updated documentation
authorbhill2
Wed, 22 May 2013 17:54:13 -0700
changeset 106 435e0ad1f8c2
parent 105 aebb31d9819d
child 107 5d98c061676e
updated documentation
vm/index.html
--- a/vm/index.html	Wed May 22 17:19:14 2013 -0700
+++ b/vm/index.html	Wed May 22 17:54:13 2013 -0700
@@ -21,7 +21,7 @@
 
 <p>This is a virtual machine to help develop tests for the WebAppSec WG's
 specs. If you're not viewing this in the VM, you can get a copy here: <a
-href="about:blank">link</a>. It is an Ubuntu system that runs in <a
+href="https://dl.dropboxusercontent.com/u/76057758/WebAppSecTestVM.tar.bz2">https://dl.dropboxusercontent.com/u/76057758/WebAppSecTestVM.tar.bz2</a>. It is an Ubuntu system that runs in <a
 href="https://www.virtualbox.org/">Oracle VirtualBox.</a> The
 username/passwword is webappsec/webappsec.</p>
 
@@ -96,6 +96,15 @@
   </li>
 </ul>
 
+<h2>Writing tests with the W3C testharness.js framework</h2>
+
+<p>There's a kind of old and out-of-date presentation from our first test jam available at: <a href="https://dl.dropboxusercontent.com/u/76057758/WebAppSec%20Test%20Jam.pdf">https://dl.dropboxusercontent.com/u/76057758/WebAppSec%20Test%20Jam.pdf</a><p>
+
+<p>The best places to look for example test cases to copy are in /var/www/webappsec/tests/cors/submitted/opera/ (for CORS) and /var/www/webappsec/tests/csp/submitted/WG/ (for CSP)</p>
+
+<p>Test the Web Forward also provides some good introductory material for writing test cases in the W3C framework here <a href="http://testthewebforward.org/#resources">http://testthewebforward.org/#resources</a>.</p>
+
+
 <h2>Working with the test repositories:</h2>
 
 <h3>Mercurial (Hg):</h3>
@@ -145,95 +154,3 @@
 </body>
 </body>
 </html>
-
-
-<html>
-<head>
-  <meta http-equiv="content-type" content="text/html; charset=UTF-8">
-  <title>webappsec vm welcome - jsFiddle demo</title>
-  
-  <script type='text/javascript' src='/js/lib/dummy.js'></script>
-  
-  
-  
-  <link rel="stylesheet" type="text/css" href="/css/result-light.css">
-  
-  <style type='text/css'>
-    
-  </style>
-  
-
-
-<script type='text/javascript'>//<![CDATA[ 
-window.onload=function(){
-
-}//]]>  
-
-</script>
-
-
-</head>
-<body>
-  <body>
-    <h1>Welcome to the WebAppSec WG Test VM</h1>
-
-    <p>This is a virtual machine to help develop tests for the WebAppSec WG's specs.  If you're not viewing this in the VM, you can get a copy here: <a href="about:blank">link</a>.  It is an Ubuntu system that runs in <a href="https://www.virtualbox.org/">Oracle VirtualBox.</a> The username/passwword is webappsec/webappsec.</p>
-
-     <p> Go to the <a href="http://w3c-test.org/webappsec/tests/testRunner/">Test Runner</a>.</p>
-
-    <h2>Why use this VM?</h2>
-    <p>Many W3C recommendations can be tested in a purely browser enviornment.  Lucky them.  If your spec has dependencies on the Same Origin Policy, does server side work, cross-origin work, or depends on HTTP headers, you probably need a server.</p>
-        
-    <p>This VM attempts to duplicate the production environment the W3C deploys at www.w3c-test.org so we can rapidly develop tests that you can be confident will still work once you check them in and execute them on the standard infrastructure.<p>
-
-        <h2>What is here?</h2>
-        <p>An Apache2 installation.
-        <ul>
-            <li>Listening on:</li>
-            <ul>
-                <li>HTTP ports 80, 81, 82, 83, 88</li>
-                <li>HTTPS port 443</li>
-            </ul>
-            <li>For the names:</li>
-            <ul>
-                <li>w3c-test.org</li>
-                <li>www.w3c-test.org</li>
-                <li>www1.w3c-test.org</li>
-                <li>www2.w3c-test.org</li>
-                <li>www3.w3c-test.org</li>
-            </ul>
-        </ul>
-            
-        </p>
-        <p>The web root is in /var/www.  Under this are included:
-            <ul>
-                <li>The W3C test framework under [webroot]/resources and [webroot]/testframework</li>
-                <li>The WebAppSec Mercurial repository under [webroot]/webappsec</li>
-            </ul>
-        </p>
-
-        <p>The VM also includes installs of Opera Next, Chrome Beta and Firefox Aurora for local testing.  The web server does bind to the "public" IPs for the VM, so you can also test against it using a browser on your host machine.  To do so:</p>
-    <ul>
-        <li>Set the VM network adapter to be NAT or host-only.  (the root user/pass are public information, so don't put this VM directly on the Internet!)</li>
-        <li>In the VM, run <code>$sudo ifconfig</code> to get the machine's IP address.</li>
-        <li>Configure your host OS's /etc/hosts or eqiuvalent to resolve the names listed above to the VM's IP.</li>
-        <ul>
-            <li><i>Remember to undo this when you want to test against the real server again!</i></li>
-        </ul>
-        <li>Grab the end-entity certificate from <code>/etc/ssl/certificates/stardotw3cdashtestdotorg.cer</code> or the root certificate from the VM in <code>/home/webappsec/cybervillainsCA.cer</code> and install it as a trusted root CA in your test browser for https tests.</li>
-        <ul>
-            <li><i>Note: I destroyed the private key for this certificate authority after issuing the single certificate for this VM, but you still might not want to do this except on a test machine.</i>
-             </li>
-    	</ul>
-    </ul>
-
-        <h2>Still confused? Help with this documentation.</h2>
-	<p>This file lives in <a href="https://dvcs.w3.org/hg/webappsec/vm">https://dvcs.w3.org/hg/webappsec/vm</a>.  Please update and add to it to help others. 
-        </p>
-  
-</body>
-
-
-</html>
-
-