Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | More improvements to test01.tcl. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
cea1360863e74a038f4d3926bd2239e2 |
User & Date: | drh 2018-02-08 12:31:45.419 |
Context
2018-02-10
| ||
20:21 | Add an edit function to the shopping list application. (check-in: 43323e55a9 user: drh tags: trunk) | |
2018-02-08
| ||
12:31 | More improvements to test01.tcl. (check-in: cea1360863 user: drh tags: trunk) | |
12:15 | Typos from Andreas. Added the file-upload test to test01.tcl. (check-in: e17c170f16 user: drh tags: trunk) | |
Changes
Changes to tests/test01.tcl.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | # Invoke as "tclsh test01.tcl" and then surf the website that pops up # to verify the logic in wapp. # if {[catch {package require wapp}]} { source [file dir [file dir [info script]]]/wapp.tcl } proc wapp-default {} { global wapp set B [wapp-param BASE_URL] set R [wapp-param SCRIPT_NAME] wapp-cache-control max-age=15 wapp "<h1>Hello, World!</h1>\n" wapp "<ol>" wapp-unsafe "<li><p><a href='$R/env'>Wapp Environment</a></p>\n" wapp-subst {<li><p><a href='env2'>Environment using wapp-debug-env</a>\n} | > > | | | | | | | | | | > > > > | > | | | < | | | | | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 | #!/usr/bin/wapptclsh # # Invoke as "tclsh test01.tcl" and then surf the website that pops up # to verify the logic in wapp. # if {[catch {package require wapp}]} { source [file dir [file dir [info script]]]/wapp.tcl } proc wapp-default {} { global wapp set B [wapp-param BASE_URL] set R [wapp-param SCRIPT_NAME] wapp-cache-control max-age=15 wapp "<h1>Hello, World!</h1>\n" wapp "<ol>" wapp-unsafe "<li><p><a href='$R/env'>Wapp Environment</a></p>\n" wapp-subst {<li><p><a href='env2'>Environment using wapp-debug-env</a>\n} wapp-subst {<li><p><a href='%url($B)/fullenv'>Full Environment</a>\n} set crazy [lsort [wapp-param-list]] wapp-subst {<li><p><a href='%url($B)/env?keys=%url($crazy)'>} wapp "Environment with crazy URL</a>\n" wapp-trim { <li><p><a href='%url($B)/lint'>Lint</a> <li><p><a href='%url($B)/errorout'>Deliberate error</a> <li><p><a href='%url($B)/encodings'>Encoding checks</a> <li><p><a href='%url($B)/redirect'>Redirect to env</a> <li><p><a href='%url($B)/globals'>TCL global variables</a> <li><p><a href='%url($B)/csptest'>Content Security Policy</a> <li><p><a href='%url($B)/fileupload'>File Upload Using multipart/form-data</a> <li><p><a href='%url($B)/self'>The source code to this script</a> } set x "%string(...)" set v abc'def\"ghi\\jkl wapp-subst {<li>%html($x) substitution test: "%string($v)"\n} wapp "</ol>" if {[wapp-param-exists showenv]} { wapp-page-env } wapp-trim { <p>The creator of Wapp:<br> <img src="%url($R/drh.jpg)"> } } proc wapp-page-redirect {} { wapp-redirect env } proc wapp-page-globals {} { wapp-trim { <h1>TCL Global Variables</h1> <ul> } foreach vname [lsort [uplevel #0 info vars]] { set val ??? catch {set val [set ::$vname]} set len [string length $val] if {$len>100} { wapp-subst {<li>%html($vname) = <i>... %html($len) byte string...</i>\n} } else { wapp-subst {<li>%html($vname = [list $val])</li>\n} } } } proc wapp-page-env2 {} { wapp-allow-xorigin-params wapp-trim { <h1>Wapp Environment using wapp-debug-env</h1> <p>This page uses wapp-allow-xorigin-params so that new query parameters may be added manually to the URL.</p> <pre>%html([wapp-debug-env])</pre> } } proc wapp-page-env {} { global wapp wapp-set-cookie env-cookie simple wapp "<h1>Wapp Environment</h1>\n" wapp-unsafe "<form method='GET' action='[wapp-param SELF_URL]'>\n" wapp "<input type='checkbox' name='showhdr'" if {[wapp-param-exists showhdr]} { wapp " checked" } wapp "> Show Header\n" wapp "<input type='submit' value='Go'>\n" wapp "</form>" wapp "<pre>\n" foreach var [lsort [wapp-param-list]] { if {[string index $var 0]=="." && ($var!=".header" || ![wapp-param-exists showhdr])} continue wapp-subst {%html($var) = %html([list [wapp-param $var]])\n} } wapp "</pre>" wapp-unsafe "<p><a href='[wapp-param BASE_URL]/'>Home</a></p>\n" } proc wapp-page-fullenv {} { wapp-set-cookie env-cookie full wapp "<h1>Wapp Full Environment</h1>\n" wapp-unsafe "<form method='POST' action='[wapp-param SELF_URL]'>\n" wapp "<input type='checkbox' name='var1'" if {[wapp-param-exists showhdr]} { wapp " checked" } # Deliberately unsafe calls to wapp-subst and wapp-trim, added here # to test wapp-safety-check # wapp-subst "> Var1\n" wapp-trim "<input type='submit' name='s1' value='Go'>\n" wapp "<input type='hidden' name='hidden-parameter-1' " wapp "value='the long value / of ?$ hidden-1..<hi>'>\n" wapp "</form>" wapp "<pre>\n" foreach var [lsort [wapp-param-list]] { if {$var==".reply"} continue wapp-subst {%html($var) = %html([list [wapp-param $var]])\n\n} } wapp "</pre>" wapp-subst {<p><a href='%html([wapp-param BASE_URL])/'>Home</a></p>\n} } proc wapp-page-lint {} { wapp "<h1>Potental Cross-Site Injection Vulerabilities In This App</h1>\n" set res [wapp-safety-check] if {$res==""} { wapp "<p>No problems found.</p>\n" } else { |
︙ | ︙ |