summaryrefslogtreecommitdiff
path: root/src/tests/config (follow)
AgeCommit message (Collapse)Author
2018-01-17Bump a bit the coveragejvoisin
2018-01-17Bump a bit our coveragejvoisin
2018-01-12Add an ugly hack to our parser to make the writing of configuration rules ↵jvoisin
more obvious.
2018-01-10Rework the priority of bl/wl in evaljvoisin
2018-01-10Eval whitelistjvoisin
Implement whitelist in eval
2018-01-04Eval blacklistjvoisin
Add support for eval filtering, only blacklist for now
2018-01-04Bump a bit the coveragejvoisin
2018-01-03Handle correctly configuration files with Windows EOLjvoisin
Thanks to @fr33tux for the bug report ♥
2017-12-28Fix a non-working testjvoisin
2017-12-28Bump a bit the coveragejvoisin
2017-12-28Implement regexp support for cookies encryptionThibault "bui" Koechlin
It's now possible to encrypt cookies matching a specific regexp. This should close #106
2017-12-27Implement simulation mode for cookies (de/en)cryptionjvoisin
This should close #102 This commit can be useful for two use-cases: 1. When deploying Snuffleupagus on big CMS like Magento, and not knowing what cookies are modified via javascript. 2. When deploying Snuffleupagus on big websites: you don't want to disconnect every single user at once. When simulation is enabled, if the decryption fails, a log message is now issued, and the cookie value taken as it (since odds are that it's non-encrypted).
2017-12-21Add coverageslefevre
2017-12-21Add testslefevre
2017-12-21Remove the now useless `validate_str` functionxXx-caillou-xXx
2017-12-21Add testslefevre
2017-12-21Add some tests (#96)xXx-caillou-xXx
2017-12-21Add a constant-related testjvoisin
2017-12-20Better parsing of the rulesxXx-caillou-xXx
Thanks to this huge commit from @xXx-caillou-xXx, we can now write amazingly flexible rules.
2017-12-18Fix cookie encryptionxXx-caillou-xXx
Previously, when a cookie was set with the `httpOnly` flag, it was automatically encrypted, due to a logic flaw. This is now fixed and tested.
2017-12-05Dump environnement variables (#83)jvoisin
Apparently, PHP thinks that it's a great idea to type environnement variables, because why not.
2017-12-05Add two failing testsjvoisin
2017-12-04Fix the configuration parser wrt. non-matching bracketsjvoisin
This validation step is a bit idiotic, but we'll replace it with a proper parser anyway.
2017-12-01Add a test that used to segfaultjvoisin
2017-11-29Add new testsjvoisin
2017-11-29Add yet an other testjvoisin
2017-11-29Add even MOAR testsjvoisin
2017-11-29Add a test for `include`jvoisin
2017-11-29Implement eval hookingjvoisin
It's not possible to hook the `eval` builtin like other functions.
2017-11-24Implement anti csrf measuresxXx-caillou-xXx
This is done by using the "samesite" cookie attribute.
2017-11-06Add a failing testjvoisin
2017-11-0653 absolute path (#62)jvoisin
* Add error for relative path
2017-10-31Add a test to match on arrayjvoisin
2017-10-30Bump coverage and simplify some codejvoisin
2017-10-27Bump the coveragejvoisin
2017-10-27Improve a bit the coverage wrt. broken configurationsjvoisin
2017-10-24Bump coverage ♥jvoisin
2017-10-24Remove the `enable` member from the disable function structurejvoisin
Also add some more tests
2017-10-23Add a test for unmatched bracketsjvoisin
2017-10-23Implement the .line filterjvoisin
Close #48
2017-10-22Add a testcase, bumping the coveragejvoisin
2017-10-20Add a test to demonstrate the behaviour wrt. call_user_funcjvoisin
2017-10-20Add support for multiple files in sp.configuration_file directiveblotus
This should close (#45
2017-10-18Fix the testsjvoisin
2017-10-18extra testsbui
2017-10-18Implement match on arguments positionjvoisin
2017-10-17Add an expected failure for `eval` hookingjvoisin
2017-10-11s/disable_functions/disable_function/gjvoisin
This should close #36 and #30
2017-10-10.allow() is now working for requirejvoisin
2017-10-10Bump coverage, and fix a segfault on trace matchingjvoisin