeAnonymousUseConfluencePermission, revokeGlobalPermissionFromGroup, revokeGlobalPermissionFromUser, revokeSpacePermissionFromGroup, revokeSpacePermissionFromUser, rpcAddComment, rpcAddComment, rpcAddComment, rpcAddLabelToBlog, rpcAddLabelToPage, rpcAddLabelToPage, rpcAddLabelToSpace, rpcAddTestComment, rpcClearIndex, rpcClearQueue, rpcCreateBlogPost, rpcCreateBlogPost, rpcCreatePage, rpcCreatePage, rpcCreatePersonalSpace, rpcCreateSpace, rpcCreateSpace, rpcCreateSpaceGroup, rpcCreateTestSpace, rpcCreateTestSpace2, rpcCreateXhtmlPage, rpcEditBlogPost, rpcEditComment, rpcEditPage, rpcFlushAllCaches, rpcFlushIndexQueue, rpcFlushMailQueue, rpcGetAdminToken, rpcGetBlogPostId, rpcGetChildren, rpcGetComments, rpcGetLocalisedText, rpcGetMailQueueSize, rpcGetPageId, rpcGetPageLabels, rpcGetPageLabels, rpcGetTestUser2Token, rpcGetTestUserToken, rpcGetTopLevelPages, rpcGetUserGroups, rpcGetUserToken, rpcGetUserToken, rpcGetVersionForPage, rpcGrantAnonymousSpacePermission, rpcGrantGlobalPermission, rpcGrantSpacePermission, rpcGrantViewSpacePermission, rpcHasGroup, rpcHasUser, rpclogCommandOutput, rpcLogOut, rpcLogOutAdmin, rpcMovePage, rpcMovePageToTopLevel, rpcPauseJob, rpcRemoveAllSpaceGroups, rpcRemoveAnonymousSpacePermission, rpcRemoveAttachment, rpcRemoveComment, rpcRemoveComment, rpcRemoveGlobalPermissions, rpcRemoveGroup, rpcRemoveLabelFromPage, rpcRemoveLabelFromPage, rpcRemoveLabelFromSpace, rpcRemovePage, rpcRemoveSpace, rpcRemoveSpacePermission, rpcRenderContent, rpcRestoreAbstractPage, rpcResumeJob, rpcStoreBlogEntry, rpcTrashPage, rpcTrashPage, rpcTrashPage, rpcTriggerJob, search, setApplicationConfigProperty, setAttachmentMaxUploadSize, setBlogLabels, setCheckbox, setEditPermissionsForGroups, setEditPermissionsForUsers, setMaxAttachmentsInUI, setPageLabels, setSharedMode, setThreadedComments, setUp, setUp, setUpTestNG, setViewPermissionsForGroups, setViewPermissionsForUsers, showAllUsers, shutdownQuartz, stopTestMailServer, tearDown, tearDownTestNG, viewBlog, viewEditBlogPostPage, viewGlobalAdmin, viewGlobalPermissions, viewHomepage, viewLabel, viewLanguages, viewPage, viewPeopleDirectory, viewSpaceAdmin, viewSpaceAdvanced, viewSpaceContent, viewSpacePermissions, viewSpacePermissions, viewSpaceSummary, viewSpaceSummary, viewTodaysBlog, viewTrash, viewUser, watchPage, watchSpace, watchSpace, withParagraph, xmlRpcExecute
 
Methods inherited from class com.atlassian.confluence.AbstractAtlassianWebTestCase
assertCollectionContainsKeyWithValue, assertContains, assertContainsRegex, assertDoesNotContain, assertEndsWith, assertLinkNotPresentWithHrefContaining, assertLinkPresentWithHref, assertLinkPresentWithHrefContaining, assertLinkPresentWithTextAndHref, assertPageTitleEquals, assertServerResponseContains, assertServerResponseDoesNotContain, assertStartsWith, assertStatusCode, assertTextPresentInPageSource, assertTextsPresentInOrder, assertTextsPresentInOrder, assertTitleEquals, assertTitleEquals, getGroupFromResponse, setTextFieldUnlessBlank
 
Methods inherited from class com.atlassian.confluence.ThreadLocalWebTestCase
assertButtonNotPresent, assertButtonNotPresentWithText, assertButtonPresent, assertButtonPresentWithText, assertCheckboxNotPresent, assertCheckboxNotPresent, assertCheckboxNotSelected, assertCheckboxNotSelected, assertCheckboxPresent, assertCheckboxPresent, assertCheckboxSelected, assertCheckboxSelected, assertCookiePresent, assertCookieValueEquals, assertCookieValueMatch, assertDownloadedFileEquals, assertElementNotPresent, assertElementNotPresentByXPath, assertElementPresent, assertElementPresentByXPath, assertFormElementEmpty, assertFormElementEquals, assertFormElementMatch, assertFormElementNotPresent, assertFormElementPresent, assertFormNotPresent, assertFormNotPresent, assertFormPresent, assertFormPresent, assertFramePresent, assertHiddenFieldPresent, assertImagePresent, assertImageValidAndStore, assertKeyInTable, assertKeyInTable, assertKeyNotInTable, assertKeyNotPresent, assertKeyNotPresent, assertKeyPresent, assertKeyPresent, assertKeysInTable, assertKeysInTable, assertLinkNotPresent, assertLinkNotPresentWithExactText, assertLinkNotPresentWithExactText, assertLinkNotPresentWithImage, assertLinkNotPresentWithText, assertLinkNotPresentWithText, assertLinkPresent, assertLinkPresentWithExactText, assertLinkPresentWithExactText, assertLinkPresentWithImage, assertLinkPresentWithText, assertLinkPresentWithText, assertMatch, assertMatchInElement, assertMatchInTable, assertMatchInTable, assertNoMatch, assertNoMatchInElement, assertNoMatchInTable, assertNoMatchInTable, assertRadioOptionNotPresent, assertRadioOptionNotSelected, assertRadioOptionPresent, assertRadioOptionSelected, assertResetButtonNotPresent, assertResetButtonNotPresent, assertResetButtonPresent, assertResetButtonPresent, assertSelectedOptionEquals, assertSelectedOptionMatches, assertSelectedOptionsEqual, assertSelectedOptionsMatch, assertSelectedOptionValueEquals, assertSelectedOptionValuesEqual, assertSelectOptionNotPresent, assertSelectOptionPresent, assertSelectOptionsEqual, assertSelectOptionsNotEqual, assertSelectOptionsPresent, assertSelectOptionValueNotPresent, assertSelectOptionValuePresent, assertSelectOptionValuesEqual, assertSelectOptionValuesNotEqual, assertSelectOptionValuesPresent, assertSubmitButtonNotPresent, assertSubmitButtonNotPresent, assertSubmitButtonPresent, assertSubmitButtonPresent, assertSubmitButtonPresent, assertTableEquals, assertTableEquals, assertTableMatch, assertTableMatch, assertTableNotPresent, assertTablePresent, assertTableRowCountEquals, assertTableRowsEqual, assertTableRowsEqual, assertTableRowsMatch, assertTableRowsMatch, assertTextFieldEquals, assertTextInElement, assertTextInTable, assertTextInTable, assertTextNotInElement, assertTextNotInTable, assertTextNotInTable, assertTextNotPresent, assertTextPresent, assertTitleEqualsKey, assertTitleEqualsKey, assertTitleMatch, assertWindowCountEquals, assertWindowPresent, assertWindowPresent, assertWindowPresentWithTitle, beginAt, checkCheckbox, checkCheckbox, clickButton, clickButtonWithText, clickElementByXPath, clickLink, clickLinkWithExactText, clickLinkWithExactText, clickLinkWithImage, clickLinkWithText, clickLinkWithText, clickRadioOption, closeBrowser, closeWindow, dumpCookies, dumpHtml, dumpHtml, dumpTable, dumpTable, getDialog, getElementAttributByXPath, getElementTextByXPath, getFormElementValue, getImage, getMessage, getMessage, getPageSource, getServeurResponse, getTable, getTestContext, getTester, getTestingEngineKey, gotoFrame, gotoPage, gotoRootWindow, gotoWindow, gotoWindow, gotoWindowByTitle, removeThreadLocal, reset, runBare, saveAs, selectOption, selectOptionByValue, selectOptions, selectOptionsByValues, setDialog, setExpectedJavaScriptAlert, setExpectedJavaScriptAlert, setExpectedJavaScriptConfirm, setExpectedJavaScriptConfirm, setExpectedJavaScriptPrompt, setExpectedJavaScriptPrompt, setFormElement, setScriptingEnabled, setTestContext, setTester, setTestingEngineKey, setTextField, setWorkingForm, setWorkingForm, setWorkingForm, submit, submit, submit, uncheckCheckbox, uncheckCheckbox, wrapWithPageSourceOnError
 
Methods inherited from class junit.framework.TestCase
countTestCases, createResult, getName, run, run, runTest, setName, toString
 
Methods inherited from class junit.framework.Assert
assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertFalse, assertFalse, assertNotNull, assertNotNull, assertNotSame, assertNotSame, assertNull, assertNull, assertSame, assertSame, assertTrue, assertTrue, fail, fail
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

SpaceKeyDirectoryTraversalAcceptanceTest

public SpaceKeyDirectoryTraversalAcceptanceTest()
Method Detail

testParentDirExploit

public void testParentDirExploit()


Copyright © 2003-2011 Atlassian. All Rights Reserved.