Litmus has a white box test suite adapted from Bugzilla that helps to catch some common mistakes, including compile-time errors, improper and unsafe use of the system() and exec() functions (the security hole in Bugzilla that led to a compromise of apache.org), the use of tabs in code files, syntax and compile errors in templates, and missing FILTER directives in template files.
Developers should generally ensure that the tests pass prior to checking in code.
Running the testsTo run the test suite, just run the
runtests.plscript. Alternatively, a
make testwill also achieve the same result. The test scripts (located in litmus/t/) will run and the testing harness will produce a report of any failures. For more detail, pass the --verbose switch:
runtests.pl --verboseto get a report of all test passes and failures. To save time and run only one specific test, give the test name or number as an argument to
runtests.plFor instance, to run just the template filter test (005filter.t), run
The Template Filter TestThe template filter test (005filter.t) ensures that all variables used have been filtered to prevent cross-site scripting attacks. In some cases, this test may fail when unfiltered variables are known to be safe. In this situation, you can use the 'none' pseudofilter to silence the test failure:
[% foo FILTER none %]or, if the variable is used often, add it to the filterexceptions.pl file located at /templates/en/default/filterexceptions.pl. See this file for details on format.
Zachlipton 12:05, 15 Nov 2005 (PST)