status-im
/
status-react
mirror of https://github.com/status-im/status-react.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Webview security check 

Signed-off-by: Serhy <sergii@status.im>
This commit is contained in:
Serhy 2020-06-10 11:14:57 +03:00
parent a76a3acd9f
commit b7c065c1b7
No known key found for this signature in database
GPG Key ID: 5D7C4B9E2B6F500B
2 changed files with 42 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
test/appium/tests/atomic/dapps_and_browsing/test_browsing.py
View File

@ -3,6 +3,7 @@ from tests import marks, connection_not_secure_text, connection_is_secure_text,
from tests.base_test_case import SingleDeviceTestCase from tests.base_test_case import SingleDeviceTestCase
from views.sign_in_view import SignInView from views.sign_in_view import SignInView
from views.dapps_view import DappsView from views.dapps_view import DappsView
import time
@pytest.mark.all @pytest.mark.all
@ -75,6 +76,37 @@ class TestBrowsing(SingleDeviceTestCase):
daap_view = home_view.dapp_tab_button.click() daap_view = home_view.dapp_tab_button.click()
daap_view.open_url('https://www.cryptokitties.domainname').find_text_part('This site is blocked') daap_view.open_url('https://www.cryptokitties.domainname').find_text_part('This site is blocked')
@marks.testrail_id(6300)
@marks.medium
def test_webview_security(self):
home_view = SignInView(self.driver).create_user()
daap_view = home_view.dapp_tab_button.click()
browsing_view = daap_view.open_url('https://simpledapp.status.im/webviewtest/url-spoof-ssl.html')
browsing_view.url_edit_box_lock_icon.click()
if not browsing_view.element_by_text_part(connection_not_secure_text).is_element_displayed():
self.errors.append("Broken certificate displayed as secure connection \n")
browsing_view.cross_icon.click()
daap_view.open_url('https://simpledapp.status.im/webviewtest/webviewtest.html')
browsing_view.element_by_text_part('204').click()
if browsing_view.element_by_text_part('google.com').is_element_displayed():
self.errors.append("URL changed on attempt to redirect to no-content page \n")
browsing_view.cross_icon.click()
daap_view.open_url('https://simpledapp.status.im/webviewtest/url-blank.html')
if daap_view.edit_url_editbox.text == '':
self.errors.append("Blank URL value. Must show the actual URL \n")
browsing_view.cross_icon.click()
daap_view.open_url('https://simpledapp.status.im/webviewtest/port-timeout.html')
# wait up ~2.5 mins for port time out
if daap_view.find_text_part('example.com', 150):
self.errors.append("URL spoof due to port timeout \n")
self.errors.verify_no_errors()
@marks.testrail_id(5430) @marks.testrail_id(5430)
@marks.medium @marks.medium
def test_connection_is_not_secure(self): def test_connection_is_not_secure(self):

10
test/appium/views/dapps_view.py
View File

@ -23,6 +23,15 @@ class EnterUrlEditbox(BaseEditBox):
super(EnterUrlEditbox, self).__init__(driver) super(EnterUrlEditbox, self).__init__(driver)
self.locator = self.Locator.accessibility_id('dapp-url-input') self.locator = self.Locator.accessibility_id('dapp-url-input')
class EditUrlEditbox(BaseEditBox):
def __init__(self, driver):
super(EditUrlEditbox, self).__init__(driver)
self.locator = self.Locator.xpath_selector('(//android.widget.TextView)[1]')
@property
def text(self):
return self.find_element().text
class BrowserEntry(ChatElement): class BrowserEntry(ChatElement):
def __init__(self, driver, name): def __init__(self, driver, name):
@ -95,6 +104,7 @@ class DappsView(BaseView):
super(DappsView, self).__init__(driver) super(DappsView, self).__init__(driver)
self.enter_url_editbox = EnterUrlEditbox(self.driver) self.enter_url_editbox = EnterUrlEditbox(self.driver)
self.edit_url_editbox = EditUrlEditbox(self.driver)
self.discover_dapps_button = DiscoverDappsButton(self.driver) self.discover_dapps_button = DiscoverDappsButton(self.driver)
self.web_page = WebViewPageElement(self.driver) self.web_page = WebViewPageElement(self.driver)