Last active
January 25, 2022 19:02
-
-
Save JamoCA/df8436a55bdc64dfc9276b11fed68aae to your computer and use it in GitHub Desktop.
CFML Unit Tests for CFHTTP and BadSSL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
component | |
displayName="TestBox for BadSSL.com Tests" | |
labels ="coldfusion,cfml" | |
extends ="testbox.system.BaseSpec" { | |
/* | |
date: 3/31/2021 | |
gist: https://gist.github.com/JamoCA/df8436a55bdc64dfc9276b11fed68aae | |
blog: https://dev.to/gamesover/cfml-unit-tests-for-cfhttp-and-badssl-1lfa | |
*/ | |
function beforeTests(){} | |
function afterTests(){} | |
function setup(){} | |
function teardown(){} | |
function doHttp(string url) { | |
cfhttp(method="GET", charset="utf-8", url=arguments.url, result="local.result", redirect="no", getasbinary="never", timeout="5", throwonerror=false, useragent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4437.0 Safari/537.36 Edg/91.0.831.1"); | |
return local.result; | |
} | |
/************* Test Methods from https://badssl.com/ *************/ | |
function testexpire() { | |
local.result = doHttp("https://expired.badssl.com/"); | |
expect(local.result.errorDetail).toBeEmpty(); | |
} | |
function testwrong_host() { | |
local.result = doHttp("https://wrong.host.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testself_signed() { | |
local.result = doHttp("https://self-signed.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testuntrusted_root() { | |
local.result = doHttp("https://untrusted-root.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testrevoked() { | |
local.result = doHttp("https://revoked.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testpinning_test() { | |
local.result = doHttp("https://pinning-test.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testno_common_name() { | |
local.result = doHttp("https://no-common-name.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testno_subject() { | |
local.result = doHttp("https://no-subject.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testincomplete_chain() { | |
local.result = doHttp("https://incomplete-chain.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testreversed_chain() { | |
local.result = doHttp("https://reversed-chain.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testsha256() { | |
local.result = doHttp("https://sha256.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testsha384() { | |
local.result = doHttp("https://sha384.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testsha512() { | |
local.result = doHttp("https://sha512.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function test1000_sans() { | |
local.result = doHttp("https://1000-sans.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function test10000_sans() { | |
local.result = doHttp("https://10000-sans.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testecc256() { | |
local.result = doHttp("https://ecc256.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testecc384() { | |
local.result = doHttp("https://ecc384.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testersa2048() { | |
local.result = doHttp("https://rsa2048.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testersa4096() { | |
local.result = doHttp("https://rsa4096.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testrsa8192() { | |
local.result = doHttp("https://rsa8192.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testextended_validation() { | |
local.result = doHttp("https://extended-validation.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testclient() { | |
local.result = doHttp("https://client.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testclient_cert_missing() { | |
local.result = doHttp("https://client-cert-missing.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testmixed_script() { | |
local.result = doHttp("https://mixed-script.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testvery() { | |
local.result = doHttp("https://very.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testcbc() { | |
local.result = doHttp("https://cbc.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testrc4_md5() { | |
local.result = doHttp("https://rc4-md5.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testrc4() { | |
local.result = doHttp("https://rc4.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function test3des() { | |
local.result = doHttp("https://3des.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testnull() { | |
local.result = doHttp("https://null.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testmozilla_old() { | |
local.result = doHttp("https://mozilla-old.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testmozilla_intermediate() { | |
local.result = doHttp("https://mozilla-intermediate.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testmozilla_modern() { | |
local.result = doHttp("https://mozilla-modern.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testdh480() { | |
local.result = doHttp("https://dh480.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testdh512() { | |
local.result = doHttp("https://dh512.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testdh1024() { | |
local.result = doHttp("https://dh1024.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testdh2048() { | |
local.result = doHttp("https://dh2048.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testdh_small_subgroup() { | |
local.result = doHttp("https://dh-small-subgroup.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testdh_composite() { | |
local.result = doHttp("https://dh-composite.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function teststatic_rsa() { | |
local.result = doHttp("https://static-rsa.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testtls_v1_0() { | |
local.result = doHttp("https://tls-v1-0.badssl.com:1010/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testtls_v1_1() { | |
local.result = doHttp("https://tls-v1-1.badssl.com:1011/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testtls_v1_2() { | |
local.result = doHttp("https://tls-v1-2.badssl.com:1012/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testtls_v1_3() { | |
// local.result = doHttp("https://tls13.1d.pw/"); | |
local.result = doHttp("https://tls13.akamai.io/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testtls_v1_3_AdobeForums() skip=true { | |
local.result = doHttp("https://www.xpressreg.net/services/XpressWebRegService/CDSBridgeLite.asmx"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testno_sct() { | |
local.result = doHttp("https://no-sct.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testhsts() { | |
local.result = doHttp("https://hsts.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testupgrade() { | |
local.result = doHttp("https://upgrade.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testpreloaded_hsts() { | |
local.result = doHttp("https://preloaded-hsts.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testsubdomain_preloaded_hsts() { | |
local.result = doHttp("https://subdomain.preloaded-hsts.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testhttps_everywhere() { | |
local.result = doHttp("https://https-everywhere.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testlong_extended_subdomain_name_containing_many_letters_and_dashes() { | |
local.result = doHttp("https://long-extended-subdomain-name-containing-many-letters-and-dashes.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testlongextendedsubdomainnamewithoutdashesinordertotestwordwrapping() { | |
local.result = doHttp("https://longextendedsubdomainnamewithoutdashesinordertotestwordwrapping.badssl.com/"); | |
$assert.isEqual("", local.result.errorDetail); | |
} | |
function testsuperfish() { | |
local.result = doHttp("https://superfish.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testedellroot() { | |
local.result = doHttp("https://edellroot.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testdsdtestprovider() { | |
local.result = doHttp("https://dsdtestprovider.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testpreact_cli() { | |
local.result = doHttp("https://preact-cli.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testwebpack_dev_server() { | |
local.result = doHttp("https://webpack-dev-server.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testcaptive_portal() { | |
local.result = doHttp("https://captive-portal.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testmitm_software() { | |
local.result = doHttp("https://mitm-software.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testsha1_2016() { | |
local.result = doHttp("https://sha1-2016.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testsha1_2017() { | |
local.result = doHttp("https://sha1-2017.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
function testsha1_intermediate() { | |
local.result = doHttp("https://sha1-intermediate.badssl.com/"); | |
$assert.includes(local.result.errorDetail, "Usage constraint TLSServer check failed"); | |
} | |
function testinvalid_expected_sct() { | |
local.result = doHttp("https://invalid-expected-sct.badssl.com/"); | |
$assert.isNotEqual("", local.result.errorDetail); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment