WordPress.org
Get WordPress

Make WordPress Core

Ticket #31772: 31772-with-tests.patch

File 31772-with-tests.patch, 2.2 KB (added by BevanR, 11 years ago)

  • src/wp-admin/js/password-strength-meter.js

     
    1818                        if (password1 != password2 && password2 && password2.length > 0)
    1919                                return 5;
    2020
    21                         var result = zxcvbn( password1, blacklist );
     21                        // Analyze the strength of the first part of the password.  The 'zxcvbn' library takes a long time to analyse longer passwords.  This causes the browser UI to freeze.
     22                        // @todo Update zxcvbn once it analyzes long passwords quickly.
     23                        // @see https://github.com/dropbox/zxcvbn/issues/69
     24                        var result = zxcvbn( password1.substr(0, 128), blacklist );
    2225                        return result.score;
    2326                },
    2427

  • tests/qunit/wp-admin/js/password-strength-meter.js

     
    9898                ok( jQuery.inArray( 'WordPress', blacklist ) > -1, 'blacklist contains "WordPress" from page title' );
    9999                ok( jQuery.inArray( 'tests', blacklist ) > -1, 'blacklist contains "tests" from site URL' );
    100100        });
     101
     102  test( 'only the first part of really long passwords should be checked', function () {
     103    function strength(password) {
     104      return passwordStrength(password, [], password);
     105    }
     106
     107    function raw(password) {
     108      return zxcvbn(password).score;
     109    }
     110
     111    // passwordStrength()'s character limit.
     112    var threshold = 128;
     113
     114    // Create a long string of zero characters.
     115    var weak = new Array( 1 + threshold ).join('0');
     116
     117    // A password that is strong only after the threshold.
     118    var strong = ( weak + '1#2!aGcDeee' );
     119
     120    // Get WP's strength/score, for comparison.
     121    var score = strength( strong );
     122
     123    ok( score === strength( weak ), 'scores of really long passwords match, regardless of anything after the size limit' );
     124    ok( score === raw( weak ), 'Zxcvbn gives the same score as WP for the first part of a long password' );
     125    ok( score < raw( strong ), 'Zxcvbn gives a better score than WP for a password which is strong only after the size limit' );
     126  });
    101127});