7b6cd4d965
- Add validation rules for form fields with XSS protection - Create API error handler to parse and manage server validation errors - Integrate validation rules into contact and inquiries forms - Enhance error handling with user feedback for form submissions - Introduce unit tests for validation and error handling functionalities
122 lines
4.2 KiB
TypeScript
122 lines
4.2 KiB
TypeScript
import {
|
|
containsDangerousContent,
|
|
createFieldValidation,
|
|
createXSSValidator,
|
|
validationRules,
|
|
} from "../validation";
|
|
|
|
describe("Validation Functions", () => {
|
|
describe("containsDangerousContent", () => {
|
|
it("should detect script tags", () => {
|
|
expect(containsDangerousContent("<script>alert('XSS')</script>")).toBe(true);
|
|
expect(containsDangerousContent("<SCRIPT>alert('XSS')</SCRIPT>")).toBe(true);
|
|
});
|
|
|
|
it("should detect javascript: protocol", () => {
|
|
expect(containsDangerousContent("javascript:alert('XSS')")).toBe(true);
|
|
expect(containsDangerousContent("JAVASCRIPT:alert('XSS')")).toBe(true);
|
|
});
|
|
|
|
it("should detect event handlers", () => {
|
|
expect(containsDangerousContent("onclick=alert('XSS')")).toBe(true);
|
|
expect(containsDangerousContent("onerror=alert('XSS')")).toBe(true);
|
|
expect(containsDangerousContent("onload=alert('XSS')")).toBe(true);
|
|
});
|
|
|
|
it("should detect iframe tags", () => {
|
|
expect(containsDangerousContent("<iframe src='evil.com'>")).toBe(true);
|
|
});
|
|
|
|
it("should detect data: text/html", () => {
|
|
expect(containsDangerousContent("data: text/html,<script>")).toBe(true);
|
|
});
|
|
|
|
it("should return false for safe content", () => {
|
|
expect(containsDangerousContent("Hello World")).toBe(false);
|
|
expect(containsDangerousContent("john.doe@example.com")).toBe(false);
|
|
expect(containsDangerousContent("+1234567890")).toBe(false);
|
|
expect(containsDangerousContent("This is a normal message.")).toBe(false);
|
|
});
|
|
|
|
it("should handle empty or null input", () => {
|
|
expect(containsDangerousContent("")).toBe(false);
|
|
});
|
|
});
|
|
|
|
describe("createXSSValidator", () => {
|
|
it("should return error message for dangerous content", () => {
|
|
const validator = createXSSValidator("Full Name");
|
|
expect(validator("<script>alert('XSS')</script>")).toContain("Full Name");
|
|
expect(validator("<script>alert('XSS')</script>")).toContain("invalid");
|
|
});
|
|
|
|
it("should return true for safe content", () => {
|
|
const validator = createXSSValidator("Full Name");
|
|
expect(validator("John Doe")).toBe(true);
|
|
expect(validator("Jane Smith")).toBe(true);
|
|
});
|
|
});
|
|
|
|
describe("createFieldValidation", () => {
|
|
it("should create validation with XSS check", () => {
|
|
const validation = createFieldValidation("Email", true);
|
|
expect(validation).toHaveProperty("validate.noXSS");
|
|
expect(validation).toHaveProperty("required");
|
|
});
|
|
|
|
it("should include additional rules", () => {
|
|
const validation = createFieldValidation("Phone", false, {
|
|
pattern: { value: /^[+\d]+$/, message: "Invalid phone" },
|
|
});
|
|
expect(validation).toHaveProperty("pattern");
|
|
expect(validation).toHaveProperty("validate.noXSS");
|
|
});
|
|
});
|
|
|
|
describe("validationRules", () => {
|
|
describe("fullName rules", () => {
|
|
it("should have required validation", () => {
|
|
expect(validationRules.fullName.required.value).toBe(true);
|
|
});
|
|
|
|
it("should have min/max length", () => {
|
|
expect(validationRules.fullName.minLength.value).toBe(2);
|
|
expect(validationRules.fullName.maxLength.value).toBe(100);
|
|
});
|
|
|
|
it("should have XSS validation", () => {
|
|
expect(validationRules.fullName.validate.noXSS).toBeDefined();
|
|
});
|
|
});
|
|
|
|
describe("email rules", () => {
|
|
it("should have pattern validation", () => {
|
|
expect(validationRules.email.pattern.value).toBeDefined();
|
|
});
|
|
|
|
it("should have XSS validation", () => {
|
|
expect(validationRules.email.validate.noXSS).toBeDefined();
|
|
});
|
|
});
|
|
|
|
describe("phone rules", () => {
|
|
it("should have pattern validation for phone format", () => {
|
|
const pattern = validationRules.phone.pattern.value;
|
|
expect(pattern.test("+1234567890")).toBe(true);
|
|
expect(pattern.test("(123) 456-7890")).toBe(true);
|
|
expect(pattern.test("abc123")).toBe(false);
|
|
});
|
|
});
|
|
|
|
describe("message rules", () => {
|
|
it("should have XSS validation", () => {
|
|
expect(validationRules.message.validate.noXSS).toBeDefined();
|
|
});
|
|
|
|
it("should have max length of 1000", () => {
|
|
expect(validationRules.message.maxLength.value).toBe(1000);
|
|
});
|
|
});
|
|
});
|
|
});
|