Add a test verifying the reproducibility of domains.php

This test downloads the specified revision of the HSTS preload list,
regenerates it, and compares it with the committed version at
domains.php.

In theory it would catch any potential code injection in domains.php,
which is hard to manually review due to its length.

Bug: T241522
Change-Id: Iee2a393c590b830c6e78adba48edc921e2873465
This commit is contained in:
Kunal Mehta 2019-12-28 17:19:58 -08:00
parent 19dfb75a1e
commit 933ce7188e

View file

@ -18,6 +18,7 @@
namespace MediaWiki\SecureLinkFixer\Test; namespace MediaWiki\SecureLinkFixer\Test;
use MediaWiki\SecureLinkFixer\ListFetcher;
use MediaWikiTestCase; use MediaWikiTestCase;
/** /**
@ -26,6 +27,16 @@ use MediaWikiTestCase;
*/ */
class DomainsTest extends MediaWikiTestCase { class DomainsTest extends MediaWikiTestCase {
public function testReproducibility() {
$domains = file_get_contents( __DIR__ . '/../../domains.php' );
preg_match( '/mozilla-central@([0-9a-f]*?) \((.*?)\)/', $domains, $matches );
$this->assertCount( 3, $matches );
[ , $rev, $date ] = $matches;
$lf = new ListFetcher();
$expected = $lf->fetchList( $rev, $date );
$this->assertSame( $expected, $domains );
}
public function testDomains() { public function testDomains() {
$domains = require __DIR__ . '/../../domains.php'; $domains = require __DIR__ . '/../../domains.php';
$this->assertIsArray( $domains ); $this->assertIsArray( $domains );