phlux/mattermostest
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'security-improvements'

Browse Source 
For #220
This commit is contained in:
Yuya Ochiai
2016-08-09 01:10:19 +09:00
parent ad3d0e7dd9 e1b18cb5f7
commit eac17decf6
5 changed files with 40 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
test/specs/security_test.js
View File

@@ -76,5 +76,30 @@ describe('application', function() {
});
}, 5000, 'expected a new window')
.windowByIndex(3).isNodeEnabled().should.eventually.be.false;
})
});
it('should NOT be able to call eval() in any window', function() {
env.addClientCommands(this.app.client);
const tryEval = (index) => {
return this.app.client
.windowByIndex(index)
.execute(function() {
return eval('1 + 1');
}).should.eventually.be.rejected;
};
const tryEvalInSettingsPage = () => {
return this.app.client
.windowByIndex(0)
.loadSettingsPage()
.execute(function() {
return eval('1 + 1');
}).should.eventually.be.rejected;
};
return Promise.all([
tryEval(0),
tryEval(1),
tryEval(2),
tryEvalInSettingsPage()
]);
});
});