UNPKG

is-website-vulnerable

Version:

finds publicly known security vulnerabilities in a website's frontend JavaScript libraries

github.com/lirantal/is-website-vulnerable

lirantal/is-website-vulnerable

121 lines (103 loc) 4.72 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
const { Utils } = require('../index') describe('Utils', () => { test('parseUrl function with no url', async () => { const url = undefined expect(Utils.parseUrl(url)).toEqual(undefined) }) test('parseUrl function with url given and without protocol', async () => { const url = 'google.com' expect(Utils.parseUrl(url)).toEqual('http://google.com') }) test('parseUrl function with url given and with protocol', async () => { const url = 'https://google.com' expect(Utils.parseUrl(url)).toEqual('https://google.com') }) test('trimUtmParams function with no url', async () => { const url = undefined expect(Utils.trimUtmParams(url)).toEqual(undefined) }) test('trimUtmParams function with url given with no utm query params', async () => { const url = 'https://google.com' expect(Utils.trimUtmParams(url)).toEqual(url) }) test('trimUtmParams function with url given with utm query params', async () => { const url = 'https://snyk.io/vuln/npm:jquery?lh=3.3.1&utm_source=lighthouse&utm_medium=ref&utm_campaign=audit' expect(Utils.trimUtmParams(url)).toEqual('https://snyk.io/vuln/npm:jquery?lh=3.3.1') }) test('trimUtmParams function with url given with utm query params in uppercase', async () => { const url = 'https://snyk.io/vuln/npm:jquery?lh=3.3.1&UTM_SOURCE=lighthouse&utm_medium=ref&UTM_CAMPAIGN=audit' expect(Utils.trimUtmParams(url)).toEqual('https://snyk.io/vuln/npm:jquery?lh=3.3.1') }) test('trimUtmParams function with url given with utm query params with custom UTM', async () => { const url = 'https://snyk.io/vuln/npm:jquery?lh=3.3.1&utm_something=123' expect(Utils.trimUtmParams(url)).toEqual('https://snyk.io/vuln/npm:jquery?lh=3.3.1') }) test('trimUtmParams function with url given with no utm query params but with other query params', async () => { const url = 'https://google.com?version=1&minor=5&source=github' expect(Utils.trimUtmParams(url)).toEqual(url) }) test('trimUtmParams function with url and auth given with no utm query params but with other query params', async () => { const url = 'https://user:pass@google.com?version=1&minor=5&source=github' expect(Utils.trimUtmParams(url)).toEqual(url) }) test('trimUtmParams function with hash given with no utm query params but with other query params', async () => { const url = 'https://user:pass@google.com?version=1&minor=5&source=github#hash' expect(Utils.trimUtmParams(url)).toEqual(url) }) test('parseDevice & hasDevice function with no device flag', async () => { const argv = {} const defaultDevice = '' expect(Utils.parseDevice(argv)).toEqual(defaultDevice) expect(Utils.hasDevice(argv)).toEqual(false) }) test('parseDevice & hasDevice with desktop flag', async () => { const argv = { desktop: true } const device = 'desktop' expect(Utils.parseDevice(argv)).toEqual(device) expect(Utils.hasDevice(argv)).toEqual(true) }) test('parseDevice & hasDevice with mobile flag', async () => { const argv = { mobile: true } const device = 'mobile' expect(Utils.parseDevice(argv)).toEqual(device) expect(Utils.hasDevice(argv)).toEqual(true) }) test('parseDevice & hasDevice with none flag', async () => { const argv = { none: true } const device = 'none' expect(Utils.parseDevice(argv)).toEqual(device) expect(Utils.hasDevice(argv)).toEqual(true) }) test('hasAuthentication & parseAuthentication with no flag', async () => { const argv = {} expect(Utils.parseAuthentication(argv)).toEqual({}) expect(Utils.hasAuthentication(argv)).toEqual(false) }) test('hasAuthentication & parseAuthentication with cookie flag', async () => { const argv = { cookie: 'This is the COOKIE content' } expect(Utils.parseAuthentication(argv)).toEqual({ Cookie: 'This is the COOKIE content' }) expect(Utils.hasAuthentication(argv)).toEqual(true) }) test('hasAuthentication & parseAuthentication with token flag', async () => { const argv = { token: 'This is the TOKEN content' } expect(Utils.parseAuthentication(argv)).toEqual({ Authorization: 'Bearer This is the TOKEN content' }) expect(Utils.hasAuthentication(argv)).toEqual(true) }) test('hasAuthentication & parseAuthentication with token and cookie flags', async () => { const argv = { cookie: 'This is the COOKIE content', token: 'This is the TOKEN content' } expect(Utils.parseAuthentication(argv)).toEqual({ Cookie: 'This is the COOKIE content', Authorization: 'Bearer This is the TOKEN content' }) expect(Utils.hasAuthentication(argv)).toEqual(true) }) })