From 7cbe3af92777f4692e318d4d6775c8fa77f5878a Mon Sep 17 00:00:00 2001 From: Godmar Back Date: Mon, 3 Aug 2020 23:33:16 -0400 Subject: [PATCH] updates for summer 2020 this update adds the unit tests as part of the student distribution --- install-dependencies.sh | 4 +- src/Makefile | 2 +- src/http.c | 5 +- src/main.c | 33 +- src/main.h | 9 + src/socket.c | 3 +- tests/build.sh | 4 + tests/getaddrinfo.c | 102 + tests/server_unit_test_pserv.py | 2067 ++++++++++++++++++++ tests/test_root_data/css/jquery-ui.min.css | 7 + tests/test_root_data/index.html | 11 + tests/test_root_data/js/jquery.min.js | 3 + tests/test_root_data/private/secure.html | 10 + tests/test_root_data/public/index.html | 10 + 14 files changed, 2256 insertions(+), 14 deletions(-) create mode 100644 src/main.h create mode 100755 tests/build.sh create mode 100644 tests/getaddrinfo.c create mode 100755 tests/server_unit_test_pserv.py create mode 100755 tests/test_root_data/css/jquery-ui.min.css create mode 100755 tests/test_root_data/index.html create mode 100755 tests/test_root_data/js/jquery.min.js create mode 100755 tests/test_root_data/private/secure.html create mode 100755 tests/test_root_data/public/index.html diff --git a/install-dependencies.sh b/install-dependencies.sh index 18e9adc..bb00954 100644 --- a/install-dependencies.sh +++ b/install-dependencies.sh @@ -14,12 +14,12 @@ git clone https://github.com/akheron/jansson.git (cd jansson; autoreconf -fi; ./configure --prefix=${BASE}/deps; - make install + make -j 40 install ) git clone https://git@github.com/benmcollins/libjwt.git (cd libjwt; autoreconf -fi; env PKG_CONFIG_PATH=../deps/lib/pkgconfig:${PKG_CONFIG_PATH} ./configure --prefix=${BASE}/deps; - make install + make -j 40 install ) diff --git a/src/Makefile b/src/Makefile index 49c73f8..aaabd84 100644 --- a/src/Makefile +++ b/src/Makefile @@ -2,7 +2,7 @@ DEP_BASE_DIR=../deps DEP_INCLUDE_DIR=$(DEP_BASE_DIR)/include DEP_LIB_DIR=$(abspath $(DEP_BASE_DIR)/lib) -CFLAGS=-g -O2 -pthread -std=gnu11 -Wall -Werror -Wmissing-prototypes -I$(DEP_INCLUDE_DIR) +CFLAGS=-g -O2 -pthread -Wall -Werror -Wmissing-prototypes -I$(DEP_INCLUDE_DIR) # include lib directory into runtime path to facilitate dynamic linking LDFLAGS=-pthread -Wl,-rpath -Wl,$(DEP_LIB_DIR) diff --git a/src/http.c b/src/http.c index d0b687a..1560d56 100644 --- a/src/http.c +++ b/src/http.c @@ -24,15 +24,13 @@ #include "hexdump.h" #include "socket.h" #include "bufio.h" +#include "main.h" // Need macros here because of the sizeof #define CRLF "\r\n" #define STARTS_WITH(field_name, header) \ (!strncasecmp(field_name, header, sizeof(header) - 1)) -char * server_root; // root from which static files are served - - /* Parse HTTP request line, setting req_method, req_path, and req_version. */ static bool http_parse_request(struct http_transaction *ta) @@ -227,6 +225,7 @@ send_error(struct http_transaction * ta, enum http_response_status status, const ta->resp_body.len += len > MAX_ERROR_LEN ? MAX_ERROR_LEN - 1 : len; va_end(ap); ta->resp_status = status; + http_add_header(&ta->resp_headers, "Content-Type", "text/plain"); return send_response(ta); } diff --git a/src/main.c b/src/main.c index bf43535..f07b17a 100644 --- a/src/main.c +++ b/src/main.c @@ -8,21 +8,31 @@ #include #include #include +#include #include "buffer.h" #include "hexdump.h" #include "http.h" #include "socket.h" #include "bufio.h" -#include "globals.h" +#include "main.h" /* Implement HTML5 fallback. - * This means that if a non-API path refers to a file and that - * file is not found or is a directory, return /index.html - * instead. Otherwise, return the file. + * If HTML5 fallback is implemented and activated, the server should + * treat requests to non-API paths specially. + * If the requested file is not found, the server will serve /index.html + * instead; that is, it should treat the request as if it + * had been for /index.html instead. */ bool html5_fallback = false; + +// silent_mode. During benchmarking, this will be true bool silent_mode = false; -int token_expiration_time = 24 * 60 * 60; // default token expiration time is 1 day + +// default token expiration time is 1 day +int token_expiration_time = 24 * 60 * 60; + +// root from which static files are served +char * server_root; /* * A non-concurrent, iterative server that serves one client at a time. @@ -31,7 +41,7 @@ int token_expiration_time = 24 * 60 * 60; // default token expiration time is static void server_loop(char *port_string) { - int accepting_socket = socket_open_bind_listen(port_string, 1024); + int accepting_socket = socket_open_bind_listen(port_string, 10000); while (accepting_socket != -1) { fprintf(stderr, "Waiting for client...\n"); int client_socket = socket_accept_client(accepting_socket); @@ -48,7 +58,7 @@ server_loop(char *port_string) static void usage(char * av0) { - fprintf(stderr, "Usage: %s [-p port] [-R rootdir] [-h] [-e seconds]\n" + fprintf(stderr, "Usage: %s -p port [-R rootdir] [-h] [-e seconds]\n" " -p port port number to bind to\n" " -R rootdir root directory from which to serve files\n" " -e seconds expiration time for tokens in seconds\n" @@ -91,6 +101,15 @@ main(int ac, char *av[]) } } + if (port_string == NULL) + usage(av[0]); + + /* We ignore SIGPIPE to prevent the process from terminating when it tries + * to send data to a connection that the client already closed. + * This may happen, in particular, in bufio_sendfile. + */ + signal(SIGPIPE, SIG_IGN); + fprintf(stderr, "Using port %s\n", port_string); server_loop(port_string); exit(EXIT_SUCCESS); diff --git a/src/main.h b/src/main.h new file mode 100644 index 0000000..5483702 --- /dev/null +++ b/src/main.h @@ -0,0 +1,9 @@ +/* + * Declarations of various global variables. + */ +#include + +extern char *server_root; +extern bool silent_mode; +extern int token_expiration_time; +extern bool html5_fallback; diff --git a/src/socket.c b/src/socket.c index 36775df..c371d98 100644 --- a/src/socket.c +++ b/src/socket.c @@ -18,11 +18,12 @@ #include #include #include +#include #include #include #include "socket.h" -#include "globals.h" +#include "main.h" /* * Find a suitable IPv4 address to bind to, create a socket, bind it, diff --git a/tests/build.sh b/tests/build.sh new file mode 100755 index 0000000..b180173 --- /dev/null +++ b/tests/build.sh @@ -0,0 +1,4 @@ +# build the getaddrinfo preloaded library to test IPv4/IPv6 scenarios +gcc -fPIC -Wall -c getaddrinfo.c +gcc -shared -o getaddrinfo.so.1.0.1 getaddrinfo.o -ldl + diff --git a/tests/getaddrinfo.c b/tests/getaddrinfo.c new file mode 100644 index 0000000..166a6f3 --- /dev/null +++ b/tests/getaddrinfo.c @@ -0,0 +1,102 @@ +/* + * Intercept getaddrinfo to simulate IPv4-only, IPv6-only, and + * environment in which addresses are returned in a different order. + * + * Written for CS 3214 Virginia Tech, Spring 2018. + * + * Godmar Back + */ +#include +#include +#include +#include +#include +#include +#include +#define __USE_GNU 1 /* for RTLD_NEXT */ +#include + +static int (*real_getaddrinfo)(const char *node, + const char *service, + const struct addrinfo *hints, + struct addrinfo **res); + +static void (*real_freeaddrinfo)(struct addrinfo *res); + +static void +init() +{ + static int inited; + + if (inited++ > 0) { + return; + } + + real_getaddrinfo = dlsym(RTLD_NEXT, "getaddrinfo"); + if (!real_getaddrinfo) { + printf("error in dlsym getaddrinfo %s\n", dlerror()); + exit(-1); + } + + real_freeaddrinfo = dlsym(RTLD_NEXT, "freeaddrinfo"); + if (!real_freeaddrinfo) { + printf("error in dlsym freeaddrinfo %s\n", dlerror()); + exit(-1); + } +} + +int getaddrinfo( + const char *node, + const char *service, + const struct addrinfo *hints, + struct addrinfo **res) +{ + init(); + + struct addrinfo * reallist; + int rc = real_getaddrinfo(node, service, hints, &reallist); + if (rc != 0) + return rc; + + int skipipv4 = getenv("SKIPIPV4") != NULL; + int skipipv6 = getenv("SKIPIPV6") != NULL; + int reverse = getenv("REVERSEIPADDR") != NULL; + if (reverse) { + struct addrinfo * rp = reallist; + struct addrinfo * last = NULL; + while (rp != NULL) { + struct addrinfo * next = rp->ai_next; + rp->ai_next = last; + last = rp; + rp = next; + } + *res = last; + } else if (skipipv4 || skipipv6) { + struct addrinfo * rp, ** last = &reallist; + for (rp = reallist; rp != NULL; ) { + if ((skipipv4 && rp->ai_family == AF_INET) || (skipipv6 && rp->ai_family == AF_INET6)) { + // skip and free + (*last) = rp->ai_next; + struct addrinfo * old = rp; + rp = rp->ai_next; + old->ai_next = NULL; + real_freeaddrinfo(old); + } else { + // include + last = &rp->ai_next; + rp = rp->ai_next; + } + } + *res = reallist; + } else { + *res = reallist; + } + + return rc; +} + +void freeaddrinfo(struct addrinfo *res) +{ + init(); + real_freeaddrinfo(res); +} diff --git a/tests/server_unit_test_pserv.py b/tests/server_unit_test_pserv.py new file mode 100755 index 0000000..c034672 --- /dev/null +++ b/tests/server_unit_test_pserv.py @@ -0,0 +1,2067 @@ +#!/usr/bin/env python3 +# +# The purpose of this class is to drive unit tests against a server that +# handles requests for system statistics. Unit tests will cover a number +# of areas, described as the following suites of tests: +# +# 1. Correctness for good requests +# 2. Correctness for expectable bad requests +# 3. Malicious request handling +# +# + +import atexit, base64, errno, getopt, json, multiprocessing, os +import random, requests, signal, socket, struct, string, subprocess +import sys, time, traceback, unittest, re + +from datetime import datetime +from fractions import Fraction as F +from multiprocessing.dummy import Pool as ThreadPool +from socket import error as SocketError + +from http.client import OK, NOT_FOUND, FORBIDDEN, METHOD_NOT_ALLOWED, NOT_IMPLEMENTED, HTTPConnection +random.seed(42) + +script_dir = "/".join(__file__.split("/")[:-1]) +if script_dir == "": + script_dir = "." +script_dir = os.path.realpath(script_dir) + +def encode(s): + return s.encode('utf-8') + +def get_socket_connection(hostname, port): + """ + Connect to a server at hostname on the supplied port, and return the socket + connection to the server. + """ + for res in socket.getaddrinfo(hostname, port, socket.AF_UNSPEC, socket.SOCK_STREAM): + family, sockettype, protocol, canonname, socketaddress = res + try: + sock = socket.socket(family, sockettype, protocol) + sock.settimeout(10) + # avoid TCP listen overflows when making back-to-back requests + sock.setsockopt(socket.SOL_SOCKET, socket.SO_LINGER, struct.pack('ii', 1, 1)) + + except socket.error as msg: + sock = None + continue + + try: + sock.connect(socketaddress) + except socket.error as msg: + sock.close() + sock = None + continue + + break + + if sock is None: + raise ValueError('The script was unable to open a socket to the server') + else: + return sock + + +def run_connection_check_loadavg(http_conn, hostname): + """ + Run a check of the connection for validity, using a well-formed + request for /loadavg and checking it after receiving it. + """ + + # GET request for the object /loadavg + http_conn.request("GET", "/loadavg", headers={"Host": hostname}) + + # Get the server's response + server_response = http_conn.getresponse() + + # Check the response status code + assert server_response.status == OK, "Server failed to respond" + + # Check the data included in the server's response + assert check_loadavg_response(server_response.read().decode('utf-8')), \ + "loadavg check failed" + + +def run_connection_check_empty_login(http_conn, hostname): + """ + Run a check of the connection for validity, using a well-formed + request for /api/login and checking it after receiving it. + """ + + # GET request for the object /api/login + http_conn.request("GET", "/api/login", headers={"Host": hostname}) + + # Get the server's response + server_response = http_conn.getresponse() + + # Check the response status code + assert server_response.status == OK, "Server failed to respond" + + # Check the data included in the server's response + assert check_empty_login_respnse(server_response.read().decode('utf-8')), \ + "empty login check failed" + +def run_404_check(http_conn, obj, hostname): + """ + Checks that the server properly generates a 404 status message when + requesting a non-existent URL object. + """ + + # GET request for the object /loadavg + http_conn.request("GET", obj, headers={"Host": hostname}) + + # Get the server's response + server_response = http_conn.getresponse() + + # Check the response status code + assert server_response.status == NOT_FOUND, \ + "Server failed to respond with a 404 status for obj=" + obj + ", gave response: " + str(server_response.status) + server_response.read() + + +def run_query_check(http_conn, request, req_object, callback, hostname): + """ + Checks that the server properly processes the query string passed to it. + """ + + http_conn.request("GET", request, headers={"Host": hostname}) + server_response = http_conn.getresponse() + assert server_response.status == OK, "Server failed to respond" + + if callback is None: + if req_object == "loadavg": + assert check_loadavg_response(server_response.read().decode('utf-8')), \ + "loadavg check failed" + else: + assert check_meminfo_response(server_response.read().decode('utf-8')), \ + "meminfo check failed" + else: + assert check_callback_response(server_response.read().decode('utf-8'), + callback, req_object), "callback check failed" + + +def run_method_check(http_conn, method, hostname): + """ + Check that the unsupported method supplied has either a NOT IMPLEMENTED + or METHOD NOT ALLOWED response from the server. + """ + + http_conn.request(method, "/api/login", headers={"Host": hostname}) + server_response = http_conn.getresponse() + assert (server_response.status == METHOD_NOT_ALLOWED or + server_response.status == NOT_IMPLEMENTED), \ + "Server failed to respond with the METHOD NOT ALLOWED or \ + NOT IMPLEMENTED status for method: " + method + " response was: " \ + + str(server_response.status) + server_response.read() + + +def print_response(response): + """Print the response line by line as returned by the server. the response + variable is simply the server_response.read(), and this function prints out + each line of the output. Most helpful for printing an actual web page. """ + + lines = response.split("\n") + for line in lines: + print(line.strip()) + + +def check_loadavg_response(response): + """Check that the response to a loadavg request generated the correctly + formatted output. Returns true if it executes properly, throws an + AssertionError if it does not execute properly or another error if json + is unable to decode the response.""" + + try: + data = json.loads(response.strip()) + except ValueError as msg: + raise AssertionError("Invalid JSON object. Received: " + response) + + assert len(data) == 3, "Improper number of data items returned" + + assert 'total_threads' in data, "total_threads element missing" + assert 'loadavg' in data, "loadavg element missing" + assert 'running_threads' in data, "running_threads element missing" + + assert len(data['loadavg']) == 3, 'Improper number of data items in \ + loadavg' + + return True + + +def check_meminfo_response(response): + """Check that the response to a meminfo request generated the correctly + formatted output. Returns true if it executes properly, throws an + AssertionError if it does not execute properly or another error if json + is unable to decode the response.""" + + try: + data = json.loads(response.strip()) + except ValueError as msg: + raise AssertionError("Invalid JSON object. Received: " + response) + + for line in open("/proc/meminfo"): + entry = re.split(":?\s+", line) + assert entry[0] in data, entry[0] + " key is missing" + + try: + int(data[entry[0]]) + except (TypeError, ValueError): + raise AssertionError("a non-integer was passed to meminfo") + + return True + + +def check_callback_response(response, callback, req_obj): + """Check that the response to a req_obj request with callback function + callback generated the correctly formatted output. Returns true if it + executes properly, throws an AssertionError if it does not execute properly + or another error if json is unable to decode the response.""" + callback.replace(' ', '') + response.replace(' ', '') + assert response[0:len(callback) + 1] == callback + "(", 'callback incorrect, was: ' + response[0:len( + callback) + 1] + ' , expected: ' + callback + '(' + assert response[len(response) - 1] == ")", 'missing close parenthesis' + + if req_obj == "meminfo": + check_meminfo_response(response[len(callback) + 1:len(response) - 1]) + elif req_obj == "loadavg": + check_loadavg_response(response[len(callback) + 1:len(response) - 1]) + else: + return False + + return True + + +def check_meminfo_change(response1, response2, key, delta, safety_margin=0): + """Check that a specific value in meminfo has changed by at least some amount. + Used by allocanon and freeanon tests. Returns true if it executes properly, + throws an AssertionError if it does not execute properly or another error + if json is unable to decode the response.""" + + check_meminfo_response(response1) + check_meminfo_response(response2) + + data1 = json.loads(response1.strip()) + data2 = json.loads(response2.strip()) + + if delta >= 0: + return float(data2[key]) - float(data1[key]) > delta * (1 - safety_margin) + else: + return float(data2[key]) - float(data1[key]) < delta * (1 - safety_margin) + + +def check_empty_login_respnse(response): + return response.strip() == "{}" + +ld_preload = f'{script_dir}/getaddrinfo.so.1.0.1' +if not os.path.exists(ld_preload): + print (f"Couldn't find ${ld_preload}, please run (cd {script_dir}; build.sh)") + sys.exit(1) + +def usage(): + print(""" + Usage: python3 server_unit_test_pserv.py -s server [-h, -t testname, -o outfile] + -h Show help + -s server File path to the server executable + -t testname Run a test by itself, its name given as testname + -l List available tests + -6 host Hostname of IPv6 localhost (default: localhost6) + -o outputfile Send output from the server to an output file + """) + + +def handle_exception(type, exc, tb): + """Install a default exception handler. + If there is an exception thrown at any time in the script, + report that the test failed, close the server and exit. + """ + print("\n>>> FAIL: ", type, "'", exc, "'\n") + print(type.__doc__ + "\n") + traceback.print_tb(tb) + + +def decode_base64(data): + """Decode base64, padding being optional. + + :param data: Base64 data as a string + :returns: The decoded byte string. + + Adapted from https://stackoverflow.com/a/9807138 + """ + data = data.encode() + missing_padding = len(data) % 4 + if missing_padding != 0: + data += b'='* (4 - missing_padding) + + return base64.b64decode(data) + + +# Install the default exception handler +sys.excepthook = handle_exception + + +############################################################################## +## Class: Doc_Print_Test_Case +## Extending the unittest.TestCase class for a better print of the __doc__ +## type of each test method. +## +# +# TBD: investigate if this method was only used in Python 2.4 and isn't +# already part of TestCase in unittest in Python 2.6 +# +############################################################################## + +class Doc_Print_Test_Case(unittest.TestCase): + def __init__(self, methodName='runTest'): + """ + Overriding the super-class __init__ because it uses an internal + attribute for the test method doc that is not inherited. + """ + unittest.TestCase.__init__(self, methodName) + + def shortDescription(self): + """ + Returns the __doc__ of the test method, instead of unittest.TestCase's + standard action of returning the first line of the test method. This + will allow for more verbose testing with each method. + """ + return self._testMethodDoc + +############################################################################## +## Class: Single_Conn_Protocol_Case +## test cases that ensure HTTP/1.0 connections close automatically, +## and HTTP/1.1 connections have persistent connections. +############################################################################## + +class Single_Conn_Protocol_Case(Doc_Print_Test_Case): + """ + Test case for a single connection, checking various points of protocol + usage that ensures the servers to be HTTP 1.0 and 1.1 compliant. + Each case should be handled without the server crashing. + """ + + def __init__(self, testname, hostname, port): + """ + Prepare the test case for creating connections. + """ + super(Single_Conn_Protocol_Case, self).__init__(testname) + self.hostname = hostname + self.port = port + + def tearDown(self): + """ Test Name: None -- tearDown function\n\ + Number Connections: N/A \n\ + Procedure: None. An error here \n\ + means the server crashed after servicing the request from \n\ + the previous test. + """ + if server.poll() is not None: + # self.fail("The server has crashed. Please investigate.") + print("The server has crashed. Please investigate.") + + def test_http_1_0_compliance(self): + """ Test Name: test_http_1_0_compliance\n\ + Number Connections: 1 \n\ + Procedure: Writes "GET /api/login HTTP/1.0\\r\\n" to the server, then \n\ + checks nothing has been returned, and finishes with the \n\ + extra "\\r\\n" and checking the data sent back from the \n\ + server. + """ + # Make HTTP connection for the server + sock = get_socket_connection(self.hostname, self.port) + + sock.send(encode("GET /api/login HTTP/1.0\r\n")) + sock.send(encode("Host: " + self.hostname + "\r\n")) + sock.settimeout(1) + time.sleep(.1) + try: + if sock.recv(4096, socket.MSG_PEEK).decode('utf8') != '': + self.fail("The http response was returned too early, before" + \ + " the extra \r\n line.") + + except socket.timeout: + pass + + sock.send(encode("\r\n")) + # If there is a HTTP response, it should be a valid /loadavg + # response. + data = "" + + time.sleep(0.1) + try: + while sock.recv(4096, socket.MSG_PEEK).decode('utf8') != '': + msg_buffer = sock.recv(4096).decode('utf8') + data = data + msg_buffer + + # Connections close after responses for HTTP/1.0 , therefore a timeout + # should not occur. + except socket.timeout: + self.fail("The server did not respond and close the connection in sufficient time.") + + data = data.split("\r\n\r\n") + assert len(data) == 2, \ + "The response could not be parsed, check your use of \\r\\n" + + assert check_empty_login_respnse(data[1]), \ + "The /login object was not properly returned." + + sock.close() + + def test_http_1_1_compliance(self): + """ Test Name: test_http_1_1_compliance\n\ + Number Connections: 1 \n\ + Procedure: Ensure a persistent connection by sending seven consecutive\n\ + requests to the server on one connection. + """ + # Make HTTP connection for the server + self.http_connection = HTTPConnection(self.hostname, self.port) + self.http_connection.auto_open = 0 + + # Connect to the server + self.http_connection.connect() + + for x in range(0, 7): + # GET request for the object /login + self.http_connection.request("GET", "/api/login") + + # Get the server's response + server_response = self.http_connection.getresponse() + + # Check that the server did not close the connection + # this will be True if the server responds with a HTTP/1.1 + # independent of whether the connection has been closed or not. + self.assertEqual(server_response._check_close(), False, \ + "Server closed the connection") + + # Check the response status code + self.assertEqual(server_response.status, OK, "Server failed to respond") + + # Check the data included in the server's response + self.assertTrue(check_empty_login_respnse(server_response.read().decode('utf8')), \ + "empty login response check failed") + + self.http_connection.close() + + +############################################################################## +## Class: Single_Conn_Malicious_Case +## Test cases that are attempting to break down the server +############################################################################## + +class Single_Conn_Malicious_Case(Doc_Print_Test_Case): + """ + Test case for a single connection, using particularly malicious requests + that are designed to seek out leaks and points that lack robustness. + Each case should be handled without the server crashing. + """ + + def __init__(self, testname, hostname, port): + """ + Prepare the test case for creating connections. + """ + super(Single_Conn_Malicious_Case, self).__init__(testname) + self.hostname = hostname + self.port = port + + def setUp(self): + """ Test Name: None -- setUp function\n\ + Number Connections: N/A \n\ + Procedure: Nothing to do here + """ + + def tearDown(self): + """ Test Name: None -- tearDown function\n\ + Number Connections: N/A \n\ + Procedure: An error here \ + means the server crashed after servicing the request from \ + the previous test. + """ + + if server.poll() is not None: + # self.fail("The server has crashed. Please investigate.") + print("The server has crashed. Please investigate.") + + + + def test_multi_connection_disconnect(self): + """ Test Name: test_multi_connection_disconnect\n\ + Number Connections: 5 \n\ + Procedure: tries to do a login GET request but fails and closes connection at some point during + the request response sequence. + """ + request_string = f'GET /api/login HTTP/1.1\r\nHost: {self.hostname}\r\n\r\n'.encode() + nconnections = len(request_string) + connection_list = [ (get_socket_connection(self.hostname, self.port), i) for i in range(nconnections) ] + random.shuffle(connection_list) + + # write one character to each until they are at the failure point + for idx in range(len(request_string)): + for sock, stop_idx in connection_list: + if idx < stop_idx: + sock.send(request_string[idx:idx+1]) + + for sock, _ in connection_list: + sock.close() + + # since we are using raw sockets here, we can't and don't test the result. + # it suffices if the server doesn't crash + + def test_file_descriptor_leak(self): + """ Test Name: test_file_descriptor_leak\n\ + Number Connections: 4000, but only one is connected at a time \n\ + Procedure: 4000 connections are processed as follows: \n\ + 1. Make the connection\n\ + 2. Test a /api/login request\n\ + 3. Close the connection\n\ + IMPORTANT NOTE: May also thread/fork-bomb your server! + """ + start = time.time() + for x in range(4000): + http_connection = HTTPConnection(hostname, port) + # avoid TCP listen overflows + http_connection.connect() + http_connection.sock.setsockopt(socket.SOL_SOCKET, socket.SO_LINGER, struct.pack('ii', 1, 1)) + + # GET request for the object /login + http_connection.request("GET", "/api/login") + + # Get the server's response + server_response = http_connection.getresponse() + + # Check the response status code + assert server_response.status == OK, "Server failed to respond" + + # Check the data included in the server's response + assert check_empty_login_respnse(server_response.read().decode('utf8')), \ + "api/login check failed" + http_connection.close() + if time.time() - start > 60: + raise AssertionError("Timeout - took more than 60 seconds") + + def test_file_descriptor_early_disco_leak_1(self): + """ Test Name: test_file_descriptor_early_disco_leak_1\n\ + Number Connections: 4000, but only one is connected at a time \n\ + Procedure: 4000 connections are processed as follows: \n\ + 1. Make the connection\n\ + 2. Send to the server: GET /api/login HTTP/1.1\\r\\n\n\ + NOTE: Only ONE \\r\\n is sent!\n\ + 3. Close the connection\n\ + IMPORTANT NOTE: May also thread/fork-bomb your server! + """ + # Test note: the failure will be induced if get_socket_connection + # is unable to create a new connection, and an assertion error is thrown + start = time.time() + for x in range(4000): + socket = get_socket_connection(self.hostname, self.port) + + # Write to the server + socket.send(encode("GET /api/login HTTP/1.1\r\n")) + socket.send(encode("Host: " + self.hostname + "\r\n")) + # Close the socket + socket.close() + if time.time() - start > 60: + raise AssertionError("Timeout - took more than 60 seconds") + + def test_file_descriptor_early_disco_leak_2(self): + """ Test Name: test_file_descriptor_early_disco_leak_2\n\ + Number Connections: 2000, but only one is connected at a time \n\ + Procedure: 2000 connections are processed as follows: \n\ + 1. Make the connection\n\ + 2. Send to the server: GET /api/login HTTP/1.1\n\ + NOTE: NO \\r\\n's are sent!\n\ + 3. Close the connection\n\ + IMPORTANT NOTE: May also thread/fork-bomb your server! + """ + + # Test note: the failure will be induced if get_socket_connection + # is unable to create a new connection, and an assertion error is thrown + start = time.time() + for x in range(4000): + socket = get_socket_connection(self.hostname, self.port) + + # Write to the server + socket.send(encode("GET /api/login HTTP/1.1")) + + # Close the socket + socket.close() + if time.time() - start > 60: + raise AssertionError("Timeout - took more than 60 seconds") + + def test_80_kb_URI(self): + """ Test Name: test_80_kb_URI\n\ + Number Connections: 1\n\ + Procedure: Send a GET request for a URI object that is 80kb long.\n\ + Then check that another connection and request can still\n\ + be made. Also, ensure that an appropriate response is\n\ + sent to the 80kb request.\n\ + """ + + sock = get_socket_connection(self.hostname, self.port) + + sock.send(encode("GET ")) + + data = '' + try: + for x in range(1, 10240): + sock.send(encode("/api/login")) + + sock.send(encode(" HTTP/1.1\r\n")) + sock.send(encode("Host: " + self.hostname + "\r\n\r\n")) + + # If there is a HTTP response, it should NOT be a valid /api/login + # response. All other responses are fine, including closing the + # connection, so long as the server continues serving other connections + sock.settimeout(1) + data = "" + + time.sleep(0.1) + while sock.recv(4096, socket.MSG_PEEK).decode('utf8') != '': + msg_buffer = sock.recv(4096).decode('utf8') + data = data + msg_buffer + + # Socket timeouts are not expected for HTTP/1.0 , therefore an open + # connection is bad. + except socket.timeout: + pass + except SocketError as e: + if e.errno != errno.ECONNRESET: + raise + + data = data.split("\r\n\r\n") + + try: + if len(data) >= 2 and check_empty_login_respnse(data[1]): + self.fail("A valid /api/login object was returned for an invalid request.") + + # If an error is generated, it comes from trying to an interpret a JSON + # object that doesn't exist. + except (AssertionError, ValueError): + pass + + sock.close() + + # Make HTTP connection for the server + self.http_connection = HTTPConnection(self.hostname, self.port) + + # Connect to the server + self.http_connection.auto_open = 0 + self.http_connection.connect() + + # GET request for the object /api/login + self.http_connection.request("GET", "/api/login") + + # Get the server's response + server_response = self.http_connection.getresponse() + + # Check the response status code + self.assertEqual(server_response.status, OK, "Server failed to respond") + + # Check the data included in the server's response + self.assertTrue(check_empty_login_respnse(server_response.read().decode('utf8')), \ + "api/login check failed") + + self.http_connection.close() + + def test_byte_wise_request(self): + """ Test Name: test_byte_wise_request\n\ + Number Connections: 1\n\ + Procedure: Send a request for GET /api/login HTTP/1.1 byte by byte.\n\ + """ + + # Make the low-level connection + sock = get_socket_connection(self.hostname, self.port) + + for x in "GET /api/login HTTP/1.0\r\nHost: " + self.hostname + "\r\n": + sock.send(encode(x)) + time.sleep(0.1) + + sock.settimeout(1) + msg_buffer = '' + try: + if sock.recv(4096, socket.MSG_PEEK).decode('utf8') != '': + self.fail("Data was returned before the extra \r\n") + + # We want nothing back until after we've sent the last \r\n + except socket.timeout: + pass + + if msg_buffer != '': + self.fail("The server responded before the full request was sent.") + + sock.send(encode("\r")) + sock.send(encode("\n")) + + time.sleep(0.1) + # Collect the response + try: + while sock.recv(4096, socket.MSG_PEEK).decode('utf8') != '': + data = sock.recv(4096).decode('utf8') + msg_buffer = msg_buffer + data + + # Check the response + data = data.split("\r\n\r\n") + except socket.timeout: + self.fail("The socket timed out on responding to the message.") + return + + if len(data) == 2 and check_empty_login_respnse(data[1]): + pass + elif len(data) != 2: + self.fail("The server did not return the proper api/login data") + else: + self.fail("A proper login object was not returned.") + + sock.close() + + +############################################################################## +## Class: Single_Conn_Bad_Case +## Test cases that aim for various errors in well-formed queries. +############################################################################## + +class Single_Conn_Bad_Case(Doc_Print_Test_Case): + """ + Test case for a single connection, using bad requests that are + well formed. The tests are aptly named for describing their effects. + Each case should be handled gracefully and without the server crashing. + """ + + def __init__(self, testname, hostname, port): + """ + Prepare the test case for creating connections. + """ + super(Single_Conn_Bad_Case, self).__init__(testname) + self.hostname = hostname + self.port = port + + # Prepare the a_string for query checks + self.a_string = "aaaaaaaaaaaaaaaa" + for x in range(0, 6): + self.a_string = self.a_string + self.a_string + + N = 10 + self.username = 'user0' + self.invalid_username = ''.join(random.choice(string.ascii_lowercase + string.ascii_uppercase) for _ in range(N)) + self.password = 'thepassword' + self.invalid_password = ''.join(random.choice(string.ascii_lowercase + string.ascii_uppercase) for _ in range(N)) + + def setUp(self): + """ Test Name: None -- setUp function\n\ + Number Connections: N/A \n\ + Procedure: Opens the HTTP connection to the server. An error here \ + means the script was unable to create a connection to the \ + server. + """ + # Make HTTP connection for the server + self.http_connection = HTTPConnection(self.hostname, self.port) + + # Connect to the server + self.http_connection.auto_open = 0 + self.http_connection.connect() + + def tearDown(self): + """ Test Name: None -- tearDown function\n\ + Number Connections: N/A \n\ + Procedure: Closes the HTTP connection to the server. An error here \ + means the server crashed after servicing the request from \ + the previous test. + """ + # Close the HTTP connection + self.http_connection.close() + if server.poll() is not None: + # self.fail("The server has crashed. Please investigate.") + print("The server has crashed. Please investigate.") + + def test_404_not_found_1(self): + """ Test Name: test_404_not_found_1\n\ + Number Connections: 1 \n\ + Procedure: Test a simple GET request for an illegal object URL:\n\ + GET /junk HTTP/1.1 + """ + run_404_check(self.http_connection, "/api/junk", self.hostname) + + def test_404_not_found_2(self): + """ Test Name: test_404_not_found_2\n\ + Number Connections: 1 \n\ + Procedure: Test a simple GET request for an illegal object URL:\n\ + GET /api/login/api/login HTTP/1.1 + """ + run_404_check(self.http_connection, "/api/login/api/login", self.hostname) + + def test_404_not_found_3(self): + """ Test Name: test_404_not_found_3\n\ + Number Connections: 1 \n\ + Procedure: Test a simple GET request for an illegal object URL:\n\ + GET /api/logon HTTP/1.1 + """ + run_404_check(self.http_connection, "/api/logon", self.hostname) + + def test_404_not_found_4(self): + """ Test Name: test_404_not_found_4\n\ + Number Connections: 1 \n\ + Procedure: Test a simple GET request for an illegal object URL:\n\ + GET /api/api/login HTTP/1.1 + """ + run_404_check(self.http_connection, "/api/api/login", self.hostname) + + def test_404_not_found_5(self): + """ Test Name: test_404_not_found_5\n\ + Number Connections: 1 \n\ + Procedure: Test a simple GET request for an illegal object URL:\n\ + GET /api/loginjunk HTTP/1.1 + """ + run_404_check(self.http_connection, "/api/api", self.hostname) + + def test_404_not_found_6(self): + """ Test Name: test_404_not_found_6\n\ + Number Connections: 1 \n\ + Procedure: Test a simple GET request for an illegal object URL:\n\ + GET /api/loginjunk HTTP/1.1 + """ + run_404_check(self.http_connection, "/api/loginjunk", self.hostname) + + def test_404_not_found_7(self): + """ Test Name: test_404_not_found_7\n\ + Number Connections: 1 \n\ + Procedure: Test a simple GET request for an illegal object URL:\n\ + GET /login/api HTTP/1.1 + """ + run_404_check(self.http_connection, "/login/api", self.hostname) + def test_method_check_long(self): + """ Test Name: test_method_check_4\n\ + Number Connections: 1 \n\ + Procedure: Test a request using a long method:\n\ + aa....aaa /api/login HTTP/1.1 + """ + run_method_check(self.http_connection, self.a_string*2, self.hostname) + + def test_method_check_4(self): + """ Test Name: test_method_check_4\n\ + Number Connections: 1 \n\ + Procedure: Test a request using a different method than GET:\n\ + ASD /api/login HTTP/1.1 + """ + run_method_check(self.http_connection, "ASD", self.hostname) + + def test_login_post_invalid_username(self): + """ Test Name: test_login_post_invalid_username\n + Number Connections: One \n\ + Procedure: Simple POST request:\n\ + POST /api/login HTTP/1.1 + + Run a check for login by providing an incorrect username using a + well-formed request for /api/login. Not checking for response text. + """ + # JSON body for the request + data = {"username": self.invalid_username, "password": self.password} + body = json.dumps(data) + + # POST request for login + self.http_connection.request("POST", "/api/login", body) + + # Get the server response + server_response = self.http_connection.getresponse() + + # Check the response code + self.assertEqual(server_response.status, FORBIDDEN) + + def test_login_post_invalid_password(self): + """ Test Name: test_login_post_invalid_password\n + Number Connections: One \n\ + Procedure: Simple POST request:\n\ + POST /api/login HTTP/1.1 + + Run a check for login by providing an incorrect password using a + well-formed request for /api/login. Not checking for response text. + """ + # JSON body for the request + data = {"username": self.username, "password": self.invalid_password} + body = json.dumps(data) + + # POST request for login + self.http_connection.request("POST", "/api/login", body) + + # Get the server response + server_response = self.http_connection.getresponse() + + # Check the response code + self.assertEqual(server_response.status, FORBIDDEN) + + + def test_login_post_invalid_body(self): + """ Test Name: test_login_post_invalid_body\n + Number Connections: One \n\ + Procedure: Simple POST request:\n\ + POST /api/login HTTP/1.1 + + Run a check for login by providing an ill-formed body i.e. not JSON + for /api/login. Not checking for response text. + """ + # Ill-formed body for the request + data = '"username": "%s", "password": "%s"' % (self.username, self.password) + + # POST request for login + self.http_connection.request("POST", "/api/login", data) + + # Get the server response + server_response = self.http_connection.getresponse() + + # Check the response code + self.assertEqual(server_response.status, FORBIDDEN) + + def test_login_valid_body_extra_parameters(self): + """ Test Name: test_login_valid_body_extra_parameters\n + Number Connections: One \n\ + Procedure: Simple POST request:\n\ + POST /api/login HTTP/1.1 + + Run a check for login by providing a well-formed body with extra + parameters in the JSON body for /api/login. Not checking for + response text. + """ + # JSON body for the request + data = {"username": self.username, "password": self.password, "key": "value"} + body = json.dumps(data) + + # POST request for login + self.http_connection.request("POST", "/api/login", body) + + # Get the server response + server_response = self.http_connection.getresponse() + + # Check the response code + self.assertEqual(server_response.status, OK) + + +class Multi_Conn_Sequential_Case(Doc_Print_Test_Case): + """ + Test case for multiple connections, using good requests that are properly + formed. Further, the requests are processed sequentially. + The tests are aptly named for describing their effects. + """ + + def __init__(self, testname, hostname, port): + """ + Prepare the test case for creating connections. + """ + super(Multi_Conn_Sequential_Case, self).__init__(testname) + self.hostname = hostname + self.port = port + + def setUp(self): + """ Test Name: None -- setUp function\n\ + Number Connections: N/A \n\ + Procedure: Opens the HTTP connection to the server. An error here \ + means the script was unable to create a connection to the \ + server. + """ + self.http_connections = [] + + def tearDown(self): + """ Test Name: None -- tearDown function\n\ + Number Connections: N/A \n\ + Procedure: Closes the HTTP connection to the server. An error here \ + means the server crashed after servicing the request from \ + the previous test. + """ + for http_conn in self.http_connections: + http_conn.close() + if server.poll() is not None: + # self.fail("The server has crashed. Please investigate.") + print("The server has crashed. Please investigate.") + + def test_two_connections(self): + """ Test Name: test_two_connections\n\ + Number Connections: 2 \n\ + Procedure: Run 2 connections simultaneously for simple GET requests:\n\ + GET /api/login HTTP/1.1 + """ + + # Append two connections to the list + for x in range(2): + self.http_connections.append(HTTPConnection(self.hostname, + self.port)) + # Connect each connection + for http_conn in self.http_connections: + http_conn.connect() + + # Run a request for /api/login and check it + # we run these in opposite order so that serial server implementations + # fail. + for http_conn in reversed(self.http_connections): + run_connection_check_empty_login(http_conn, self.hostname) + + # Run a request for /api/login and check it + for http_conn in self.http_connections: + run_connection_check_empty_login(http_conn, self.hostname) + + + + def test_four_connections(self): + """ Test Name: test_two_connections\n\ + Number Connections: 4 \n\ + Procedure: Run 4 connections simultaneously for simple GET requests:\n\ + GET /api/login HTTP/1.1 + """ + + # Append four connections to the list + for x in range(4): + self.http_connections.append(HTTPConnection(self.hostname, + self.port)) + # Connect each connection + for http_conn in self.http_connections: + http_conn.connect() + + # Run a request for /api/login and check it + for http_conn in reversed(self.http_connections): + run_connection_check_empty_login(http_conn, self.hostname) + + # Run a request for /api/login and check it + for http_conn in self.http_connections: + run_connection_check_empty_login(http_conn, self.hostname) + + def test_eight_connections(self): + """ Test Name: test_two_connections\n\ + Number Connections: 8 \n\ + Procedure: Run 8 connections simultaneously for simple GET requests:\n\ + GET /api/login HTTP/1.1 + """ + + # Append eight connections to the list + for x in range(8): + self.http_connections.append(HTTPConnection(self.hostname, + self.port)) + # Connect each connection + for http_conn in self.http_connections: + http_conn.connect() + + # Run a request for /api/login and check it + for http_conn in reversed(self.http_connections): + run_connection_check_empty_login(http_conn, self.hostname) + + # Re-connect in the case of HTTP/1.0 protocol implementation + for http_conn in self.http_connections: + http_conn.connect() + + # Run a request for /api/login and check it + for http_conn in self.http_connections: + run_connection_check_empty_login(http_conn, self.hostname) + + + +class Single_Conn_Good_Case(Doc_Print_Test_Case): + """ + Test case for a single connection, using good requests that are properly + formed. The tests are aptly named for describing their effects. + """ + + def __init__(self, testname, hostname, port): + """ + Prepare the test case for creating connections. + """ + super(Single_Conn_Good_Case, self).__init__(testname) + + self.hostname = hostname + self.port = port + + def setUp(self): + """ Test Name: None -- setUp function\n\ + Number Connections: N/A \n\ + Procedure: Opens the HTTP connection to the server. An error here \ + means the script was unable to create a connection to the \ + server. + """ + # Make HTTP connection for the server + self.http_connection = HTTPConnection(self.hostname, self.port) + + # Connect to the server + self.http_connection.connect() + + def tearDown(self): + """ Test Name: None -- tearDown function\n\ + Number Connections: N/A \n\ + Procedure: Closes the HTTP connection to the server. An error here \ + means the server crashed after servicing the request from \ + the previous test. + """ + # Close the HTTP connection + self.http_connection.close() + if server.poll() is not None: + # self.fail("The server has crashed. Please investigate.") + print("The server has crashed. Please investigate.") + + def test_login_get(self): + """ Test Name: test_loadavg_no_callback\n\ + Number Connections: One \n\ + Procedure: Simple GET request:\n\ + GET /api/login HTTP/1.1 + """ + + # GET request for the object /loadavg + self.http_connection.request("GET", "/api/login") + + # Get the server's response + server_response = self.http_connection.getresponse() + + # Check the response status code + self.assertEqual(server_response.status, OK, "Server failed to respond") + + # Check the data included in the server's response + self.assertTrue(check_empty_login_respnse(server_response.read().decode('utf8')), \ + "login check failed") + + +class Access_Control(Doc_Print_Test_Case): + """ + Test cases for access control, using good requests that are properly + formed. The tests are aptly named for describing their effects. + """ + + def __init__(self, testname, hostname, port): + """ + Prepare the test case for creating connections. + """ + super(Access_Control, self).__init__(testname) + + self.hostname = hostname + self.port = port + self.public_file_1 = 'index.html' + self.public_file_2 = 'js/jquery.min.js' + self.public_file_3 = 'css/jquery-ui.min.css' + self.private_file = 'private/secure.html' + self.username = 'user0' + self.password = 'thepassword' + self.invalid_password = 'wrongpassword' + + def setUp(self): + """ Test Name: None -- setUp function\n\ + Number Connections: N/A \n\ + Procedure: Opens the HTTP connection to the server. An error here \ + means the script was unable to create a connection to the \ + server. + """ + # Create a requests session + self.session = requests.Session() + + def tearDown(self): + """ Test Name: None -- tearDown function\n\ + Number Connections: N/A \n\ + Procedure: Closes the HTTP connection to the server. An error here \ + means the server crashed after servicing the request from \ + the previous test. + """ + # Close the HTTP connection + self.session.close() + + def test_access_control_private_valid_token(self): + """ Test Name: test_access_control_private_valid_token + Number Connections: N/A + Procedure: Checks if private files can be accessed given the right + username and password. An error here means that the either + the server did not authenticate the user correctly or that + despite being authenticated the user is not served with + the contents of the private path. + """ + # Login using the default credentials + try: + response = self.session.post('http://%s:%s/api/login' % (self.hostname, self.port), + json={'username': self.username, 'password': self.password}, + timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + # Ensure that the user is authenticated + self.assertEqual(response.status_code, requests.codes.ok, "Authentication failed.") + + # Define the private URL to get + url = 'http://%s:%s/%s' % (self.hostname, self.port, self.private_file) + + # Use the session cookie to get the private file + response = self.session.get(url, timeout=2) + + # Ensure that access is granted + self.assertEqual(response.status_code, requests.codes.ok, + "Server failed to respond with private file despite being authenticated.") + + def test_access_control_public_valid_token(self): + """ Test Name: test_access_control_public_valid_token + Number Connections: N/A + Procedure: Checks if public files can be accessed given the right + username and password. Public paths DO NOT require a + username and password. A failure here means that + authentication failed or that public paths are not being + served. + """ + # Login using the default credentials + try: + response = self.session.post('http://%s:%s/api/login' % (self.hostname, self.port), + json={'username': self.username, 'password': self.password}, + timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + # Ensure that the user is authenticated + self.assertEqual(response.status_code, requests.codes.ok, "Authentication failed.") + + # Define the public URL to get - test HTML file + url = 'http://%s:%s/%s' % (self.hostname, self.port, self.public_file_1) + + # Use the session cookie to get the private file + try: + response = self.session.get(url, timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + # Ensure that access is granted + self.assertEqual(response.status_code, requests.codes.ok, + "Server failed to respond with public file despite being authenticated.") + + # Ensure that file was correctly returned + self.assertEqual(response.content, open(f'{base_dir}/{self.public_file_1}', 'rb').read()) + + # Define the public URL to get - test JS file + url = 'http://%s:%s/%s' % (self.hostname, self.port, self.public_file_2) + + # Use the session cookie to get the private file + try: + response = self.session.get(url, timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + # Ensure that access is granted + self.assertEqual(response.status_code, requests.codes.ok, + "Server failed to respond with public file despite being authenticated.") + + # Ensure that file was correctly returned + self.assertEqual(response.content, open(f'{base_dir}/{self.public_file_2}', 'rb').read()) + + # Define the public URL to get - test CSS file + url = 'http://%s:%s/%s' % (self.hostname, self.port, self.public_file_3) + + # Use the session cookie to get the private file + try: + response = self.session.get(url, timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + # Ensure that access is granted + self.assertEqual(response.status_code, requests.codes.ok, + "Server failed to respond with public file despite being authenticated.") + + # Ensure that file was correctly returned + self.assertEqual(response.content, open(f'{base_dir}/{self.public_file_3}', 'rb').read()) + + def test_access_control_public_no_token(self): + """ Test Name: test_access_control_public_no_token + Number Connections: N/A + Procedure: Checks if public files can be accessed without a username + and password. A failure here means that public paths are + not being served. + """ + # Define the public URL to get - test HTML file + url = 'http://%s:%s/%s' % (self.hostname, self.port, self.public_file_1) + + # Use the session cookie to get the private file + try: + response = self.session.get(url, timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + # Ensure that access is granted + self.assertEqual(response.status_code, requests.codes.ok, + "Server failed to respond with a public file.") + + # Define the public URL to get - test JS file + url = 'http://%s:%s/%s' % (self.hostname, self.port, self.public_file_1) + + # Use the session cookie to get the private file + try: + response = self.session.get(url, timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + # Ensure that access is granted + self.assertEqual(response.status_code, requests.codes.ok, + "Server failed to respond with a public file.") + + # Define the public URL to get - test CSS file + url = 'http://%s:%s/%s' % (self.hostname, self.port, self.public_file_1) + + # Use the session cookie to get the private file + try: + response = self.session.get(url, timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + # Ensure that access is granted + self.assertEqual(response.status_code, requests.codes.ok, + "Server failed to respond with a public file.") + + def test_access_control_private_invalid_token(self): + """ Test Name: test_access_control_private_invalid_token + Number Connections: N/A + Procedure: Checks if private files can be accessed given invalid + authentication details. A failure here means that + authentication succeeded or that private paths are being + served without authentication. + """ + # Login using the default credentials + try: + response = self.session.post('http://%s:%s/api/login' % (self.hostname, self.port), + json={'username': self.username, 'password': self.invalid_password}, + timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + # Ensure that the user is authenticated + self.assertEqual(response.status_code, requests.codes.forbidden, "Authentication failed.") + + # Define the private URL to get + url = 'http://%s:%s/%s' % (self.hostname, self.port, self.private_file) + + # Use the session cookie to get the private file + try: + response = self.session.get(url, timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + # Ensure that access is forbidden + self.assertEqual(response.status_code, requests.codes.forbidden, + "Server responded with private file despite not being authenticated.") + + def test_access_control_private_no_token(self): + """ Test Name: test_access_control_private_no_token + Number Connections: N/A + Procedure: Checks if private files can be accessed without + authentication details. A failure here means that + private paths are being served without authentication. + """ + # Define the private URL to get + url = 'http://%s:%s/%s' % (self.hostname, self.port, self.private_file) + + # Use the session cookie to get the private file + try: + response = self.session.get(url, timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + # Ensure that access is forbidden + self.assertEqual(response.status_code, requests.codes.forbidden, + "Server responded with a private file despite no token.") + + def test_access_control_private_malformed_token(self): + """ Test Name: test_access_control_private_no_token + Number Connections: N/A + Procedure: Checks if private files can be accessed with malformed + authentication tokens. A failure here means that the + authentication token is not being checked when serving + private files. + """ + # Login using the default credentials + try: + response = self.session.post('http://%s:%s/api/login' % (self.hostname, self.port), + json={'username': self.username, 'password': self.password}, + timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + # Ensure that the user is authenticated + self.assertEqual(response.status_code, requests.codes.ok, "Authentication failed.") + + # Get cookie name + for cookie in self.session.cookies: + try: + encoded_data = cookie.value.split('.')[1] + + # Try to decode the payload + decoded_payload = decode_base64(encoded_data) + + # Get decoded_payload as JSON + data = json.loads(decoded_payload) + + break + + except (IndexError, ValueError): + continue + + # Delete the current authentication token + del self.session.cookies[cookie.name] + + # Set a false authentication token in the cookie + self.session.cookies.set(cookie.name, 'false_token') + + # Define the private URL to get + url = 'http://%s:%s/%s' % (self.hostname, self.port, self.private_file) + + # Use the session cookie to get the private file + try: + response = self.session.get(url, timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + # Ensure that access is forbidden + self.assertEqual(response.status_code, requests.codes.forbidden, + "Server responded with private file despite given an invalid auth token.") + + def test_access_control_private_path(self): + """ Test Name: test_access_control_private_path + Number Connections: N/A + Procedure: Checks if private files can be accessed through redirection. + A failure here means that the private paths are not + adequately protected and paths such as /public/../private/secret + can be accessed. + """ + # Define the private URL to get prefixed with a public path + url = 'http://%s:%s/public/../%s' % (self.hostname, self.port, self.private_file) + + # Use the session cookie to get the private file + try: + response = self.session.get(url, timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + if (response.status_code == requests.codes.forbidden): + raise AssertionError('Server responded with 403 FORBIDDEN instead of 404 NOT FOUND') + + if (response.status_code == requests.codes.forbidden): + raise AssertionError('Server responded with 403 FORBIDDEN instead of 404 NOT FOUND') + + # Ensure that response code is 404 + self.assertEqual(response.status_code, requests.codes.not_found, + "Server responded with a private file despite no authentication.") + + +class Authentication(Doc_Print_Test_Case): + """ + Test cases for authentication expiry, using good requests that are properly + formed. The tests are aptly named for describing their effects. + """ + + def __init__(self, testname, hostname, port): + """ + Prepare the test case for creating connections. + """ + super(Authentication, self).__init__(testname) + + self.hostname = hostname + self.port = port + self.public_file = 'index.html' + self.private_file = 'private/secure.html' + self.username = 'user0' + self.password = 'thepassword' + self.incorrect_password = 'wrongword' + self.sleep_time = 8 if run_slow else 4 + self.current_year = datetime.now().year + + def setUp(self): + """ Test Name: None -- setUp function\n\ + Number Connections: N/A \n\ + Procedure: Opens the HTTP connection to the server. An error here \ + means the script was unable to create a connection to the \ + server. + """ + # Create a requests session + self.sessions = [] + + def tearDown(self): + """ Test Name: None -- tearDown function\n\ + Number Connections: N/A \n\ + Procedure: Closes the HTTP connection to the server. An error here \ + means the server crashed after servicing the request from \ + the previous test. + """ + del self.sessions + + def test_expires_authentication_token(self): + """ Test Name: test_expires_authentication_token + Number Connections: 30 + Procedure: Checks if the authentication token expires in the timeframe + given. An error here means that expiry authentication token + duration is not correctly configured. + """ + # Create multiple sessions + for i in range(30): + self.sessions.append(requests.Session()) + + # Randomize failure events + should_fail = lambda: bool(random.getrandbits(1)) + + def test_expiry_authentication(i): + # Login using the default credentials + try: + response = self.sessions[i].post('http://%s:%s/api/login' % (self.hostname, self.port), + json={'username': self.username, 'password': self.password}, + timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s POST") + + # Ensure that the user is authenticated + self.assertEqual(response.status_code, requests.codes.ok, "Authentication failed.") + + # Define the private URL to get + url = 'http://%s:%s/%s' % (self.hostname, self.port, self.private_file) + + if should_fail(): + # Use the session cookie to get the private file + try: + response = self.sessions[i].get(url, timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s GET %s" % self.private_file) + + # Ensure that access is granted + self.assertEqual(response.status_code, requests.codes.ok, + "Server did not respond with the private file despite valid authentication.") + else: + # Sleep for a short duration till token expires + time.sleep(self.sleep_time) + + # Use the session cookie to get the private file + try: + response = self.sessions[i].get(url, timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + # Ensure that response is not OK + assert response.ok == False, "The response to the query was 200 OK when it should have been 403 FORBIDDEN" + + # Ensure that access is forbidden + self.assertEqual(response.status_code, requests.codes.forbidden, + "Server responded with %s (expected value = %s) when the token expires." + % (response.status_code, requests.codes.forbidden)) + + self.sessions[i].close() + + pool = ThreadPool(30) + pool.map(test_expiry_authentication, range(30)) + pool.terminate() + + def test_jwt_claims_json(self): + """ Test Name: test_jwt_claims_json + Number Connections: N/A + Procedure: Checks if the JWT JSON has the right claims set. + An error here means that some of the claims required are + not being set correctly. + """ + # Create multiple sessions + for i in range(30): + self.sessions.append(requests.Session()) + + for i in range(30): + # Login using the default credentials + try: + response = self.sessions[i].post('http://%s:%s/api/login' % (self.hostname, self.port), + json={'username': self.username, 'password': self.password}, + timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + # Ensure that the user is authenticated + self.assertEqual(response.status_code, requests.codes.ok, "Authentication failed.") + + try: + # Convert the response to JSON + data = response.json() + + # Verify that the JWT contains 'iat' + assert 'iat' in data, "Could not find the claim 'iat' in the JSON object." + + # Verify that the JWT contains 'iat' + assert 'exp' in data, "Could not find the claim 'exp' in the JSON object." + + # Verify that the JWT contains 'sub' + assert 'sub' in data, "Could not find the claim 'sub' in the JSON object." + + # Verify that the 'iat' claim to is a valid date from self.current_year + assert datetime.fromtimestamp(data['iat']).year == self.current_year, "'iat' returned is not a valid date" + + # Verify that the 'exp' claim to is a valid date from self.current_year + assert datetime.fromtimestamp(data['exp']).year == self.current_year, "'exp' returned is not a valid date" + + # Verify that the subject claim to is set to the right username + assert data['sub'] == self.username, "The subject claim 'sub' should be set to %s" % self.username + + except ValueError: + raise AssertionError('The login API did not return a valid JSON object') + + # Sleep for a short duration before testing again + time.sleep(random.random() / 10.0) + + # Close the session + self.sessions[i].close() + + def test_jwt_claims_cookie(self): + """ Test Name: test_jwt_claims_cookie + Number Connections: N/A + Procedure: Checks if the JWT cookie has the right claims set. + An error here means that some of the claims required are + not being set correctly. + """ + # Create multiple sessions + for i in range(30): + self.sessions.append(requests.Session()) + + for i in range(30): + # Login using the default credentials + try: + response = self.sessions[i].post('http://%s:%s/api/login' % (self.hostname, self.port), + json={'username': self.username, 'password': self.password}, + timeout=2) + except requests.exceptions.RequestException: + raise AssertionError("The server did not respond within 2s") + + # Ensure that the user is authenticated + self.assertEqual(response.status_code, requests.codes.ok, "Authentication failed.") + + # Get the cookie value from the response + found_cookie = False + + for cookie in self.sessions[i].cookies: + try: + encoded_data = cookie.value.split('.')[1] + + # Try to decode the payload + decoded_payload = decode_base64(encoded_data) + + # Get decoded_payload as JSON + data = json.loads(decoded_payload) + + found_cookie = True + + except (IndexError, ValueError): + continue + + # If cookie is None, it means no cookie has been set + if not found_cookie: + raise AssertionError('No valid cookie found.') + + # Verify that the JWT contains 'iat' + assert 'iat' in data, "Could not find the claim 'iat' in the JSON object." + + # Verify that the JWT contains 'iat' + assert 'exp' in data, "Could not find the claim 'exp' in the JSON object." + + # Verify that the JWT contains 'sub' + assert 'sub' in data, "Could not find the claim 'sub' in the JSON object." + + # Verify that the 'iat' claim to is a valid date from self.current_year + assert datetime.fromtimestamp(data['iat']).year == self.current_year, "'iat' returned is not a valid date" + + # Verify that the 'exp' claim to is a valid date from self.current_year + assert datetime.fromtimestamp(data['exp']).year == self.current_year, "'exp' returned is not a valid date" + + # Verify that the subject claim to is set to the right username + assert data['sub'] == self.username, "The subject claim 'sub' should be set to %s" % self.username + + # Sleep for a short duration before testing again + time.sleep(random.random() / 10.0) + + # Close the session + self.sessions[i].close() + +############################################################################### +# Globally define the Server object so it can be checked by all test cases +############################################################################### +server = None +output_file_name = None + +from signal import SIGKILL +def killserver(server): + pid = server.pid + try: + pgid = os.getpgid(pid) + os.killpg(pgid, SIGKILL) + except OSError: + # process might already be dead, os.getpgid throw in this case + pass + +############################################################################### +# Define an atexit shutdown method that kills the server as needed +############################################################################### +def make_clean_up_testing(server): + def clean_up_testing(): + try: + killserver(server) # SIGKILL + except: + pass + + return clean_up_testing + + +# Grade distribution constants +grade_points_available = 95 +# 6 tests +minreq_total = 25 +# 27 tests +extra_total = 20 +# 5 tests +malicious_total = 20 +# 4 tests +ipv6_total = 5 +# ? tests +auth_total = 25 + + +def print_points(minreq, extra, malicious, ipv6, auth): + """All arguments are fractions (out of 1)""" + print("Minimum Requirements: \t%2d/%2d" % (int(minreq * minreq_total), minreq_total)) + print("Authentication Functionality: \t%2d/%2d" % (int(auth * auth_total), auth_total)) + print("IPv6 Functionality: \t%2d/%2d" % (int(ipv6 * ipv6_total), ipv6_total)) + print("Extra Tests: \t%2d/%2d" % (int(extra * extra_total), extra_total)) + print("Robustness: \t%2d/%2d" % (int(malicious * malicious_total), malicious_total)) + + +############################################################################### +# Main +############################################################################### +# Not sure if this is necessary +if __name__ == '__main__': + + try: + opts, args = getopt.getopt(sys.argv[1:], "ndhs:t:o:l6:w", \ + ["help"]) + except getopt.GetoptError as err: + # print help information and exit: + print(str(err)) # will print something like "option -a not recognized" + usage() + sys.exit(2) + + server_path = None + run_slow = False + individual_test = None + runIPv6 = True + list_tests = False + ipv6_host = "localhost6" + + ipv6_score = 0 + for o, a in opts: + if o in ("-h", "--help"): + usage() + sys.exit() + elif o in ("-s"): + server_path = a + elif o in ("-t"): + individual_test = a + elif o in ("-l"): + list_tests = True + elif o in ("-w"): + run_slow = True + elif o in ("-o"): + output_file_name = a + elif o in ("-6"): + ipv6_host = a + else: + assert False, "unhandled option" + + alltests = [Single_Conn_Good_Case, Multi_Conn_Sequential_Case, Single_Conn_Bad_Case, + Single_Conn_Malicious_Case, Single_Conn_Protocol_Case, Access_Control, + Authentication] + + + def findtest(tname): + for clazz in alltests: + if tname in dir(clazz): + return clazz + return None + + + if list_tests: + for clazz in alltests: + print("In:", clazz.__name__) + for test in [m for m in dir(clazz) if m.startswith("test_")]: + print("\t", test) + + sys.exit(0) + + if server_path is None: + usage() + sys.exit() + + # Check access to the server path + if not os.access(server_path, os.R_OK): + print("File ", server_path, " is not readable") + sys.exit(1) + + # Setting the default timeout to allow connections to time out + socket.setdefaulttimeout(4) + + # Determine the hostname for running the server locally + hostname = socket.gethostname() + + # Determine the port number to use, based off of the current PID. + port = (os.getpid() % 10000) + 20000 + + # Set the base directory for the server, relative to + # where this script is located + base_dir = f'{script_dir}/test_root_data' + + # Authentication token expiry + auth_token_expiry = '2' + + def start_server(preargs = [], postargs = []): + args = preargs + [server_path, "-p", str(port), "-R", base_dir] + postargs + output_file = None + + # Open the output file if possible + if output_file_name is not None: + output_file = open(output_file_name, "a") + + def make_new_pgrp(): + os.setpgid(0, 0) + + if output_file is not None: + # Open the server on this machine + server = subprocess.Popen(args, preexec_fn = make_new_pgrp, + stdout=output_file, stderr=subprocess.STDOUT) + else: + server = subprocess.Popen(args, preexec_fn = make_new_pgrp) + + # Register the atexit function to shutdown the server on Python exit + atexit.register(make_clean_up_testing(server)) + + return server + + server = start_server() + + # Ensure that the server is running and accepting connections. + counter = 0 + while True: + try: + # by using the IP address returned here, we force the use of IPv4 + localhostname = socket.gethostbyname(socket.gethostname()) + http_conn = HTTPConnection(localhostname, port) + http_conn.connect() + http_conn.close() + break + except: + if counter >= 10: + print(""" +The server is not responding to IPv4 connection requests, and may not be +functioning properly. Ensure that you sent the proper location for your +server, and that your server starts running in a reasonable amount of time +(this waited 5 seconds for your server to start running). + +In the case that your server works fine and there's an error in our +script, please use the 'ps' command to see if the server is still running, +and let us know if there is an issue with our script creating a runaway +process. + """) + sys.exit(1) + + counter += 1 + time.sleep(.5) + + print("Your server has started successfully. Now to begin testing.") + # If an individual test was requested, find that test and only add it. If no + # tests are found of that name, error and exit. + print('should be running one test') + if individual_test is not None: + single_test_suite = unittest.TestSuite() + testclass = findtest(individual_test) + if testclass == Authentication: + killserver(server) + server.wait() + server = start_server(postargs=['-e', auth_token_expiry]) + time.sleep(3 if run_slow else 1) + if testclass: + single_test_suite.addTest(testclass(individual_test, hostname, port)) + else: + print("The test \"" + individual_test + "\" was not found in the test classes. Use -l.") + sys.exit(1) + + # Run the single test test suite and store the results + test_results = unittest.TextTestRunner().run(single_test_suite) + + if test_results.wasSuccessful(): + print("Test: " + individual_test + " passed!") + else: + print("Test: " + individual_test + " failed.") + + else: + + # Test Suite for the minimum requirements + min_req_suite = unittest.TestSuite() + + # Add all of the tests from the class Single_Conn_Good_Case + for test_function in dir(Single_Conn_Good_Case): + if test_function.startswith("test_"): + min_req_suite.addTest(Single_Conn_Good_Case(test_function, hostname, port)) + + # In particular, add the two-connection test from Multi_Conn_Sequential_Case, + # and the 1.0 protocol check (early return check) from Single_Conn_Protocol_Case + min_req_suite.addTest(Multi_Conn_Sequential_Case("test_two_connections", hostname, port)) + min_req_suite.addTest(Single_Conn_Protocol_Case("test_http_1_0_compliance", hostname, port)) + + # Test Suite to test JWT/authentication functionality + auth_tests_suite = unittest.TestSuite() + + # Add all of the tests from the class Access_Control + for test_function in dir(Access_Control): + if test_function.startswith("test_"): + auth_tests_suite.addTest(Access_Control(test_function, hostname, port)) + + # Add all of the tests from the class Authentication + for test_function in dir(Authentication): + if test_function.startswith("test_"): + auth_tests_suite.addTest(Authentication(test_function, hostname, port)) + + # Test Suite for extra points, mostly testing error cases + extra_tests_suite = unittest.TestSuite() + + # Add all of the tests from the class Multi_Conn_Sequential_Case + for test_function in dir(Multi_Conn_Sequential_Case): + if test_function.startswith("test_"): + extra_tests_suite.addTest(Multi_Conn_Sequential_Case(test_function, hostname, port)) + + # Add all of the tests from the class Single_Conn_Bad_Case + for test_function in dir(Single_Conn_Bad_Case): + if test_function.startswith("test_"): + extra_tests_suite.addTest(Single_Conn_Bad_Case(test_function, hostname, port)) + + # In particular, add the 1.1 protocol persistent connection check from Single_Conn_Protocol_Case + extra_tests_suite.addTest(Single_Conn_Protocol_Case("test_http_1_1_compliance", hostname, port)) + + # Malicious Test Suite + malicious_tests_suite = unittest.TestSuite() + + # Add all of the tests from the class Single_Conn_Malicious_Case + for test_function in dir(Single_Conn_Malicious_Case): + if test_function.startswith("test_"): + malicious_tests_suite.addTest(Single_Conn_Malicious_Case(test_function, hostname, port)) + + print('Beginning the Minimum Requirement Tests') + time.sleep(3 if run_slow else 1) + # Run the minimum requirements test suite and store the results + test_results = unittest.TextTestRunner().run(min_req_suite) + + nt = min_req_suite.countTestCases() + minreq_score = max(0, F(nt - len(test_results.errors) - len(test_results.failures), nt)) + + # Check if the server passed the minimum requirements + if test_results.wasSuccessful(): + print("\nYou have passed the Minimum Requirements for this project!\n") + else: + print("\nYou have NOT passed the Minimum Requirements for this project.\n" + + "Please examine the above errors, the remaining tests\n" + + "will not be run until after the above tests pass.\n") + + print_points(minreq_score, 0, 0, 0, 0) + sys.exit() + + print('Beginning Authentication Tests') + # Kill the server and start it again with expiry flag set to auth_token_expiry seconds + killserver(server) + server.wait() + server = start_server(postargs=['-e', auth_token_expiry]) + + time.sleep(3 if run_slow else 1) + # Run the extra tests + test_results = unittest.TextTestRunner().run(auth_tests_suite) + + auth_score = max(0, + F(auth_tests_suite.countTestCases() - len(test_results.errors) - len(test_results.failures), + auth_tests_suite.countTestCases())) + + def makeTestSuiteForHost(hostname): + # IPv6 Test Suite + ipv6_test_suite = unittest.TestSuite() + # Add all of the tests from the class Single_Conn_Good_Case + for test_function in dir(Single_Conn_Good_Case): + if test_function.startswith("test_"): + ipv6_test_suite.addTest(Single_Conn_Good_Case(test_function, hostname, port)) + + return ipv6_test_suite + + if runIPv6: + # + # Now run IPv6 in various combinations + # + # check that base server can accept IPv6 connections. + ts1 = makeTestSuiteForHost(ipv6_host) + testcases, points = 0, 0 + + def run_and_count(msg, ts1): + global testcases, points + print (msg) + test_results = unittest.TextTestRunner().run(ts1) + testcases += ts1.countTestCases() + points += ts1.countTestCases() - len(test_results.errors) - len(test_results.failures) + + run_and_count("Checking that server can accept IPv6 connections", ts1) + + def restart_server(preargs=args): + killserver(server) + server.wait() + newserver = start_server(preargs=args) + time.sleep(3 if run_slow else 1) + return newserver + + server = restart_server(preargs=['env', 'REVERSEIPADDR=1', ld_preload]) + + ts2 = makeTestSuiteForHost(ipv6_host) + run_and_count("Checking that server can accept IPv6 connections if addresses are in reverse", ts2) + + # check that server can accept IPv6 connections if only IPv6 addresses are listed + server = restart_server(preargs=['env', 'SKIPIPV4=1', ld_preload]) + + ts3 = makeTestSuiteForHost(ipv6_host) + run_and_count("Checking that server can accept IPv6 connections if no IPv4 addresses", ts3) + + # check that server can accept IPv4 connections if only IPv4 addresses are listed + server = restart_server(preargs=['env', 'SKIPIPV6=1', ld_preload]) + + ts4 = makeTestSuiteForHost(hostname) + run_and_count("Checking that server can accept IPv4 connections if no IPv6 addresses", ts4) + + ipv6_score = max(0, F(points, testcases)) +# + if points == testcases: + print("\nCongratulations! IPv6 support appears to work!\n") + else: + print( + "\nYou have NOT passed the IPv6 portion. Check that your code is properly handles all possible configurations. " + + "Please examine the errors listed above.\n") + + print('Beginning Extra Tests') + time.sleep(3 if run_slow else 1) + # Run the extra tests + test_results = unittest.TextTestRunner().run(extra_tests_suite) + + extra_score = max(0, + F(extra_tests_suite.countTestCases() - len(test_results.errors) - len(test_results.failures), + extra_tests_suite.countTestCases())) + + # Kill the server and start it normally without the expiry set to auth_token_expiry seconds + killserver(server) + server.wait() + server = start_server() + + # Check if the server passed the extra tests + if test_results.wasSuccessful(): + print("\nYou have passed the Extra Tests for this project!\n") + else: + print("\nYou have NOT passed the Extra Tests for this project.\n" + + "Please examine the above errors, the Malicious Tests\n" + + "will not be run until the above tests pass.\n") + + print_points(minreq_score, extra_score, 0, ipv6_score, auth_score) + sys.exit() + + print("Now running the MALICIOUS Tests. WARNING: These tests will not necessarily run fast!") + time.sleep(1) + # Run the malicious tests + test_results = unittest.TextTestRunner().run(malicious_tests_suite) + + robustness_score = max(0, F( + malicious_tests_suite.countTestCases() - len(test_results.errors) - len(test_results.failures), + malicious_tests_suite.countTestCases())) + + # Check if the server passed the extra tests + if test_results.wasSuccessful(): + print("\nCongratulations! You have passed the Malicious Tests!\n") + else: + print("\nYou have NOT passed one or more of the Malicious Tests. " + + "Please examine the errors listed above.\n") + + print_points(minreq_score, extra_score, robustness_score, ipv6_score, auth_score) + diff --git a/tests/test_root_data/css/jquery-ui.min.css b/tests/test_root_data/css/jquery-ui.min.css new file mode 100755 index 0000000..b5793f9 --- /dev/null +++ b/tests/test_root_data/css/jquery-ui.min.css @@ -0,0 +1,7 @@ +/*! jQuery UI - v1.12.1 - 2016-09-14 + * * http://jqueryui.com + * * Includes: core.css, accordion.css, autocomplete.css, menu.css, button.css, controlgroup.css, checkboxradio.css, datepicker.css, dialog.css, draggable.css, resizable.css, progressbar.css, selectable.css, selectmenu.css, slider.css, sortable.css, spinner.css, tabs.css, tooltip.css, theme.css + * * To view and modify this theme, visit http://jqueryui.com/themeroller/?bgShadowXPos=&bgOverlayXPos=&bgErrorXPos=&bgHighlightXPos=&bgContentXPos=&bgHeaderXPos=&bgActiveXPos=&bgHoverXPos=&bgDefaultXPos=&bgShadowYPos=&bgOverlayYPos=&bgErrorYPos=&bgHighlightYPos=&bgContentYPos=&bgHeaderYPos=&bgActiveYPos=&bgHoverYPos=&bgDefaultYPos=&bgShadowRepeat=&bgOverlayRepeat=&bgErrorRepeat=&bgHighlightRepeat=&bgContentRepeat=&bgHeaderRepeat=&bgActiveRepeat=&bgHoverRepeat=&bgDefaultRepeat=&iconsHover=url(%22images%2Fui-icons_555555_256x240.png%22)&iconsHighlight=url(%22images%2Fui-icons_777620_256x240.png%22)&iconsHeader=url(%22images%2Fui-icons_444444_256x240.png%22)&iconsError=url(%22images%2Fui-icons_cc0000_256x240.png%22)&iconsDefault=url(%22images%2Fui-icons_777777_256x240.png%22)&iconsContent=url(%22images%2Fui-icons_444444_256x240.png%22)&iconsActive=url(%22images%2Fui-icons_ffffff_256x240.png%22)&bgImgUrlShadow=&bgImgUrlOverlay=&bgImgUrlHover=&bgImgUrlHighlight=&bgImgUrlHeader=&bgImgUrlError=&bgImgUrlDefault=&bgImgUrlContent=&bgImgUrlActive=&opacityFilterShadow=Alpha(Opacity%3D30)&opacityFilterOverlay=Alpha(Opacity%3D30)&opacityShadowPerc=30&opacityOverlayPerc=30&iconColorHover=%23555555&iconColorHighlight=%23777620&iconColorHeader=%23444444&iconColorError=%23cc0000&iconColorDefault=%23777777&iconColorContent=%23444444&iconColorActive=%23ffffff&bgImgOpacityShadow=0&bgImgOpacityOverlay=0&bgImgOpacityError=95&bgImgOpacityHighlight=55&bgImgOpacityContent=75&bgImgOpacityHeader=75&bgImgOpacityActive=65&bgImgOpacityHover=75&bgImgOpacityDefault=75&bgTextureShadow=flat&bgTextureOverlay=flat&bgTextureError=flat&bgTextureHighlight=flat&bgTextureContent=flat&bgTextureHeader=flat&bgTextureActive=flat&bgTextureHover=flat&bgTextureDefault=flat&cornerRadius=3px&fwDefault=normal&ffDefault=Arial%2CHelvetica%2Csans-serif&fsDefault=1em&cornerRadiusShadow=8px&thicknessShadow=5px&offsetLeftShadow=0px&offsetTopShadow=0px&opacityShadow=.3&bgColorShadow=%23666666&opacityOverlay=.3&bgColorOverlay=%23aaaaaa&fcError=%235f3f3f&borderColorError=%23f1a899&bgColorError=%23fddfdf&fcHighlight=%23777620&borderColorHighlight=%23dad55e&bgColorHighlight=%23fffa90&fcContent=%23333333&borderColorContent=%23dddddd&bgColorContent=%23ffffff&fcHeader=%23333333&borderColorHeader=%23dddddd&bgColorHeader=%23e9e9e9&fcActive=%23ffffff&borderColorActive=%23003eff&bgColorActive=%23007fff&fcHover=%232b2b2b&borderColorHover=%23cccccc&bgColorHover=%23ededed&fcDefault=%23454545&borderColorDefault=%23c5c5c5&bgColorDefault=%23f6f6f6 + * * Copyright jQuery Foundation and other contributors; Licensed MIT */ + +.ui-helper-hidden{display:none}.ui-helper-hidden-accessible{border:0;clip:rect(0 0 0 0);height:1px;margin:-1px;overflow:hidden;padding:0;position:absolute;width:1px}.ui-helper-reset{margin:0;padding:0;border:0;outline:0;line-height:1.3;text-decoration:none;font-size:100%;list-style:none}.ui-helper-clearfix:before,.ui-helper-clearfix:after{content:"";display:table;border-collapse:collapse}.ui-helper-clearfix:after{clear:both}.ui-helper-zfix{width:100%;height:100%;top:0;left:0;position:absolute;opacity:0;filter:Alpha(Opacity=0)}.ui-front{z-index:100}.ui-state-disabled{cursor:default!important;pointer-events:none}.ui-icon{display:inline-block;vertical-align:middle;margin-top:-.25em;position:relative;text-indent:-99999px;overflow:hidden;background-repeat:no-repeat}.ui-widget-icon-block{left:50%;margin-left:-8px;display:block}.ui-widget-overlay{position:fixed;top:0;left:0;width:100%;height:100%}.ui-accordion .ui-accordion-header{display:block;cursor:pointer;position:relative;margin:2px 0 0 0;padding:.5em .5em .5em .7em;font-size:100%}.ui-accordion .ui-accordion-content{padding:1em 2.2em;border-top:0;overflow:auto}.ui-autocomplete{position:absolute;top:0;left:0;cursor:default}.ui-menu{list-style:none;padding:0;margin:0;display:block;outline:0}.ui-menu .ui-menu{position:absolute}.ui-menu .ui-menu-item{margin:0;cursor:pointer;list-style-image:url("data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7")}.ui-menu .ui-menu-item-wrapper{position:relative;padding:3px 1em 3px .4em}.ui-menu .ui-menu-divider{margin:5px 0;height:0;font-size:0;line-height:0;border-width:1px 0 0 0}.ui-menu .ui-state-focus,.ui-menu .ui-state-active{margin:-1px}.ui-menu-icons{position:relative}.ui-menu-icons .ui-menu-item-wrapper{padding-left:2em}.ui-menu .ui-icon{position:absolute;top:0;bottom:0;left:.2em;margin:auto 0}.ui-menu .ui-menu-icon{left:auto;right:0}.ui-button{padding:.4em 1em;display:inline-block;position:relative;line-height:normal;margin-right:.1em;cursor:pointer;vertical-align:middle;text-align:center;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none;overflow:visible}.ui-button,.ui-button:link,.ui-button:visited,.ui-button:hover,.ui-button:active{text-decoration:none}.ui-button-icon-only{width:2em;box-sizing:border-box;text-indent:-9999px;white-space:nowrap}input.ui-button.ui-button-icon-only{text-indent:0}.ui-button-icon-only .ui-icon{position:absolute;top:50%;left:50%;margin-top:-8px;margin-left:-8px}.ui-button.ui-icon-notext .ui-icon{padding:0;width:2.1em;height:2.1em;text-indent:-9999px;white-space:nowrap}input.ui-button.ui-icon-notext .ui-icon{width:auto;height:auto;text-indent:0;white-space:normal;padding:.4em 1em}input.ui-button::-moz-focus-inner,button.ui-button::-moz-focus-inner{border:0;padding:0}.ui-controlgroup{vertical-align:middle;display:inline-block}.ui-controlgroup > .ui-controlgroup-item{float:left;margin-left:0;margin-right:0}.ui-controlgroup > .ui-controlgroup-item:focus,.ui-controlgroup > .ui-controlgroup-item.ui-visual-focus{z-index:9999}.ui-controlgroup-vertical > .ui-controlgroup-item{display:block;float:none;width:100%;margin-top:0;margin-bottom:0;text-align:left}.ui-controlgroup-vertical .ui-controlgroup-item{box-sizing:border-box}.ui-controlgroup .ui-controlgroup-label{padding:.4em 1em}.ui-controlgroup .ui-controlgroup-label span{font-size:80%}.ui-controlgroup-horizontal .ui-controlgroup-label + .ui-controlgroup-item{border-left:none}.ui-controlgroup-vertical .ui-controlgroup-label + .ui-controlgroup-item{border-top:none}.ui-controlgroup-horizontal .ui-controlgroup-label.ui-widget-content{border-right:none}.ui-controlgroup-vertical .ui-controlgroup-label.ui-widget-content{border-bottom:none}.ui-controlgroup-vertical .ui-spinner-input{width:75%;width:calc( 100% - 2.4em )}.ui-controlgroup-vertical .ui-spinner .ui-spinner-up{border-top-style:solid}.ui-checkboxradio-label .ui-icon-background{box-shadow:inset 1px 1px 1px #ccc;border-radius:.12em;border:none}.ui-checkboxradio-radio-label .ui-icon-background{width:16px;height:16px;border-radius:1em;overflow:visible;border:none}.ui-checkboxradio-radio-label.ui-checkboxradio-checked .ui-icon,.ui-checkboxradio-radio-label.ui-checkboxradio-checked:hover .ui-icon{background-image:none;width:8px;height:8px;border-width:4px;border-style:solid}.ui-checkboxradio-disabled{pointer-events:none}.ui-datepicker{width:17em;padding:.2em .2em 0;display:none}.ui-datepicker .ui-datepicker-header{position:relative;padding:.2em 0}.ui-datepicker .ui-datepicker-prev,.ui-datepicker .ui-datepicker-next{position:absolute;top:2px;width:1.8em;height:1.8em}.ui-datepicker .ui-datepicker-prev-hover,.ui-datepicker .ui-datepicker-next-hover{top:1px}.ui-datepicker .ui-datepicker-prev{left:2px}.ui-datepicker .ui-datepicker-next{right:2px}.ui-datepicker .ui-datepicker-prev-hover{left:1px}.ui-datepicker .ui-datepicker-next-hover{right:1px}.ui-datepicker .ui-datepicker-prev span,.ui-datepicker .ui-datepicker-next span{display:block;position:absolute;left:50%;margin-left:-8px;top:50%;margin-top:-8px}.ui-datepicker .ui-datepicker-title{margin:0 2.3em;line-height:1.8em;text-align:center}.ui-datepicker .ui-datepicker-title select{font-size:1em;margin:1px 0}.ui-datepicker select.ui-datepicker-month,.ui-datepicker select.ui-datepicker-year{width:45%}.ui-datepicker table{width:100%;font-size:.9em;border-collapse:collapse;margin:0 0 .4em}.ui-datepicker th{padding:.7em .3em;text-align:center;font-weight:bold;border:0}.ui-datepicker td{border:0;padding:1px}.ui-datepicker td span,.ui-datepicker td a{display:block;padding:.2em;text-align:right;text-decoration:none}.ui-datepicker .ui-datepicker-buttonpane{background-image:none;margin:.7em 0 0 0;padding:0 .2em;border-left:0;border-right:0;border-bottom:0}.ui-datepicker .ui-datepicker-buttonpane button{float:right;margin:.5em .2em .4em;cursor:pointer;padding:.2em .6em .3em .6em;width:auto;overflow:visible}.ui-datepicker .ui-datepicker-buttonpane button.ui-datepicker-current{float:left}.ui-datepicker.ui-datepicker-multi{width:auto}.ui-datepicker-multi .ui-datepicker-group{float:left}.ui-datepicker-multi .ui-datepicker-group table{width:95%;margin:0 auto .4em}.ui-datepicker-multi-2 .ui-datepicker-group{width:50%}.ui-datepicker-multi-3 .ui-datepicker-group{width:33.3%}.ui-datepicker-multi-4 .ui-datepicker-group{width:25%}.ui-datepicker-multi .ui-datepicker-group-last .ui-datepicker-header,.ui-datepicker-multi .ui-datepicker-group-middle .ui-datepicker-header{border-left-width:0}.ui-datepicker-multi .ui-datepicker-buttonpane{clear:left}.ui-datepicker-row-break{clear:both;width:100%;font-size:0}.ui-datepicker-rtl{direction:rtl}.ui-datepicker-rtl .ui-datepicker-prev{right:2px;left:auto}.ui-datepicker-rtl .ui-datepicker-next{left:2px;right:auto}.ui-datepicker-rtl .ui-datepicker-prev:hover{right:1px;left:auto}.ui-datepicker-rtl .ui-datepicker-next:hover{left:1px;right:auto}.ui-datepicker-rtl .ui-datepicker-buttonpane{clear:right}.ui-datepicker-rtl .ui-datepicker-buttonpane button{float:left}.ui-datepicker-rtl .ui-datepicker-buttonpane button.ui-datepicker-current,.ui-datepicker-rtl .ui-datepicker-group{float:right}.ui-datepicker-rtl .ui-datepicker-group-last .ui-datepicker-header,.ui-datepicker-rtl .ui-datepicker-group-middle .ui-datepicker-header{border-right-width:0;border-left-width:1px}.ui-datepicker .ui-icon{display:block;text-indent:-99999px;overflow:hidden;background-repeat:no-repeat;left:.5em;top:.3em}.ui-dialog{position:absolute;top:0;left:0;padding:.2em;outline:0}.ui-dialog .ui-dialog-titlebar{padding:.4em 1em;position:relative}.ui-dialog .ui-dialog-title{float:left;margin:.1em 0;white-space:nowrap;width:90%;overflow:hidden;text-overflow:ellipsis}.ui-dialog .ui-dialog-titlebar-close{position:absolute;right:.3em;top:50%;width:20px;margin:-10px 0 0 0;padding:1px;height:20px}.ui-dialog .ui-dialog-content{position:relative;border:0;padding:.5em 1em;background:none;overflow:auto}.ui-dialog .ui-dialog-buttonpane{text-align:left;border-width:1px 0 0 0;background-image:none;margin-top:.5em;padding:.3em 1em .5em .4em}.ui-dialog .ui-dialog-buttonpane .ui-dialog-buttonset{float:right}.ui-dialog .ui-dialog-buttonpane button{margin:.5em .4em .5em 0;cursor:pointer}.ui-dialog .ui-resizable-n{height:2px;top:0}.ui-dialog .ui-resizable-e{width:2px;right:0}.ui-dialog .ui-resizable-s{height:2px;bottom:0}.ui-dialog .ui-resizable-w{width:2px;left:0}.ui-dialog .ui-resizable-se,.ui-dialog .ui-resizable-sw,.ui-dialog .ui-resizable-ne,.ui-dialog .ui-resizable-nw{width:7px;height:7px}.ui-dialog .ui-resizable-se{right:0;bottom:0}.ui-dialog .ui-resizable-sw{left:0;bottom:0}.ui-dialog .ui-resizable-ne{right:0;top:0}.ui-dialog .ui-resizable-nw{left:0;top:0}.ui-draggable .ui-dialog-titlebar{cursor:move}.ui-draggable-handle{-ms-touch-action:none;touch-action:none}.ui-resizable{position:relative}.ui-resizable-handle{position:absolute;font-size:0.1px;display:block;-ms-touch-action:none;touch-action:none}.ui-resizable-disabled .ui-resizable-handle,.ui-resizable-autohide .ui-resizable-handle{display:none}.ui-resizable-n{cursor:n-resize;height:7px;width:100%;top:-5px;left:0}.ui-resizable-s{cursor:s-resize;height:7px;width:100%;bottom:-5px;left:0}.ui-resizable-e{cursor:e-resize;width:7px;right:-5px;top:0;height:100%}.ui-resizable-w{cursor:w-resize;width:7px;left:-5px;top:0;height:100%}.ui-resizable-se{cursor:se-resize;width:12px;height:12px;right:1px;bottom:1px}.ui-resizable-sw{cursor:sw-resize;width:9px;height:9px;left:-5px;bottom:-5px}.ui-resizable-nw{cursor:nw-resize;width:9px;height:9px;left:-5px;top:-5px}.ui-resizable-ne{cursor:ne-resize;width:9px;height:9px;right:-5px;top:-5px}.ui-progressbar{height:2em;text-align:left;overflow:hidden}.ui-progressbar .ui-progressbar-value{margin:-1px;height:100%}.ui-progressbar .ui-progressbar-overlay{background:url("data:image/gif;base64,R0lGODlhKAAoAIABAAAAAP///yH/C05FVFNDQVBFMi4wAwEAAAAh+QQJAQABACwAAAAAKAAoAAACkYwNqXrdC52DS06a7MFZI+4FHBCKoDeWKXqymPqGqxvJrXZbMx7Ttc+w9XgU2FB3lOyQRWET2IFGiU9m1frDVpxZZc6bfHwv4c1YXP6k1Vdy292Fb6UkuvFtXpvWSzA+HycXJHUXiGYIiMg2R6W459gnWGfHNdjIqDWVqemH2ekpObkpOlppWUqZiqr6edqqWQAAIfkECQEAAQAsAAAAACgAKAAAApSMgZnGfaqcg1E2uuzDmmHUBR8Qil95hiPKqWn3aqtLsS18y7G1SzNeowWBENtQd+T1JktP05nzPTdJZlR6vUxNWWjV+vUWhWNkWFwxl9VpZRedYcflIOLafaa28XdsH/ynlcc1uPVDZxQIR0K25+cICCmoqCe5mGhZOfeYSUh5yJcJyrkZWWpaR8doJ2o4NYq62lAAACH5BAkBAAEALAAAAAAoACgAAAKVDI4Yy22ZnINRNqosw0Bv7i1gyHUkFj7oSaWlu3ovC8GxNso5fluz3qLVhBVeT/Lz7ZTHyxL5dDalQWPVOsQWtRnuwXaFTj9jVVh8pma9JjZ4zYSj5ZOyma7uuolffh+IR5aW97cHuBUXKGKXlKjn+DiHWMcYJah4N0lYCMlJOXipGRr5qdgoSTrqWSq6WFl2ypoaUAAAIfkECQEAAQAsAAAAACgAKAAAApaEb6HLgd/iO7FNWtcFWe+ufODGjRfoiJ2akShbueb0wtI50zm02pbvwfWEMWBQ1zKGlLIhskiEPm9R6vRXxV4ZzWT2yHOGpWMyorblKlNp8HmHEb/lCXjcW7bmtXP8Xt229OVWR1fod2eWqNfHuMjXCPkIGNileOiImVmCOEmoSfn3yXlJWmoHGhqp6ilYuWYpmTqKUgAAIfkECQEAAQAsAAAAACgAKAAAApiEH6kb58biQ3FNWtMFWW3eNVcojuFGfqnZqSebuS06w5V80/X02pKe8zFwP6EFWOT1lDFk8rGERh1TTNOocQ61Hm4Xm2VexUHpzjymViHrFbiELsefVrn6XKfnt2Q9G/+Xdie499XHd2g4h7ioOGhXGJboGAnXSBnoBwKYyfioubZJ2Hn0RuRZaflZOil56Zp6iioKSXpUAAAh+QQJAQABACwAAAAAKAAoAAACkoQRqRvnxuI7kU1a1UU5bd5tnSeOZXhmn5lWK3qNTWvRdQxP8qvaC+/yaYQzXO7BMvaUEmJRd3TsiMAgswmNYrSgZdYrTX6tSHGZO73ezuAw2uxuQ+BbeZfMxsexY35+/Qe4J1inV0g4x3WHuMhIl2jXOKT2Q+VU5fgoSUI52VfZyfkJGkha6jmY+aaYdirq+lQAACH5BAkBAAEALAAAAAAoACgAAAKWBIKpYe0L3YNKToqswUlvznigd4wiR4KhZrKt9Upqip61i9E3vMvxRdHlbEFiEXfk9YARYxOZZD6VQ2pUunBmtRXo1Lf8hMVVcNl8JafV38aM2/Fu5V16Bn63r6xt97j09+MXSFi4BniGFae3hzbH9+hYBzkpuUh5aZmHuanZOZgIuvbGiNeomCnaxxap2upaCZsq+1kAACH5BAkBAAEALAAAAAAoACgAAAKXjI8By5zf4kOxTVrXNVlv1X0d8IGZGKLnNpYtm8Lr9cqVeuOSvfOW79D9aDHizNhDJidFZhNydEahOaDH6nomtJjp1tutKoNWkvA6JqfRVLHU/QUfau9l2x7G54d1fl995xcIGAdXqMfBNadoYrhH+Mg2KBlpVpbluCiXmMnZ2Sh4GBqJ+ckIOqqJ6LmKSllZmsoq6wpQAAAh+QQJAQABACwAAAAAKAAoAAAClYx/oLvoxuJDkU1a1YUZbJ59nSd2ZXhWqbRa2/gF8Gu2DY3iqs7yrq+xBYEkYvFSM8aSSObE+ZgRl1BHFZNr7pRCavZ5BW2142hY3AN/zWtsmf12p9XxxFl2lpLn1rseztfXZjdIWIf2s5dItwjYKBgo9yg5pHgzJXTEeGlZuenpyPmpGQoKOWkYmSpaSnqKileI2FAAACH5BAkBAAEALAAAAAAoACgAAAKVjB+gu+jG4kORTVrVhRlsnn2dJ3ZleFaptFrb+CXmO9OozeL5VfP99HvAWhpiUdcwkpBH3825AwYdU8xTqlLGhtCosArKMpvfa1mMRae9VvWZfeB2XfPkeLmm18lUcBj+p5dnN8jXZ3YIGEhYuOUn45aoCDkp16hl5IjYJvjWKcnoGQpqyPlpOhr3aElaqrq56Bq7VAAAOw==");height:100%;filter:alpha(opacity=25);opacity:0.25}.ui-progressbar-indeterminate .ui-progressbar-value{background-image:none}.ui-selectable{-ms-touch-action:none;touch-action:none}.ui-selectable-helper{position:absolute;z-index:100;border:1px dotted black}.ui-selectmenu-menu{padding:0;margin:0;position:absolute;top:0;left:0;display:none}.ui-selectmenu-menu .ui-menu{overflow:auto;overflow-x:hidden;padding-bottom:1px}.ui-selectmenu-menu .ui-menu .ui-selectmenu-optgroup{font-size:1em;font-weight:bold;line-height:1.5;padding:2px 0.4em;margin:0.5em 0 0 0;height:auto;border:0}.ui-selectmenu-open{display:block}.ui-selectmenu-text{display:block;margin-right:20px;overflow:hidden;text-overflow:ellipsis}.ui-selectmenu-button.ui-button{text-align:left;white-space:nowrap;width:14em}.ui-selectmenu-icon.ui-icon{float:right;margin-top:0}.ui-slider{position:relative;text-align:left}.ui-slider .ui-slider-handle{position:absolute;z-index:2;width:1.2em;height:1.2em;cursor:default;-ms-touch-action:none;touch-action:none}.ui-slider .ui-slider-range{position:absolute;z-index:1;font-size:.7em;display:block;border:0;background-position:0 0}.ui-slider.ui-state-disabled .ui-slider-handle,.ui-slider.ui-state-disabled .ui-slider-range{filter:inherit}.ui-slider-horizontal{height:.8em}.ui-slider-horizontal .ui-slider-handle{top:-.3em;margin-left:-.6em}.ui-slider-horizontal .ui-slider-range{top:0;height:100%}.ui-slider-horizontal .ui-slider-range-min{left:0}.ui-slider-horizontal .ui-slider-range-max{right:0}.ui-slider-vertical{width:.8em;height:100px}.ui-slider-vertical .ui-slider-handle{left:-.3em;margin-left:0;margin-bottom:-.6em}.ui-slider-vertical .ui-slider-range{left:0;width:100%}.ui-slider-vertical .ui-slider-range-min{bottom:0}.ui-slider-vertical .ui-slider-range-max{top:0}.ui-sortable-handle{-ms-touch-action:none;touch-action:none}.ui-spinner{position:relative;display:inline-block;overflow:hidden;padding:0;vertical-align:middle}.ui-spinner-input{border:none;background:none;color:inherit;padding:.222em 0;margin:.2em 0;vertical-align:middle;margin-left:.4em;margin-right:2em}.ui-spinner-button{width:1.6em;height:50%;font-size:.5em;padding:0;margin:0;text-align:center;position:absolute;cursor:default;display:block;overflow:hidden;right:0}.ui-spinner a.ui-spinner-button{border-top-style:none;border-bottom-style:none;border-right-style:none}.ui-spinner-up{top:0}.ui-spinner-down{bottom:0}.ui-tabs{position:relative;padding:.2em}.ui-tabs .ui-tabs-nav{margin:0;padding:.2em .2em 0}.ui-tabs .ui-tabs-nav li{list-style:none;float:left;position:relative;top:0;margin:1px .2em 0 0;border-bottom-width:0;padding:0;white-space:nowrap}.ui-tabs .ui-tabs-nav .ui-tabs-anchor{float:left;padding:.5em 1em;text-decoration:none}.ui-tabs .ui-tabs-nav li.ui-tabs-active{margin-bottom:-1px;padding-bottom:1px}.ui-tabs .ui-tabs-nav li.ui-tabs-active .ui-tabs-anchor,.ui-tabs .ui-tabs-nav li.ui-state-disabled .ui-tabs-anchor,.ui-tabs .ui-tabs-nav li.ui-tabs-loading .ui-tabs-anchor{cursor:text}.ui-tabs-collapsible .ui-tabs-nav li.ui-tabs-active .ui-tabs-anchor{cursor:pointer}.ui-tabs .ui-tabs-panel{display:block;border-width:0;padding:1em 1.4em;background:none}.ui-tooltip{padding:8px;position:absolute;z-index:9999;max-width:300px}body .ui-tooltip{border-width:2px}.ui-widget{font-family:Arial,Helvetica,sans-serif;font-size:1em}.ui-widget .ui-widget{font-size:1em}.ui-widget input,.ui-widget select,.ui-widget textarea,.ui-widget button{font-family:Arial,Helvetica,sans-serif;font-size:1em}.ui-widget.ui-widget-content{border:1px solid #c5c5c5}.ui-widget-content{border:1px solid #ddd;background:#fff;color:#333}.ui-widget-content a{color:#333}.ui-widget-header{border:1px solid #ddd;background:#e9e9e9;color:#333;font-weight:bold}.ui-widget-header a{color:#333}.ui-state-default,.ui-widget-content .ui-state-default,.ui-widget-header .ui-state-default,.ui-button,html .ui-button.ui-state-disabled:hover,html .ui-button.ui-state-disabled:active{border:1px solid #c5c5c5;background:#f6f6f6;font-weight:normal;color:#454545}.ui-state-default a,.ui-state-default a:link,.ui-state-default a:visited,a.ui-button,a:link.ui-button,a:visited.ui-button,.ui-button{color:#454545;text-decoration:none}.ui-state-hover,.ui-widget-content .ui-state-hover,.ui-widget-header .ui-state-hover,.ui-state-focus,.ui-widget-content .ui-state-focus,.ui-widget-header .ui-state-focus,.ui-button:hover,.ui-button:focus{border:1px solid #ccc;background:#ededed;font-weight:normal;color:#2b2b2b}.ui-state-hover a,.ui-state-hover a:hover,.ui-state-hover a:link,.ui-state-hover a:visited,.ui-state-focus a,.ui-state-focus a:hover,.ui-state-focus a:link,.ui-state-focus a:visited,a.ui-button:hover,a.ui-button:focus{color:#2b2b2b;text-decoration:none}.ui-visual-focus{box-shadow:0 0 3px 1px rgb(94,158,214)}.ui-state-active,.ui-widget-content .ui-state-active,.ui-widget-header .ui-state-active,a.ui-button:active,.ui-button:active,.ui-button.ui-state-active:hover{border:1px solid #003eff;background:#007fff;font-weight:normal;color:#fff}.ui-icon-background,.ui-state-active .ui-icon-background{border:#003eff;background-color:#fff}.ui-state-active a,.ui-state-active a:link,.ui-state-active a:visited{color:#fff;text-decoration:none}.ui-state-highlight,.ui-widget-content .ui-state-highlight,.ui-widget-header .ui-state-highlight{border:1px solid #dad55e;background:#fffa90;color:#777620}.ui-state-checked{border:1px solid #dad55e;background:#fffa90}.ui-state-highlight a,.ui-widget-content .ui-state-highlight a,.ui-widget-header .ui-state-highlight a{color:#777620}.ui-state-error,.ui-widget-content .ui-state-error,.ui-widget-header .ui-state-error{border:1px solid #f1a899;background:#fddfdf;color:#5f3f3f}.ui-state-error a,.ui-widget-content .ui-state-error a,.ui-widget-header .ui-state-error a{color:#5f3f3f}.ui-state-error-text,.ui-widget-content .ui-state-error-text,.ui-widget-header .ui-state-error-text{color:#5f3f3f}.ui-priority-primary,.ui-widget-content .ui-priority-primary,.ui-widget-header .ui-priority-primary{font-weight:bold}.ui-priority-secondary,.ui-widget-content .ui-priority-secondary,.ui-widget-header .ui-priority-secondary{opacity:.7;filter:Alpha(Opacity=70);font-weight:normal}.ui-state-disabled,.ui-widget-content .ui-state-disabled,.ui-widget-header .ui-state-disabled{opacity:.35;filter:Alpha(Opacity=35);background-image:none}.ui-state-disabled .ui-icon{filter:Alpha(Opacity=35)}.ui-icon{width:16px;height:16px}.ui-icon,.ui-widget-content .ui-icon{background-image:url("images/ui-icons_444444_256x240.png")}.ui-widget-header .ui-icon{background-image:url("images/ui-icons_444444_256x240.png")}.ui-state-hover .ui-icon,.ui-state-focus .ui-icon,.ui-button:hover .ui-icon,.ui-button:focus .ui-icon{background-image:url("images/ui-icons_555555_256x240.png")}.ui-state-active .ui-icon,.ui-button:active .ui-icon{background-image:url("images/ui-icons_ffffff_256x240.png")}.ui-state-highlight .ui-icon,.ui-button .ui-state-highlight.ui-icon{background-image:url("images/ui-icons_777620_256x240.png")}.ui-state-error .ui-icon,.ui-state-error-text .ui-icon{background-image:url("images/ui-icons_cc0000_256x240.png")}.ui-button .ui-icon{background-image:url("images/ui-icons_777777_256x240.png")}.ui-icon-blank{background-position:16px 16px}.ui-icon-caret-1-n{background-position:0 0}.ui-icon-caret-1-ne{background-position:-16px 0}.ui-icon-caret-1-e{background-position:-32px 0}.ui-icon-caret-1-se{background-position:-48px 0}.ui-icon-caret-1-s{background-position:-65px 0}.ui-icon-caret-1-sw{background-position:-80px 0}.ui-icon-caret-1-w{background-position:-96px 0}.ui-icon-caret-1-nw{background-position:-112px 0}.ui-icon-caret-2-n-s{background-position:-128px 0}.ui-icon-caret-2-e-w{background-position:-144px 0}.ui-icon-triangle-1-n{background-position:0 -16px}.ui-icon-triangle-1-ne{background-position:-16px -16px}.ui-icon-triangle-1-e{background-position:-32px -16px}.ui-icon-triangle-1-se{background-position:-48px -16px}.ui-icon-triangle-1-s{background-position:-65px -16px}.ui-icon-triangle-1-sw{background-position:-80px -16px}.ui-icon-triangle-1-w{background-position:-96px -16px}.ui-icon-triangle-1-nw{background-position:-112px -16px}.ui-icon-triangle-2-n-s{background-position:-128px -16px}.ui-icon-triangle-2-e-w{background-position:-144px -16px}.ui-icon-arrow-1-n{background-position:0 -32px}.ui-icon-arrow-1-ne{background-position:-16px -32px}.ui-icon-arrow-1-e{background-position:-32px -32px}.ui-icon-arrow-1-se{background-position:-48px -32px}.ui-icon-arrow-1-s{background-position:-65px -32px}.ui-icon-arrow-1-sw{background-position:-80px -32px}.ui-icon-arrow-1-w{background-position:-96px -32px}.ui-icon-arrow-1-nw{background-position:-112px -32px}.ui-icon-arrow-2-n-s{background-position:-128px -32px}.ui-icon-arrow-2-ne-sw{background-position:-144px -32px}.ui-icon-arrow-2-e-w{background-position:-160px -32px}.ui-icon-arrow-2-se-nw{background-position:-176px -32px}.ui-icon-arrowstop-1-n{background-position:-192px -32px}.ui-icon-arrowstop-1-e{background-position:-208px -32px}.ui-icon-arrowstop-1-s{background-position:-224px -32px}.ui-icon-arrowstop-1-w{background-position:-240px -32px}.ui-icon-arrowthick-1-n{background-position:1px -48px}.ui-icon-arrowthick-1-ne{background-position:-16px -48px}.ui-icon-arrowthick-1-e{background-position:-32px -48px}.ui-icon-arrowthick-1-se{background-position:-48px -48px}.ui-icon-arrowthick-1-s{background-position:-64px -48px}.ui-icon-arrowthick-1-sw{background-position:-80px -48px}.ui-icon-arrowthick-1-w{background-position:-96px -48px}.ui-icon-arrowthick-1-nw{background-position:-112px -48px}.ui-icon-arrowthick-2-n-s{background-position:-128px -48px}.ui-icon-arrowthick-2-ne-sw{background-position:-144px -48px}.ui-icon-arrowthick-2-e-w{background-position:-160px -48px}.ui-icon-arrowthick-2-se-nw{background-position:-176px -48px}.ui-icon-arrowthickstop-1-n{background-position:-192px -48px}.ui-icon-arrowthickstop-1-e{background-position:-208px -48px}.ui-icon-arrowthickstop-1-s{background-position:-224px -48px}.ui-icon-arrowthickstop-1-w{background-position:-240px -48px}.ui-icon-arrowreturnthick-1-w{background-position:0 -64px}.ui-icon-arrowreturnthick-1-n{background-position:-16px -64px}.ui-icon-arrowreturnthick-1-e{background-position:-32px -64px}.ui-icon-arrowreturnthick-1-s{background-position:-48px -64px}.ui-icon-arrowreturn-1-w{background-position:-64px -64px}.ui-icon-arrowreturn-1-n{background-position:-80px -64px}.ui-icon-arrowreturn-1-e{background-position:-96px -64px}.ui-icon-arrowreturn-1-s{background-position:-112px -64px}.ui-icon-arrowrefresh-1-w{background-position:-128px -64px}.ui-icon-arrowrefresh-1-n{background-position:-144px -64px}.ui-icon-arrowrefresh-1-e{background-position:-160px -64px}.ui-icon-arrowrefresh-1-s{background-position:-176px -64px}.ui-icon-arrow-4{background-position:0 -80px}.ui-icon-arrow-4-diag{background-position:-16px -80px}.ui-icon-extlink{background-position:-32px -80px}.ui-icon-newwin{background-position:-48px -80px}.ui-icon-refresh{background-position:-64px -80px}.ui-icon-shuffle{background-position:-80px -80px}.ui-icon-transfer-e-w{background-position:-96px -80px}.ui-icon-transferthick-e-w{background-position:-112px -80px}.ui-icon-folder-collapsed{background-position:0 -96px}.ui-icon-folder-open{background-position:-16px -96px}.ui-icon-document{background-position:-32px -96px}.ui-icon-document-b{background-position:-48px -96px}.ui-icon-note{background-position:-64px -96px}.ui-icon-mail-closed{background-position:-80px -96px}.ui-icon-mail-open{background-position:-96px -96px}.ui-icon-suitcase{background-position:-112px -96px}.ui-icon-comment{background-position:-128px -96px}.ui-icon-person{background-position:-144px -96px}.ui-icon-print{background-position:-160px -96px}.ui-icon-trash{background-position:-176px -96px}.ui-icon-locked{background-position:-192px -96px}.ui-icon-unlocked{background-position:-208px -96px}.ui-icon-bookmark{background-position:-224px -96px}.ui-icon-tag{background-position:-240px -96px}.ui-icon-home{background-position:0 -112px}.ui-icon-flag{background-position:-16px -112px}.ui-icon-calendar{background-position:-32px -112px}.ui-icon-cart{background-position:-48px -112px}.ui-icon-pencil{background-position:-64px -112px}.ui-icon-clock{background-position:-80px -112px}.ui-icon-disk{background-position:-96px -112px}.ui-icon-calculator{background-position:-112px -112px}.ui-icon-zoomin{background-position:-128px -112px}.ui-icon-zoomout{background-position:-144px -112px}.ui-icon-search{background-position:-160px -112px}.ui-icon-wrench{background-position:-176px -112px}.ui-icon-gear{background-position:-192px -112px}.ui-icon-heart{background-position:-208px -112px}.ui-icon-star{background-position:-224px -112px}.ui-icon-link{background-position:-240px -112px}.ui-icon-cancel{background-position:0 -128px}.ui-icon-plus{background-position:-16px -128px}.ui-icon-plusthick{background-position:-32px -128px}.ui-icon-minus{background-position:-48px -128px}.ui-icon-minusthick{background-position:-64px -128px}.ui-icon-close{background-position:-80px -128px}.ui-icon-closethick{background-position:-96px -128px}.ui-icon-key{background-position:-112px -128px}.ui-icon-lightbulb{background-position:-128px -128px}.ui-icon-scissors{background-position:-144px -128px}.ui-icon-clipboard{background-position:-160px -128px}.ui-icon-copy{background-position:-176px -128px}.ui-icon-contact{background-position:-192px -128px}.ui-icon-image{background-position:-208px -128px}.ui-icon-video{background-position:-224px -128px}.ui-icon-script{background-position:-240px -128px}.ui-icon-alert{background-position:0 -144px}.ui-icon-info{background-position:-16px -144px}.ui-icon-notice{background-position:-32px -144px}.ui-icon-help{background-position:-48px -144px}.ui-icon-check{background-position:-64px -144px}.ui-icon-bullet{background-position:-80px -144px}.ui-icon-radio-on{background-position:-96px -144px}.ui-icon-radio-off{background-position:-112px -144px}.ui-icon-pin-w{background-position:-128px -144px}.ui-icon-pin-s{background-position:-144px -144px}.ui-icon-play{background-position:0 -160px}.ui-icon-pause{background-position:-16px -160px}.ui-icon-seek-next{background-position:-32px -160px}.ui-icon-seek-prev{background-position:-48px -160px}.ui-icon-seek-end{background-position:-64px -160px}.ui-icon-seek-start{background-position:-80px -160px}.ui-icon-seek-first{background-position:-80px -160px}.ui-icon-stop{background-position:-96px -160px}.ui-icon-eject{background-position:-112px -160px}.ui-icon-volume-off{background-position:-128px -160px}.ui-icon-volume-on{background-position:-144px -160px}.ui-icon-power{background-position:0 -176px}.ui-icon-signal-diag{background-position:-16px -176px}.ui-icon-signal{background-position:-32px -176px}.ui-icon-battery-0{background-position:-48px -176px}.ui-icon-battery-1{background-position:-64px -176px}.ui-icon-battery-2{background-position:-80px -176px}.ui-icon-battery-3{background-position:-96px -176px}.ui-icon-circle-plus{background-position:0 -192px}.ui-icon-circle-minus{background-position:-16px -192px}.ui-icon-circle-close{background-position:-32px -192px}.ui-icon-circle-triangle-e{background-position:-48px -192px}.ui-icon-circle-triangle-s{background-position:-64px -192px}.ui-icon-circle-triangle-w{background-position:-80px -192px}.ui-icon-circle-triangle-n{background-position:-96px -192px}.ui-icon-circle-arrow-e{background-position:-112px -192px}.ui-icon-circle-arrow-s{background-position:-128px -192px}.ui-icon-circle-arrow-w{background-position:-144px -192px}.ui-icon-circle-arrow-n{background-position:-160px -192px}.ui-icon-circle-zoomin{background-position:-176px -192px}.ui-icon-circle-zoomout{background-position:-192px -192px}.ui-icon-circle-check{background-position:-208px -192px}.ui-icon-circlesmall-plus{background-position:0 -208px}.ui-icon-circlesmall-minus{background-position:-16px -208px}.ui-icon-circlesmall-close{background-position:-32px -208px}.ui-icon-squaresmall-plus{background-position:-48px -208px}.ui-icon-squaresmall-minus{background-position:-64px -208px}.ui-icon-squaresmall-close{background-position:-80px -208px}.ui-icon-grip-dotted-vertical{background-position:0 -224px}.ui-icon-grip-dotted-horizontal{background-position:-16px -224px}.ui-icon-grip-solid-vertical{background-position:-32px -224px}.ui-icon-grip-solid-horizontal{background-position:-48px -224px}.ui-icon-gripsmall-diagonal-se{background-position:-64px -224px}.ui-icon-grip-diagonal-se{background-position:-80px -224px}.ui-corner-all,.ui-corner-top,.ui-corner-left,.ui-corner-tl{border-top-left-radius:3px}.ui-corner-all,.ui-corner-top,.ui-corner-right,.ui-corner-tr{border-top-right-radius:3px}.ui-corner-all,.ui-corner-bottom,.ui-corner-left,.ui-corner-bl{border-bottom-left-radius:3px}.ui-corner-all,.ui-corner-bottom,.ui-corner-right,.ui-corner-br{border-bottom-right-radius:3px}.ui-widget-overlay{background:#aaa;opacity:.003;filter:Alpha(Opacity=.3)}.ui-widget-shadow{-webkit-box-shadow:0 0 5px #666;box-shadow:0 0 5px #666} diff --git a/tests/test_root_data/index.html b/tests/test_root_data/index.html new file mode 100755 index 0000000..0563f88 --- /dev/null +++ b/tests/test_root_data/index.html @@ -0,0 +1,11 @@ + + + +CS3214 - Personal Server + + + +

Congrats! Your server is up and running.

+

This is a main HTML file for CS3214 - Project 4 - Personal Server.

+ + diff --git a/tests/test_root_data/js/jquery.min.js b/tests/test_root_data/js/jquery.min.js new file mode 100755 index 0000000..35a1dfb --- /dev/null +++ b/tests/test_root_data/js/jquery.min.js @@ -0,0 +1,3 @@ +/*! jQuery v3.3.1 | (c) JS Foundation and other contributors | jquery.org/license */ +!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(e,t){"use strict";var n=[],r=e.document,i=Object.getPrototypeOf,o=n.slice,a=n.concat,s=n.push,u=n.indexOf,l={},c=l.toString,f=l.hasOwnProperty,p=f.toString,d=p.call(Object),h={},g=function e(t){return"function"==typeof t&&"number"!=typeof t.nodeType},y=function e(t){return null!=t&&t===t.window},v={type:!0,src:!0,noModule:!0};function m(e,t,n){var i,o=(t=t||r).createElement("script");if(o.text=e,n)for(i in v)n[i]&&(o[i]=n[i]);t.head.appendChild(o).parentNode.removeChild(o)}function x(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?l[c.call(e)]||"object":typeof e}var b="3.3.1",w=function(e,t){return new w.fn.init(e,t)},T=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g;w.fn=w.prototype={jquery:"3.3.1",constructor:w,length:0,toArray:function(){return o.call(this)},get:function(e){return null==e?o.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=w.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return w.each(this,e)},map:function(e){return this.pushStack(w.map(this,function(t,n){return e.call(t,n,t)}))},slice:function(){return this.pushStack(o.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(n>=0&&n0&&t-1 in e)}var E=function(e){var t,n,r,i,o,a,s,u,l,c,f,p,d,h,g,y,v,m,x,b="sizzle"+1*new Date,w=e.document,T=0,C=0,E=ae(),k=ae(),S=ae(),D=function(e,t){return e===t&&(f=!0),0},N={}.hasOwnProperty,A=[],j=A.pop,q=A.push,L=A.push,H=A.slice,O=function(e,t){for(var n=0,r=e.length;n+~]|"+M+")"+M+"*"),z=new RegExp("="+M+"*([^\\]'\"]*?)"+M+"*\\]","g"),X=new RegExp(W),U=new RegExp("^"+R+"$"),V={ID:new RegExp("^#("+R+")"),CLASS:new RegExp("^\\.("+R+")"),TAG:new RegExp("^("+R+"|[*])"),ATTR:new RegExp("^"+I),PSEUDO:new RegExp("^"+W),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+M+"*(even|odd|(([+-]|)(\\d*)n|)"+M+"*(?:([+-]|)"+M+"*(\\d+)|))"+M+"*\\)|)","i"),bool:new RegExp("^(?:"+P+")$","i"),needsContext:new RegExp("^"+M+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+M+"*((?:-\\d)?\\d*)"+M+"*\\)|)(?=[^-]|$)","i")},G=/^(?:input|select|textarea|button)$/i,Y=/^h\d$/i,Q=/^[^{]+\{\s*\[native \w/,J=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,K=/[+~]/,Z=new RegExp("\\\\([\\da-f]{1,6}"+M+"?|("+M+")|.)","ig"),ee=function(e,t,n){var r="0x"+t-65536;return r!==r||n?t:r<0?String.fromCharCode(r+65536):String.fromCharCode(r>>10|55296,1023&r|56320)},te=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\0-\x1f\x7f-\uFFFF\w-]/g,ne=function(e,t){return t?"\0"===e?"\ufffd":e.slice(0,-1)+"\\"+e.charCodeAt(e.length-1).toString(16)+" ":"\\"+e},re=function(){p()},ie=me(function(e){return!0===e.disabled&&("form"in e||"label"in e)},{dir:"parentNode",next:"legend"});try{L.apply(A=H.call(w.childNodes),w.childNodes),A[w.childNodes.length].nodeType}catch(e){L={apply:A.length?function(e,t){q.apply(e,H.call(t))}:function(e,t){var n=e.length,r=0;while(e[n++]=t[r++]);e.length=n-1}}}function oe(e,t,r,i){var o,s,l,c,f,h,v,m=t&&t.ownerDocument,T=t?t.nodeType:9;if(r=r||[],"string"!=typeof e||!e||1!==T&&9!==T&&11!==T)return r;if(!i&&((t?t.ownerDocument||t:w)!==d&&p(t),t=t||d,g)){if(11!==T&&(f=J.exec(e)))if(o=f[1]){if(9===T){if(!(l=t.getElementById(o)))return r;if(l.id===o)return r.push(l),r}else if(m&&(l=m.getElementById(o))&&x(t,l)&&l.id===o)return r.push(l),r}else{if(f[2])return L.apply(r,t.getElementsByTagName(e)),r;if((o=f[3])&&n.getElementsByClassName&&t.getElementsByClassName)return L.apply(r,t.getElementsByClassName(o)),r}if(n.qsa&&!S[e+" "]&&(!y||!y.test(e))){if(1!==T)m=t,v=e;else if("object"!==t.nodeName.toLowerCase()){(c=t.getAttribute("id"))?c=c.replace(te,ne):t.setAttribute("id",c=b),s=(h=a(e)).length;while(s--)h[s]="#"+c+" "+ve(h[s]);v=h.join(","),m=K.test(e)&&ge(t.parentNode)||t}if(v)try{return L.apply(r,m.querySelectorAll(v)),r}catch(e){}finally{c===b&&t.removeAttribute("id")}}}return u(e.replace(B,"$1"),t,r,i)}function ae(){var e=[];function t(n,i){return e.push(n+" ")>r.cacheLength&&delete t[e.shift()],t[n+" "]=i}return t}function se(e){return e[b]=!0,e}function ue(e){var t=d.createElement("fieldset");try{return!!e(t)}catch(e){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function le(e,t){var n=e.split("|"),i=n.length;while(i--)r.attrHandle[n[i]]=t}function ce(e,t){var n=t&&e,r=n&&1===e.nodeType&&1===t.nodeType&&e.sourceIndex-t.sourceIndex;if(r)return r;if(n)while(n=n.nextSibling)if(n===t)return-1;return e?1:-1}function fe(e){return function(t){return"input"===t.nodeName.toLowerCase()&&t.type===e}}function pe(e){return function(t){var n=t.nodeName.toLowerCase();return("input"===n||"button"===n)&&t.type===e}}function de(e){return function(t){return"form"in t?t.parentNode&&!1===t.disabled?"label"in t?"label"in t.parentNode?t.parentNode.disabled===e:t.disabled===e:t.isDisabled===e||t.isDisabled!==!e&&ie(t)===e:t.disabled===e:"label"in t&&t.disabled===e}}function he(e){return se(function(t){return t=+t,se(function(n,r){var i,o=e([],n.length,t),a=o.length;while(a--)n[i=o[a]]&&(n[i]=!(r[i]=n[i]))})})}function ge(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}n=oe.support={},o=oe.isXML=function(e){var t=e&&(e.ownerDocument||e).documentElement;return!!t&&"HTML"!==t.nodeName},p=oe.setDocument=function(e){var t,i,a=e?e.ownerDocument||e:w;return a!==d&&9===a.nodeType&&a.documentElement?(d=a,h=d.documentElement,g=!o(d),w!==d&&(i=d.defaultView)&&i.top!==i&&(i.addEventListener?i.addEventListener("unload",re,!1):i.attachEvent&&i.attachEvent("onunload",re)),n.attributes=ue(function(e){return e.className="i",!e.getAttribute("className")}),n.getElementsByTagName=ue(function(e){return e.appendChild(d.createComment("")),!e.getElementsByTagName("*").length}),n.getElementsByClassName=Q.test(d.getElementsByClassName),n.getById=ue(function(e){return h.appendChild(e).id=b,!d.getElementsByName||!d.getElementsByName(b).length}),n.getById?(r.filter.ID=function(e){var t=e.replace(Z,ee);return function(e){return e.getAttribute("id")===t}},r.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&g){var n=t.getElementById(e);return n?[n]:[]}}):(r.filter.ID=function(e){var t=e.replace(Z,ee);return function(e){var n="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return n&&n.value===t}},r.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&g){var n,r,i,o=t.getElementById(e);if(o){if((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),r.find.TAG=n.getElementsByTagName?function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTagName(e):n.qsa?t.querySelectorAll(e):void 0}:function(e,t){var n,r=[],i=0,o=t.getElementsByTagName(e);if("*"===e){while(n=o[i++])1===n.nodeType&&r.push(n);return r}return o},r.find.CLASS=n.getElementsByClassName&&function(e,t){if("undefined"!=typeof t.getElementsByClassName&&g)return t.getElementsByClassName(e)},v=[],y=[],(n.qsa=Q.test(d.querySelectorAll))&&(ue(function(e){h.appendChild(e).innerHTML="",e.querySelectorAll("[msallowcapture^='']").length&&y.push("[*^$]="+M+"*(?:''|\"\")"),e.querySelectorAll("[selected]").length||y.push("\\["+M+"*(?:value|"+P+")"),e.querySelectorAll("[id~="+b+"-]").length||y.push("~="),e.querySelectorAll(":checked").length||y.push(":checked"),e.querySelectorAll("a#"+b+"+*").length||y.push(".#.+[+~]")}),ue(function(e){e.innerHTML="";var t=d.createElement("input");t.setAttribute("type","hidden"),e.appendChild(t).setAttribute("name","D"),e.querySelectorAll("[name=d]").length&&y.push("name"+M+"*[*^$|!~]?="),2!==e.querySelectorAll(":enabled").length&&y.push(":enabled",":disabled"),h.appendChild(e).disabled=!0,2!==e.querySelectorAll(":disabled").length&&y.push(":enabled",":disabled"),e.querySelectorAll("*,:x"),y.push(",.*:")})),(n.matchesSelector=Q.test(m=h.matches||h.webkitMatchesSelector||h.mozMatchesSelector||h.oMatchesSelector||h.msMatchesSelector))&&ue(function(e){n.disconnectedMatch=m.call(e,"*"),m.call(e,"[s!='']:x"),v.push("!=",W)}),y=y.length&&new RegExp(y.join("|")),v=v.length&&new RegExp(v.join("|")),t=Q.test(h.compareDocumentPosition),x=t||Q.test(h.contains)?function(e,t){var n=9===e.nodeType?e.documentElement:e,r=t&&t.parentNode;return e===r||!(!r||1!==r.nodeType||!(n.contains?n.contains(r):e.compareDocumentPosition&&16&e.compareDocumentPosition(r)))}:function(e,t){if(t)while(t=t.parentNode)if(t===e)return!0;return!1},D=t?function(e,t){if(e===t)return f=!0,0;var r=!e.compareDocumentPosition-!t.compareDocumentPosition;return r||(1&(r=(e.ownerDocument||e)===(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!n.sortDetached&&t.compareDocumentPosition(e)===r?e===d||e.ownerDocument===w&&x(w,e)?-1:t===d||t.ownerDocument===w&&x(w,t)?1:c?O(c,e)-O(c,t):0:4&r?-1:1)}:function(e,t){if(e===t)return f=!0,0;var n,r=0,i=e.parentNode,o=t.parentNode,a=[e],s=[t];if(!i||!o)return e===d?-1:t===d?1:i?-1:o?1:c?O(c,e)-O(c,t):0;if(i===o)return ce(e,t);n=e;while(n=n.parentNode)a.unshift(n);n=t;while(n=n.parentNode)s.unshift(n);while(a[r]===s[r])r++;return r?ce(a[r],s[r]):a[r]===w?-1:s[r]===w?1:0},d):d},oe.matches=function(e,t){return oe(e,null,null,t)},oe.matchesSelector=function(e,t){if((e.ownerDocument||e)!==d&&p(e),t=t.replace(z,"='$1']"),n.matchesSelector&&g&&!S[t+" "]&&(!v||!v.test(t))&&(!y||!y.test(t)))try{var r=m.call(e,t);if(r||n.disconnectedMatch||e.document&&11!==e.document.nodeType)return r}catch(e){}return oe(t,d,null,[e]).length>0},oe.contains=function(e,t){return(e.ownerDocument||e)!==d&&p(e),x(e,t)},oe.attr=function(e,t){(e.ownerDocument||e)!==d&&p(e);var i=r.attrHandle[t.toLowerCase()],o=i&&N.call(r.attrHandle,t.toLowerCase())?i(e,t,!g):void 0;return void 0!==o?o:n.attributes||!g?e.getAttribute(t):(o=e.getAttributeNode(t))&&o.specified?o.value:null},oe.escape=function(e){return(e+"").replace(te,ne)},oe.error=function(e){throw new Error("Syntax error, unrecognized expression: "+e)},oe.uniqueSort=function(e){var t,r=[],i=0,o=0;if(f=!n.detectDuplicates,c=!n.sortStable&&e.slice(0),e.sort(D),f){while(t=e[o++])t===e[o]&&(i=r.push(o));while(i--)e.splice(r[i],1)}return c=null,e},i=oe.getText=function(e){var t,n="",r=0,o=e.nodeType;if(o){if(1===o||9===o||11===o){if("string"==typeof e.textContent)return e.textContent;for(e=e.firstChild;e;e=e.nextSibling)n+=i(e)}else if(3===o||4===o)return e.nodeValue}else while(t=e[r++])n+=i(t);return n},(r=oe.selectors={cacheLength:50,createPseudo:se,match:V,attrHandle:{},find:{},relative:{">":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace(Z,ee),e[3]=(e[3]||e[4]||e[5]||"").replace(Z,ee),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||oe.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]||1):2*("even"===e[3]||"odd"===e[3])),e[5]=+(e[7]+e[8]||"odd"===e[3])):e[3]&&oe.error(e[0]),e},PSEUDO:function(e){var t,n=!e[6]&&e[2];return V.CHILD.test(e[0])?null:(e[3]?e[2]=e[4]||e[5]||"":n&&X.test(n)&&(t=a(n,!0))&&(t=n.indexOf(")",n.length-t)-n.length)&&(e[0]=e[0].slice(0,t),e[2]=n.slice(0,t)),e.slice(0,3))}},filter:{TAG:function(e){var t=e.replace(Z,ee).toLowerCase();return"*"===e?function(){return!0}:function(e){return e.nodeName&&e.nodeName.toLowerCase()===t}},CLASS:function(e){var t=E[e+" "];return t||(t=new RegExp("(^|"+M+")"+e+"("+M+"|$)"))&&E(e,function(e){return t.test("string"==typeof e.className&&e.className||"undefined"!=typeof e.getAttribute&&e.getAttribute("class")||"")})},ATTR:function(e,t,n){return function(r){var i=oe.attr(r,e);return null==i?"!="===t:!t||(i+="","="===t?i===n:"!="===t?i!==n:"^="===t?n&&0===i.indexOf(n):"*="===t?n&&i.indexOf(n)>-1:"$="===t?n&&i.slice(-n.length)===n:"~="===t?(" "+i.replace($," ")+" ").indexOf(n)>-1:"|="===t&&(i===n||i.slice(0,n.length+1)===n+"-"))}},CHILD:function(e,t,n,r,i){var o="nth"!==e.slice(0,3),a="last"!==e.slice(-4),s="of-type"===t;return 1===r&&0===i?function(e){return!!e.parentNode}:function(t,n,u){var l,c,f,p,d,h,g=o!==a?"nextSibling":"previousSibling",y=t.parentNode,v=s&&t.nodeName.toLowerCase(),m=!u&&!s,x=!1;if(y){if(o){while(g){p=t;while(p=p[g])if(s?p.nodeName.toLowerCase()===v:1===p.nodeType)return!1;h=g="only"===e&&!h&&"nextSibling"}return!0}if(h=[a?y.firstChild:y.lastChild],a&&m){x=(d=(l=(c=(f=(p=y)[b]||(p[b]={}))[p.uniqueID]||(f[p.uniqueID]={}))[e]||[])[0]===T&&l[1])&&l[2],p=d&&y.childNodes[d];while(p=++d&&p&&p[g]||(x=d=0)||h.pop())if(1===p.nodeType&&++x&&p===t){c[e]=[T,d,x];break}}else if(m&&(x=d=(l=(c=(f=(p=t)[b]||(p[b]={}))[p.uniqueID]||(f[p.uniqueID]={}))[e]||[])[0]===T&&l[1]),!1===x)while(p=++d&&p&&p[g]||(x=d=0)||h.pop())if((s?p.nodeName.toLowerCase()===v:1===p.nodeType)&&++x&&(m&&((c=(f=p[b]||(p[b]={}))[p.uniqueID]||(f[p.uniqueID]={}))[e]=[T,x]),p===t))break;return(x-=i)===r||x%r==0&&x/r>=0}}},PSEUDO:function(e,t){var n,i=r.pseudos[e]||r.setFilters[e.toLowerCase()]||oe.error("unsupported pseudo: "+e);return i[b]?i(t):i.length>1?(n=[e,e,"",t],r.setFilters.hasOwnProperty(e.toLowerCase())?se(function(e,n){var r,o=i(e,t),a=o.length;while(a--)e[r=O(e,o[a])]=!(n[r]=o[a])}):function(e){return i(e,0,n)}):i}},pseudos:{not:se(function(e){var t=[],n=[],r=s(e.replace(B,"$1"));return r[b]?se(function(e,t,n,i){var o,a=r(e,null,i,[]),s=e.length;while(s--)(o=a[s])&&(e[s]=!(t[s]=o))}):function(e,i,o){return t[0]=e,r(t,null,o,n),t[0]=null,!n.pop()}}),has:se(function(e){return function(t){return oe(e,t).length>0}}),contains:se(function(e){return e=e.replace(Z,ee),function(t){return(t.textContent||t.innerText||i(t)).indexOf(e)>-1}}),lang:se(function(e){return U.test(e||"")||oe.error("unsupported lang: "+e),e=e.replace(Z,ee).toLowerCase(),function(t){var n;do{if(n=g?t.lang:t.getAttribute("xml:lang")||t.getAttribute("lang"))return(n=n.toLowerCase())===e||0===n.indexOf(e+"-")}while((t=t.parentNode)&&1===t.nodeType);return!1}}),target:function(t){var n=e.location&&e.location.hash;return n&&n.slice(1)===t.id},root:function(e){return e===h},focus:function(e){return e===d.activeElement&&(!d.hasFocus||d.hasFocus())&&!!(e.type||e.href||~e.tabIndex)},enabled:de(!1),disabled:de(!0),checked:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&!!e.checked||"option"===t&&!!e.selected},selected:function(e){return e.parentNode&&e.parentNode.selectedIndex,!0===e.selected},empty:function(e){for(e=e.firstChild;e;e=e.nextSibling)if(e.nodeType<6)return!1;return!0},parent:function(e){return!r.pseudos.empty(e)},header:function(e){return Y.test(e.nodeName)},input:function(e){return G.test(e.nodeName)},button:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&"button"===e.type||"button"===t},text:function(e){var t;return"input"===e.nodeName.toLowerCase()&&"text"===e.type&&(null==(t=e.getAttribute("type"))||"text"===t.toLowerCase())},first:he(function(){return[0]}),last:he(function(e,t){return[t-1]}),eq:he(function(e,t,n){return[n<0?n+t:n]}),even:he(function(e,t){for(var n=0;n=0;)e.push(r);return e}),gt:he(function(e,t,n){for(var r=n<0?n+t:n;++r1?function(t,n,r){var i=e.length;while(i--)if(!e[i](t,n,r))return!1;return!0}:e[0]}function be(e,t,n){for(var r=0,i=t.length;r-1&&(o[l]=!(a[l]=f))}}else v=we(v===a?v.splice(h,v.length):v),i?i(null,a,v,u):L.apply(a,v)})}function Ce(e){for(var t,n,i,o=e.length,a=r.relative[e[0].type],s=a||r.relative[" "],u=a?1:0,c=me(function(e){return e===t},s,!0),f=me(function(e){return O(t,e)>-1},s,!0),p=[function(e,n,r){var i=!a&&(r||n!==l)||((t=n).nodeType?c(e,n,r):f(e,n,r));return t=null,i}];u1&&xe(p),u>1&&ve(e.slice(0,u-1).concat({value:" "===e[u-2].type?"*":""})).replace(B,"$1"),n,u0,i=e.length>0,o=function(o,a,s,u,c){var f,h,y,v=0,m="0",x=o&&[],b=[],w=l,C=o||i&&r.find.TAG("*",c),E=T+=null==w?1:Math.random()||.1,k=C.length;for(c&&(l=a===d||a||c);m!==k&&null!=(f=C[m]);m++){if(i&&f){h=0,a||f.ownerDocument===d||(p(f),s=!g);while(y=e[h++])if(y(f,a||d,s)){u.push(f);break}c&&(T=E)}n&&((f=!y&&f)&&v--,o&&x.push(f))}if(v+=m,n&&m!==v){h=0;while(y=t[h++])y(x,b,a,s);if(o){if(v>0)while(m--)x[m]||b[m]||(b[m]=j.call(u));b=we(b)}L.apply(u,b),c&&!o&&b.length>0&&v+t.length>1&&oe.uniqueSort(u)}return c&&(T=E,l=w),x};return n?se(o):o}return s=oe.compile=function(e,t){var n,r=[],i=[],o=S[e+" "];if(!o){t||(t=a(e)),n=t.length;while(n--)(o=Ce(t[n]))[b]?r.push(o):i.push(o);(o=S(e,Ee(i,r))).selector=e}return o},u=oe.select=function(e,t,n,i){var o,u,l,c,f,p="function"==typeof e&&e,d=!i&&a(e=p.selector||e);if(n=n||[],1===d.length){if((u=d[0]=d[0].slice(0)).length>2&&"ID"===(l=u[0]).type&&9===t.nodeType&&g&&r.relative[u[1].type]){if(!(t=(r.find.ID(l.matches[0].replace(Z,ee),t)||[])[0]))return n;p&&(t=t.parentNode),e=e.slice(u.shift().value.length)}o=V.needsContext.test(e)?0:u.length;while(o--){if(l=u[o],r.relative[c=l.type])break;if((f=r.find[c])&&(i=f(l.matches[0].replace(Z,ee),K.test(u[0].type)&&ge(t.parentNode)||t))){if(u.splice(o,1),!(e=i.length&&ve(u)))return L.apply(n,i),n;break}}}return(p||s(e,d))(i,t,!g,n,!t||K.test(e)&&ge(t.parentNode)||t),n},n.sortStable=b.split("").sort(D).join("")===b,n.detectDuplicates=!!f,p(),n.sortDetached=ue(function(e){return 1&e.compareDocumentPosition(d.createElement("fieldset"))}),ue(function(e){return e.innerHTML="","#"===e.firstChild.getAttribute("href")})||le("type|href|height|width",function(e,t,n){if(!n)return e.getAttribute(t,"type"===t.toLowerCase()?1:2)}),n.attributes&&ue(function(e){return e.innerHTML="",e.firstChild.setAttribute("value",""),""===e.firstChild.getAttribute("value")})||le("value",function(e,t,n){if(!n&&"input"===e.nodeName.toLowerCase())return e.defaultValue}),ue(function(e){return null==e.getAttribute("disabled")})||le(P,function(e,t,n){var r;if(!n)return!0===e[t]?t.toLowerCase():(r=e.getAttributeNode(t))&&r.specified?r.value:null}),oe}(e);w.find=E,w.expr=E.selectors,w.expr[":"]=w.expr.pseudos,w.uniqueSort=w.unique=E.uniqueSort,w.text=E.getText,w.isXMLDoc=E.isXML,w.contains=E.contains,w.escapeSelector=E.escape;var k=function(e,t,n){var r=[],i=void 0!==n;while((e=e[t])&&9!==e.nodeType)if(1===e.nodeType){if(i&&w(e).is(n))break;r.push(e)}return r},S=function(e,t){for(var n=[];e;e=e.nextSibling)1===e.nodeType&&e!==t&&n.push(e);return n},D=w.expr.match.needsContext;function N(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()}var A=/^<([a-z][^\/\0>:\x20\t\r\n\f]*)[\x20\t\r\n\f]*\/?>(?:<\/\1>|)$/i;function j(e,t,n){return g(t)?w.grep(e,function(e,r){return!!t.call(e,r,e)!==n}):t.nodeType?w.grep(e,function(e){return e===t!==n}):"string"!=typeof t?w.grep(e,function(e){return u.call(t,e)>-1!==n}):w.filter(t,e,n)}w.filter=function(e,t,n){var r=t[0];return n&&(e=":not("+e+")"),1===t.length&&1===r.nodeType?w.find.matchesSelector(r,e)?[r]:[]:w.find.matches(e,w.grep(t,function(e){return 1===e.nodeType}))},w.fn.extend({find:function(e){var t,n,r=this.length,i=this;if("string"!=typeof e)return this.pushStack(w(e).filter(function(){for(t=0;t1?w.uniqueSort(n):n},filter:function(e){return this.pushStack(j(this,e||[],!1))},not:function(e){return this.pushStack(j(this,e||[],!0))},is:function(e){return!!j(this,"string"==typeof e&&D.test(e)?w(e):e||[],!1).length}});var q,L=/^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]+))$/;(w.fn.init=function(e,t,n){var i,o;if(!e)return this;if(n=n||q,"string"==typeof e){if(!(i="<"===e[0]&&">"===e[e.length-1]&&e.length>=3?[null,e,null]:L.exec(e))||!i[1]&&t)return!t||t.jquery?(t||n).find(e):this.constructor(t).find(e);if(i[1]){if(t=t instanceof w?t[0]:t,w.merge(this,w.parseHTML(i[1],t&&t.nodeType?t.ownerDocument||t:r,!0)),A.test(i[1])&&w.isPlainObject(t))for(i in t)g(this[i])?this[i](t[i]):this.attr(i,t[i]);return this}return(o=r.getElementById(i[2]))&&(this[0]=o,this.length=1),this}return e.nodeType?(this[0]=e,this.length=1,this):g(e)?void 0!==n.ready?n.ready(e):e(w):w.makeArray(e,this)}).prototype=w.fn,q=w(r);var H=/^(?:parents|prev(?:Until|All))/,O={children:!0,contents:!0,next:!0,prev:!0};w.fn.extend({has:function(e){var t=w(e,this),n=t.length;return this.filter(function(){for(var e=0;e-1:1===n.nodeType&&w.find.matchesSelector(n,e))){o.push(n);break}return this.pushStack(o.length>1?w.uniqueSort(o):o)},index:function(e){return e?"string"==typeof e?u.call(w(e),this[0]):u.call(this,e.jquery?e[0]:e):this[0]&&this[0].parentNode?this.first().prevAll().length:-1},add:function(e,t){return this.pushStack(w.uniqueSort(w.merge(this.get(),w(e,t))))},addBack:function(e){return this.add(null==e?this.prevObject:this.prevObject.filter(e))}});function P(e,t){while((e=e[t])&&1!==e.nodeType);return e}w.each({parent:function(e){var t=e.parentNode;return t&&11!==t.nodeType?t:null},parents:function(e){return k(e,"parentNode")},parentsUntil:function(e,t,n){return k(e,"parentNode",n)},next:function(e){return P(e,"nextSibling")},prev:function(e){return P(e,"previousSibling")},nextAll:function(e){return k(e,"nextSibling")},prevAll:function(e){return k(e,"previousSibling")},nextUntil:function(e,t,n){return k(e,"nextSibling",n)},prevUntil:function(e,t,n){return k(e,"previousSibling",n)},siblings:function(e){return S((e.parentNode||{}).firstChild,e)},children:function(e){return S(e.firstChild)},contents:function(e){return N(e,"iframe")?e.contentDocument:(N(e,"template")&&(e=e.content||e),w.merge([],e.childNodes))}},function(e,t){w.fn[e]=function(n,r){var i=w.map(this,t,n);return"Until"!==e.slice(-5)&&(r=n),r&&"string"==typeof r&&(i=w.filter(r,i)),this.length>1&&(O[e]||w.uniqueSort(i),H.test(e)&&i.reverse()),this.pushStack(i)}});var M=/[^\x20\t\r\n\f]+/g;function R(e){var t={};return w.each(e.match(M)||[],function(e,n){t[n]=!0}),t}w.Callbacks=function(e){e="string"==typeof e?R(e):w.extend({},e);var t,n,r,i,o=[],a=[],s=-1,u=function(){for(i=i||e.once,r=t=!0;a.length;s=-1){n=a.shift();while(++s-1)o.splice(n,1),n<=s&&s--}),this},has:function(e){return e?w.inArray(e,o)>-1:o.length>0},empty:function(){return o&&(o=[]),this},disable:function(){return i=a=[],o=n="",this},disabled:function(){return!o},lock:function(){return i=a=[],n||t||(o=n=""),this},locked:function(){return!!i},fireWith:function(e,n){return i||(n=[e,(n=n||[]).slice?n.slice():n],a.push(n),t||u()),this},fire:function(){return l.fireWith(this,arguments),this},fired:function(){return!!r}};return l};function I(e){return e}function W(e){throw e}function $(e,t,n,r){var i;try{e&&g(i=e.promise)?i.call(e).done(t).fail(n):e&&g(i=e.then)?i.call(e,t,n):t.apply(void 0,[e].slice(r))}catch(e){n.apply(void 0,[e])}}w.extend({Deferred:function(t){var n=[["notify","progress",w.Callbacks("memory"),w.Callbacks("memory"),2],["resolve","done",w.Callbacks("once memory"),w.Callbacks("once memory"),0,"resolved"],["reject","fail",w.Callbacks("once memory"),w.Callbacks("once memory"),1,"rejected"]],r="pending",i={state:function(){return r},always:function(){return o.done(arguments).fail(arguments),this},"catch":function(e){return i.then(null,e)},pipe:function(){var e=arguments;return w.Deferred(function(t){w.each(n,function(n,r){var i=g(e[r[4]])&&e[r[4]];o[r[1]](function(){var e=i&&i.apply(this,arguments);e&&g(e.promise)?e.promise().progress(t.notify).done(t.resolve).fail(t.reject):t[r[0]+"With"](this,i?[e]:arguments)})}),e=null}).promise()},then:function(t,r,i){var o=0;function a(t,n,r,i){return function(){var s=this,u=arguments,l=function(){var e,l;if(!(t=o&&(r!==W&&(s=void 0,u=[e]),n.rejectWith(s,u))}};t?c():(w.Deferred.getStackHook&&(c.stackTrace=w.Deferred.getStackHook()),e.setTimeout(c))}}return w.Deferred(function(e){n[0][3].add(a(0,e,g(i)?i:I,e.notifyWith)),n[1][3].add(a(0,e,g(t)?t:I)),n[2][3].add(a(0,e,g(r)?r:W))}).promise()},promise:function(e){return null!=e?w.extend(e,i):i}},o={};return w.each(n,function(e,t){var a=t[2],s=t[5];i[t[1]]=a.add,s&&a.add(function(){r=s},n[3-e][2].disable,n[3-e][3].disable,n[0][2].lock,n[0][3].lock),a.add(t[3].fire),o[t[0]]=function(){return o[t[0]+"With"](this===o?void 0:this,arguments),this},o[t[0]+"With"]=a.fireWith}),i.promise(o),t&&t.call(o,o),o},when:function(e){var t=arguments.length,n=t,r=Array(n),i=o.call(arguments),a=w.Deferred(),s=function(e){return function(n){r[e]=this,i[e]=arguments.length>1?o.call(arguments):n,--t||a.resolveWith(r,i)}};if(t<=1&&($(e,a.done(s(n)).resolve,a.reject,!t),"pending"===a.state()||g(i[n]&&i[n].then)))return a.then();while(n--)$(i[n],s(n),a.reject);return a.promise()}});var B=/^(Eval|Internal|Range|Reference|Syntax|Type|URI)Error$/;w.Deferred.exceptionHook=function(t,n){e.console&&e.console.warn&&t&&B.test(t.name)&&e.console.warn("jQuery.Deferred exception: "+t.message,t.stack,n)},w.readyException=function(t){e.setTimeout(function(){throw t})};var F=w.Deferred();w.fn.ready=function(e){return F.then(e)["catch"](function(e){w.readyException(e)}),this},w.extend({isReady:!1,readyWait:1,ready:function(e){(!0===e?--w.readyWait:w.isReady)||(w.isReady=!0,!0!==e&&--w.readyWait>0||F.resolveWith(r,[w]))}}),w.ready.then=F.then;function _(){r.removeEventListener("DOMContentLoaded",_),e.removeEventListener("load",_),w.ready()}"complete"===r.readyState||"loading"!==r.readyState&&!r.documentElement.doScroll?e.setTimeout(w.ready):(r.addEventListener("DOMContentLoaded",_),e.addEventListener("load",_));var z=function(e,t,n,r,i,o,a){var s=0,u=e.length,l=null==n;if("object"===x(n)){i=!0;for(s in n)z(e,t,s,n[s],!0,o,a)}else if(void 0!==r&&(i=!0,g(r)||(a=!0),l&&(a?(t.call(e,r),t=null):(l=t,t=function(e,t,n){return l.call(w(e),n)})),t))for(;s1,null,!0)},removeData:function(e){return this.each(function(){K.remove(this,e)})}}),w.extend({queue:function(e,t,n){var r;if(e)return t=(t||"fx")+"queue",r=J.get(e,t),n&&(!r||Array.isArray(n)?r=J.access(e,t,w.makeArray(n)):r.push(n)),r||[]},dequeue:function(e,t){t=t||"fx";var n=w.queue(e,t),r=n.length,i=n.shift(),o=w._queueHooks(e,t),a=function(){w.dequeue(e,t)};"inprogress"===i&&(i=n.shift(),r--),i&&("fx"===t&&n.unshift("inprogress"),delete o.stop,i.call(e,a,o)),!r&&o&&o.empty.fire()},_queueHooks:function(e,t){var n=t+"queueHooks";return J.get(e,n)||J.access(e,n,{empty:w.Callbacks("once memory").add(function(){J.remove(e,[t+"queue",n])})})}}),w.fn.extend({queue:function(e,t){var n=2;return"string"!=typeof e&&(t=e,e="fx",n--),arguments.length\x20\t\r\n\f]+)/i,he=/^$|^module$|\/(?:java|ecma)script/i,ge={option:[1,""],thead:[1,"","
"],col:[2,"","
"],tr:[2,"","
"],td:[3,"","
"],_default:[0,"",""]};ge.optgroup=ge.option,ge.tbody=ge.tfoot=ge.colgroup=ge.caption=ge.thead,ge.th=ge.td;function ye(e,t){var n;return n="undefined"!=typeof e.getElementsByTagName?e.getElementsByTagName(t||"*"):"undefined"!=typeof e.querySelectorAll?e.querySelectorAll(t||"*"):[],void 0===t||t&&N(e,t)?w.merge([e],n):n}function ve(e,t){for(var n=0,r=e.length;n-1)i&&i.push(o);else if(l=w.contains(o.ownerDocument,o),a=ye(f.appendChild(o),"script"),l&&ve(a),n){c=0;while(o=a[c++])he.test(o.type||"")&&n.push(o)}return f}!function(){var e=r.createDocumentFragment().appendChild(r.createElement("div")),t=r.createElement("input");t.setAttribute("type","radio"),t.setAttribute("checked","checked"),t.setAttribute("name","t"),e.appendChild(t),h.checkClone=e.cloneNode(!0).cloneNode(!0).lastChild.checked,e.innerHTML="",h.noCloneChecked=!!e.cloneNode(!0).lastChild.defaultValue}();var be=r.documentElement,we=/^key/,Te=/^(?:mouse|pointer|contextmenu|drag|drop)|click/,Ce=/^([^.]*)(?:\.(.+)|)/;function Ee(){return!0}function ke(){return!1}function Se(){try{return r.activeElement}catch(e){}}function De(e,t,n,r,i,o){var a,s;if("object"==typeof t){"string"!=typeof n&&(r=r||n,n=void 0);for(s in t)De(e,s,n,r,t[s],o);return e}if(null==r&&null==i?(i=n,r=n=void 0):null==i&&("string"==typeof n?(i=r,r=void 0):(i=r,r=n,n=void 0)),!1===i)i=ke;else if(!i)return e;return 1===o&&(a=i,(i=function(e){return w().off(e),a.apply(this,arguments)}).guid=a.guid||(a.guid=w.guid++)),e.each(function(){w.event.add(this,t,i,r,n)})}w.event={global:{},add:function(e,t,n,r,i){var o,a,s,u,l,c,f,p,d,h,g,y=J.get(e);if(y){n.handler&&(n=(o=n).handler,i=o.selector),i&&w.find.matchesSelector(be,i),n.guid||(n.guid=w.guid++),(u=y.events)||(u=y.events={}),(a=y.handle)||(a=y.handle=function(t){return"undefined"!=typeof w&&w.event.triggered!==t.type?w.event.dispatch.apply(e,arguments):void 0}),l=(t=(t||"").match(M)||[""]).length;while(l--)d=g=(s=Ce.exec(t[l])||[])[1],h=(s[2]||"").split(".").sort(),d&&(f=w.event.special[d]||{},d=(i?f.delegateType:f.bindType)||d,f=w.event.special[d]||{},c=w.extend({type:d,origType:g,data:r,handler:n,guid:n.guid,selector:i,needsContext:i&&w.expr.match.needsContext.test(i),namespace:h.join(".")},o),(p=u[d])||((p=u[d]=[]).delegateCount=0,f.setup&&!1!==f.setup.call(e,r,h,a)||e.addEventListener&&e.addEventListener(d,a)),f.add&&(f.add.call(e,c),c.handler.guid||(c.handler.guid=n.guid)),i?p.splice(p.delegateCount++,0,c):p.push(c),w.event.global[d]=!0)}},remove:function(e,t,n,r,i){var o,a,s,u,l,c,f,p,d,h,g,y=J.hasData(e)&&J.get(e);if(y&&(u=y.events)){l=(t=(t||"").match(M)||[""]).length;while(l--)if(s=Ce.exec(t[l])||[],d=g=s[1],h=(s[2]||"").split(".").sort(),d){f=w.event.special[d]||{},p=u[d=(r?f.delegateType:f.bindType)||d]||[],s=s[2]&&new RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"),a=o=p.length;while(o--)c=p[o],!i&&g!==c.origType||n&&n.guid!==c.guid||s&&!s.test(c.namespace)||r&&r!==c.selector&&("**"!==r||!c.selector)||(p.splice(o,1),c.selector&&p.delegateCount--,f.remove&&f.remove.call(e,c));a&&!p.length&&(f.teardown&&!1!==f.teardown.call(e,h,y.handle)||w.removeEvent(e,d,y.handle),delete u[d])}else for(d in u)w.event.remove(e,d+t[l],n,r,!0);w.isEmptyObject(u)&&J.remove(e,"handle events")}},dispatch:function(e){var t=w.event.fix(e),n,r,i,o,a,s,u=new Array(arguments.length),l=(J.get(this,"events")||{})[t.type]||[],c=w.event.special[t.type]||{};for(u[0]=t,n=1;n=1))for(;l!==this;l=l.parentNode||this)if(1===l.nodeType&&("click"!==e.type||!0!==l.disabled)){for(o=[],a={},n=0;n-1:w.find(i,this,null,[l]).length),a[i]&&o.push(r);o.length&&s.push({elem:l,handlers:o})}return l=this,u\x20\t\r\n\f]*)[^>]*)\/>/gi,Ae=/\s*$/g;function Le(e,t){return N(e,"table")&&N(11!==t.nodeType?t:t.firstChild,"tr")?w(e).children("tbody")[0]||e:e}function He(e){return e.type=(null!==e.getAttribute("type"))+"/"+e.type,e}function Oe(e){return"true/"===(e.type||"").slice(0,5)?e.type=e.type.slice(5):e.removeAttribute("type"),e}function Pe(e,t){var n,r,i,o,a,s,u,l;if(1===t.nodeType){if(J.hasData(e)&&(o=J.access(e),a=J.set(t,o),l=o.events)){delete a.handle,a.events={};for(i in l)for(n=0,r=l[i].length;n1&&"string"==typeof y&&!h.checkClone&&je.test(y))return e.each(function(i){var o=e.eq(i);v&&(t[0]=y.call(this,i,o.html())),Re(o,t,n,r)});if(p&&(i=xe(t,e[0].ownerDocument,!1,e,r),o=i.firstChild,1===i.childNodes.length&&(i=o),o||r)){for(u=(s=w.map(ye(i,"script"),He)).length;f")},clone:function(e,t,n){var r,i,o,a,s=e.cloneNode(!0),u=w.contains(e.ownerDocument,e);if(!(h.noCloneChecked||1!==e.nodeType&&11!==e.nodeType||w.isXMLDoc(e)))for(a=ye(s),r=0,i=(o=ye(e)).length;r0&&ve(a,!u&&ye(e,"script")),s},cleanData:function(e){for(var t,n,r,i=w.event.special,o=0;void 0!==(n=e[o]);o++)if(Y(n)){if(t=n[J.expando]){if(t.events)for(r in t.events)i[r]?w.event.remove(n,r):w.removeEvent(n,r,t.handle);n[J.expando]=void 0}n[K.expando]&&(n[K.expando]=void 0)}}}),w.fn.extend({detach:function(e){return Ie(this,e,!0)},remove:function(e){return Ie(this,e)},text:function(e){return z(this,function(e){return void 0===e?w.text(this):this.empty().each(function(){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||(this.textContent=e)})},null,e,arguments.length)},append:function(){return Re(this,arguments,function(e){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||Le(this,e).appendChild(e)})},prepend:function(){return Re(this,arguments,function(e){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var t=Le(this,e);t.insertBefore(e,t.firstChild)}})},before:function(){return Re(this,arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this)})},after:function(){return Re(this,arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this.nextSibling)})},empty:function(){for(var e,t=0;null!=(e=this[t]);t++)1===e.nodeType&&(w.cleanData(ye(e,!1)),e.textContent="");return this},clone:function(e,t){return e=null!=e&&e,t=null==t?e:t,this.map(function(){return w.clone(this,e,t)})},html:function(e){return z(this,function(e){var t=this[0]||{},n=0,r=this.length;if(void 0===e&&1===t.nodeType)return t.innerHTML;if("string"==typeof e&&!Ae.test(e)&&!ge[(de.exec(e)||["",""])[1].toLowerCase()]){e=w.htmlPrefilter(e);try{for(;n=0&&(u+=Math.max(0,Math.ceil(e["offset"+t[0].toUpperCase()+t.slice(1)]-o-u-s-.5))),u}function et(e,t,n){var r=$e(e),i=Fe(e,t,r),o="border-box"===w.css(e,"boxSizing",!1,r),a=o;if(We.test(i)){if(!n)return i;i="auto"}return a=a&&(h.boxSizingReliable()||i===e.style[t]),("auto"===i||!parseFloat(i)&&"inline"===w.css(e,"display",!1,r))&&(i=e["offset"+t[0].toUpperCase()+t.slice(1)],a=!0),(i=parseFloat(i)||0)+Ze(e,t,n||(o?"border":"content"),a,r,i)+"px"}w.extend({cssHooks:{opacity:{get:function(e,t){if(t){var n=Fe(e,"opacity");return""===n?"1":n}}}},cssNumber:{animationIterationCount:!0,columnCount:!0,fillOpacity:!0,flexGrow:!0,flexShrink:!0,fontWeight:!0,lineHeight:!0,opacity:!0,order:!0,orphans:!0,widows:!0,zIndex:!0,zoom:!0},cssProps:{},style:function(e,t,n,r){if(e&&3!==e.nodeType&&8!==e.nodeType&&e.style){var i,o,a,s=G(t),u=Xe.test(t),l=e.style;if(u||(t=Je(s)),a=w.cssHooks[t]||w.cssHooks[s],void 0===n)return a&&"get"in a&&void 0!==(i=a.get(e,!1,r))?i:l[t];"string"==(o=typeof n)&&(i=ie.exec(n))&&i[1]&&(n=ue(e,t,i),o="number"),null!=n&&n===n&&("number"===o&&(n+=i&&i[3]||(w.cssNumber[s]?"":"px")),h.clearCloneStyle||""!==n||0!==t.indexOf("background")||(l[t]="inherit"),a&&"set"in a&&void 0===(n=a.set(e,n,r))||(u?l.setProperty(t,n):l[t]=n))}},css:function(e,t,n,r){var i,o,a,s=G(t);return Xe.test(t)||(t=Je(s)),(a=w.cssHooks[t]||w.cssHooks[s])&&"get"in a&&(i=a.get(e,!0,n)),void 0===i&&(i=Fe(e,t,r)),"normal"===i&&t in Ve&&(i=Ve[t]),""===n||n?(o=parseFloat(i),!0===n||isFinite(o)?o||0:i):i}}),w.each(["height","width"],function(e,t){w.cssHooks[t]={get:function(e,n,r){if(n)return!ze.test(w.css(e,"display"))||e.getClientRects().length&&e.getBoundingClientRect().width?et(e,t,r):se(e,Ue,function(){return et(e,t,r)})},set:function(e,n,r){var i,o=$e(e),a="border-box"===w.css(e,"boxSizing",!1,o),s=r&&Ze(e,t,r,a,o);return a&&h.scrollboxSize()===o.position&&(s-=Math.ceil(e["offset"+t[0].toUpperCase()+t.slice(1)]-parseFloat(o[t])-Ze(e,t,"border",!1,o)-.5)),s&&(i=ie.exec(n))&&"px"!==(i[3]||"px")&&(e.style[t]=n,n=w.css(e,t)),Ke(e,n,s)}}}),w.cssHooks.marginLeft=_e(h.reliableMarginLeft,function(e,t){if(t)return(parseFloat(Fe(e,"marginLeft"))||e.getBoundingClientRect().left-se(e,{marginLeft:0},function(){return e.getBoundingClientRect().left}))+"px"}),w.each({margin:"",padding:"",border:"Width"},function(e,t){w.cssHooks[e+t]={expand:function(n){for(var r=0,i={},o="string"==typeof n?n.split(" "):[n];r<4;r++)i[e+oe[r]+t]=o[r]||o[r-2]||o[0];return i}},"margin"!==e&&(w.cssHooks[e+t].set=Ke)}),w.fn.extend({css:function(e,t){return z(this,function(e,t,n){var r,i,o={},a=0;if(Array.isArray(t)){for(r=$e(e),i=t.length;a1)}});function tt(e,t,n,r,i){return new tt.prototype.init(e,t,n,r,i)}w.Tween=tt,tt.prototype={constructor:tt,init:function(e,t,n,r,i,o){this.elem=e,this.prop=n,this.easing=i||w.easing._default,this.options=t,this.start=this.now=this.cur(),this.end=r,this.unit=o||(w.cssNumber[n]?"":"px")},cur:function(){var e=tt.propHooks[this.prop];return e&&e.get?e.get(this):tt.propHooks._default.get(this)},run:function(e){var t,n=tt.propHooks[this.prop];return this.options.duration?this.pos=t=w.easing[this.easing](e,this.options.duration*e,0,1,this.options.duration):this.pos=t=e,this.now=(this.end-this.start)*t+this.start,this.options.step&&this.options.step.call(this.elem,this.now,this),n&&n.set?n.set(this):tt.propHooks._default.set(this),this}},tt.prototype.init.prototype=tt.prototype,tt.propHooks={_default:{get:function(e){var t;return 1!==e.elem.nodeType||null!=e.elem[e.prop]&&null==e.elem.style[e.prop]?e.elem[e.prop]:(t=w.css(e.elem,e.prop,""))&&"auto"!==t?t:0},set:function(e){w.fx.step[e.prop]?w.fx.step[e.prop](e):1!==e.elem.nodeType||null==e.elem.style[w.cssProps[e.prop]]&&!w.cssHooks[e.prop]?e.elem[e.prop]=e.now:w.style(e.elem,e.prop,e.now+e.unit)}}},tt.propHooks.scrollTop=tt.propHooks.scrollLeft={set:function(e){e.elem.nodeType&&e.elem.parentNode&&(e.elem[e.prop]=e.now)}},w.easing={linear:function(e){return e},swing:function(e){return.5-Math.cos(e*Math.PI)/2},_default:"swing"},w.fx=tt.prototype.init,w.fx.step={};var nt,rt,it=/^(?:toggle|show|hide)$/,ot=/queueHooks$/;function at(){rt&&(!1===r.hidden&&e.requestAnimationFrame?e.requestAnimationFrame(at):e.setTimeout(at,w.fx.interval),w.fx.tick())}function st(){return e.setTimeout(function(){nt=void 0}),nt=Date.now()}function ut(e,t){var n,r=0,i={height:e};for(t=t?1:0;r<4;r+=2-t)i["margin"+(n=oe[r])]=i["padding"+n]=e;return t&&(i.opacity=i.width=e),i}function lt(e,t,n){for(var r,i=(pt.tweeners[t]||[]).concat(pt.tweeners["*"]),o=0,a=i.length;o1)},removeAttr:function(e){return this.each(function(){w.removeAttr(this,e)})}}),w.extend({attr:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return"undefined"==typeof e.getAttribute?w.prop(e,t,n):(1===o&&w.isXMLDoc(e)||(i=w.attrHooks[t.toLowerCase()]||(w.expr.match.bool.test(t)?dt:void 0)),void 0!==n?null===n?void w.removeAttr(e,t):i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:(e.setAttribute(t,n+""),n):i&&"get"in i&&null!==(r=i.get(e,t))?r:null==(r=w.find.attr(e,t))?void 0:r)},attrHooks:{type:{set:function(e,t){if(!h.radioValue&&"radio"===t&&N(e,"input")){var n=e.value;return e.setAttribute("type",t),n&&(e.value=n),t}}}},removeAttr:function(e,t){var n,r=0,i=t&&t.match(M);if(i&&1===e.nodeType)while(n=i[r++])e.removeAttribute(n)}}),dt={set:function(e,t,n){return!1===t?w.removeAttr(e,n):e.setAttribute(n,n),n}},w.each(w.expr.match.bool.source.match(/\w+/g),function(e,t){var n=ht[t]||w.find.attr;ht[t]=function(e,t,r){var i,o,a=t.toLowerCase();return r||(o=ht[a],ht[a]=i,i=null!=n(e,t,r)?a:null,ht[a]=o),i}});var gt=/^(?:input|select|textarea|button)$/i,yt=/^(?:a|area)$/i;w.fn.extend({prop:function(e,t){return z(this,w.prop,e,t,arguments.length>1)},removeProp:function(e){return this.each(function(){delete this[w.propFix[e]||e]})}}),w.extend({prop:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return 1===o&&w.isXMLDoc(e)||(t=w.propFix[t]||t,i=w.propHooks[t]),void 0!==n?i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:e[t]=n:i&&"get"in i&&null!==(r=i.get(e,t))?r:e[t]},propHooks:{tabIndex:{get:function(e){var t=w.find.attr(e,"tabindex");return t?parseInt(t,10):gt.test(e.nodeName)||yt.test(e.nodeName)&&e.href?0:-1}}},propFix:{"for":"htmlFor","class":"className"}}),h.optSelected||(w.propHooks.selected={get:function(e){var t=e.parentNode;return t&&t.parentNode&&t.parentNode.selectedIndex,null},set:function(e){var t=e.parentNode;t&&(t.selectedIndex,t.parentNode&&t.parentNode.selectedIndex)}}),w.each(["tabIndex","readOnly","maxLength","cellSpacing","cellPadding","rowSpan","colSpan","useMap","frameBorder","contentEditable"],function(){w.propFix[this.toLowerCase()]=this});function vt(e){return(e.match(M)||[]).join(" ")}function mt(e){return e.getAttribute&&e.getAttribute("class")||""}function xt(e){return Array.isArray(e)?e:"string"==typeof e?e.match(M)||[]:[]}w.fn.extend({addClass:function(e){var t,n,r,i,o,a,s,u=0;if(g(e))return this.each(function(t){w(this).addClass(e.call(this,t,mt(this)))});if((t=xt(e)).length)while(n=this[u++])if(i=mt(n),r=1===n.nodeType&&" "+vt(i)+" "){a=0;while(o=t[a++])r.indexOf(" "+o+" ")<0&&(r+=o+" ");i!==(s=vt(r))&&n.setAttribute("class",s)}return this},removeClass:function(e){var t,n,r,i,o,a,s,u=0;if(g(e))return this.each(function(t){w(this).removeClass(e.call(this,t,mt(this)))});if(!arguments.length)return this.attr("class","");if((t=xt(e)).length)while(n=this[u++])if(i=mt(n),r=1===n.nodeType&&" "+vt(i)+" "){a=0;while(o=t[a++])while(r.indexOf(" "+o+" ")>-1)r=r.replace(" "+o+" "," ");i!==(s=vt(r))&&n.setAttribute("class",s)}return this},toggleClass:function(e,t){var n=typeof e,r="string"===n||Array.isArray(e);return"boolean"==typeof t&&r?t?this.addClass(e):this.removeClass(e):g(e)?this.each(function(n){w(this).toggleClass(e.call(this,n,mt(this),t),t)}):this.each(function(){var t,i,o,a;if(r){i=0,o=w(this),a=xt(e);while(t=a[i++])o.hasClass(t)?o.removeClass(t):o.addClass(t)}else void 0!==e&&"boolean"!==n||((t=mt(this))&&J.set(this,"__className__",t),this.setAttribute&&this.setAttribute("class",t||!1===e?"":J.get(this,"__className__")||""))})},hasClass:function(e){var t,n,r=0;t=" "+e+" ";while(n=this[r++])if(1===n.nodeType&&(" "+vt(mt(n))+" ").indexOf(t)>-1)return!0;return!1}});var bt=/\r/g;w.fn.extend({val:function(e){var t,n,r,i=this[0];{if(arguments.length)return r=g(e),this.each(function(n){var i;1===this.nodeType&&(null==(i=r?e.call(this,n,w(this).val()):e)?i="":"number"==typeof i?i+="":Array.isArray(i)&&(i=w.map(i,function(e){return null==e?"":e+""})),(t=w.valHooks[this.type]||w.valHooks[this.nodeName.toLowerCase()])&&"set"in t&&void 0!==t.set(this,i,"value")||(this.value=i))});if(i)return(t=w.valHooks[i.type]||w.valHooks[i.nodeName.toLowerCase()])&&"get"in t&&void 0!==(n=t.get(i,"value"))?n:"string"==typeof(n=i.value)?n.replace(bt,""):null==n?"":n}}}),w.extend({valHooks:{option:{get:function(e){var t=w.find.attr(e,"value");return null!=t?t:vt(w.text(e))}},select:{get:function(e){var t,n,r,i=e.options,o=e.selectedIndex,a="select-one"===e.type,s=a?null:[],u=a?o+1:i.length;for(r=o<0?u:a?o:0;r-1)&&(n=!0);return n||(e.selectedIndex=-1),o}}}}),w.each(["radio","checkbox"],function(){w.valHooks[this]={set:function(e,t){if(Array.isArray(t))return e.checked=w.inArray(w(e).val(),t)>-1}},h.checkOn||(w.valHooks[this].get=function(e){return null===e.getAttribute("value")?"on":e.value})}),h.focusin="onfocusin"in e;var wt=/^(?:focusinfocus|focusoutblur)$/,Tt=function(e){e.stopPropagation()};w.extend(w.event,{trigger:function(t,n,i,o){var a,s,u,l,c,p,d,h,v=[i||r],m=f.call(t,"type")?t.type:t,x=f.call(t,"namespace")?t.namespace.split("."):[];if(s=h=u=i=i||r,3!==i.nodeType&&8!==i.nodeType&&!wt.test(m+w.event.triggered)&&(m.indexOf(".")>-1&&(m=(x=m.split(".")).shift(),x.sort()),c=m.indexOf(":")<0&&"on"+m,t=t[w.expando]?t:new w.Event(m,"object"==typeof t&&t),t.isTrigger=o?2:3,t.namespace=x.join("."),t.rnamespace=t.namespace?new RegExp("(^|\\.)"+x.join("\\.(?:.*\\.|)")+"(\\.|$)"):null,t.result=void 0,t.target||(t.target=i),n=null==n?[t]:w.makeArray(n,[t]),d=w.event.special[m]||{},o||!d.trigger||!1!==d.trigger.apply(i,n))){if(!o&&!d.noBubble&&!y(i)){for(l=d.delegateType||m,wt.test(l+m)||(s=s.parentNode);s;s=s.parentNode)v.push(s),u=s;u===(i.ownerDocument||r)&&v.push(u.defaultView||u.parentWindow||e)}a=0;while((s=v[a++])&&!t.isPropagationStopped())h=s,t.type=a>1?l:d.bindType||m,(p=(J.get(s,"events")||{})[t.type]&&J.get(s,"handle"))&&p.apply(s,n),(p=c&&s[c])&&p.apply&&Y(s)&&(t.result=p.apply(s,n),!1===t.result&&t.preventDefault());return t.type=m,o||t.isDefaultPrevented()||d._default&&!1!==d._default.apply(v.pop(),n)||!Y(i)||c&&g(i[m])&&!y(i)&&((u=i[c])&&(i[c]=null),w.event.triggered=m,t.isPropagationStopped()&&h.addEventListener(m,Tt),i[m](),t.isPropagationStopped()&&h.removeEventListener(m,Tt),w.event.triggered=void 0,u&&(i[c]=u)),t.result}},simulate:function(e,t,n){var r=w.extend(new w.Event,n,{type:e,isSimulated:!0});w.event.trigger(r,null,t)}}),w.fn.extend({trigger:function(e,t){return this.each(function(){w.event.trigger(e,t,this)})},triggerHandler:function(e,t){var n=this[0];if(n)return w.event.trigger(e,t,n,!0)}}),h.focusin||w.each({focus:"focusin",blur:"focusout"},function(e,t){var n=function(e){w.event.simulate(t,e.target,w.event.fix(e))};w.event.special[t]={setup:function(){var r=this.ownerDocument||this,i=J.access(r,t);i||r.addEventListener(e,n,!0),J.access(r,t,(i||0)+1)},teardown:function(){var r=this.ownerDocument||this,i=J.access(r,t)-1;i?J.access(r,t,i):(r.removeEventListener(e,n,!0),J.remove(r,t))}}});var Ct=e.location,Et=Date.now(),kt=/\?/;w.parseXML=function(t){var n;if(!t||"string"!=typeof t)return null;try{n=(new e.DOMParser).parseFromString(t,"text/xml")}catch(e){n=void 0}return n&&!n.getElementsByTagName("parsererror").length||w.error("Invalid XML: "+t),n};var St=/\[\]$/,Dt=/\r?\n/g,Nt=/^(?:submit|button|image|reset|file)$/i,At=/^(?:input|select|textarea|keygen)/i;function jt(e,t,n,r){var i;if(Array.isArray(t))w.each(t,function(t,i){n||St.test(e)?r(e,i):jt(e+"["+("object"==typeof i&&null!=i?t:"")+"]",i,n,r)});else if(n||"object"!==x(t))r(e,t);else for(i in t)jt(e+"["+i+"]",t[i],n,r)}w.param=function(e,t){var n,r=[],i=function(e,t){var n=g(t)?t():t;r[r.length]=encodeURIComponent(e)+"="+encodeURIComponent(null==n?"":n)};if(Array.isArray(e)||e.jquery&&!w.isPlainObject(e))w.each(e,function(){i(this.name,this.value)});else for(n in e)jt(n,e[n],t,i);return r.join("&")},w.fn.extend({serialize:function(){return w.param(this.serializeArray())},serializeArray:function(){return this.map(function(){var e=w.prop(this,"elements");return e?w.makeArray(e):this}).filter(function(){var e=this.type;return this.name&&!w(this).is(":disabled")&&At.test(this.nodeName)&&!Nt.test(e)&&(this.checked||!pe.test(e))}).map(function(e,t){var n=w(this).val();return null==n?null:Array.isArray(n)?w.map(n,function(e){return{name:t.name,value:e.replace(Dt,"\r\n")}}):{name:t.name,value:n.replace(Dt,"\r\n")}}).get()}});var qt=/%20/g,Lt=/#.*$/,Ht=/([?&])_=[^&]*/,Ot=/^(.*?):[ \t]*([^\r\n]*)$/gm,Pt=/^(?:about|app|app-storage|.+-extension|file|res|widget):$/,Mt=/^(?:GET|HEAD)$/,Rt=/^\/\//,It={},Wt={},$t="*/".concat("*"),Bt=r.createElement("a");Bt.href=Ct.href;function Ft(e){return function(t,n){"string"!=typeof t&&(n=t,t="*");var r,i=0,o=t.toLowerCase().match(M)||[];if(g(n))while(r=o[i++])"+"===r[0]?(r=r.slice(1)||"*",(e[r]=e[r]||[]).unshift(n)):(e[r]=e[r]||[]).push(n)}}function _t(e,t,n,r){var i={},o=e===Wt;function a(s){var u;return i[s]=!0,w.each(e[s]||[],function(e,s){var l=s(t,n,r);return"string"!=typeof l||o||i[l]?o?!(u=l):void 0:(t.dataTypes.unshift(l),a(l),!1)}),u}return a(t.dataTypes[0])||!i["*"]&&a("*")}function zt(e,t){var n,r,i=w.ajaxSettings.flatOptions||{};for(n in t)void 0!==t[n]&&((i[n]?e:r||(r={}))[n]=t[n]);return r&&w.extend(!0,e,r),e}function Xt(e,t,n){var r,i,o,a,s=e.contents,u=e.dataTypes;while("*"===u[0])u.shift(),void 0===r&&(r=e.mimeType||t.getResponseHeader("Content-Type"));if(r)for(i in s)if(s[i]&&s[i].test(r)){u.unshift(i);break}if(u[0]in n)o=u[0];else{for(i in n){if(!u[0]||e.converters[i+" "+u[0]]){o=i;break}a||(a=i)}o=o||a}if(o)return o!==u[0]&&u.unshift(o),n[o]}function Ut(e,t,n,r){var i,o,a,s,u,l={},c=e.dataTypes.slice();if(c[1])for(a in e.converters)l[a.toLowerCase()]=e.converters[a];o=c.shift();while(o)if(e.responseFields[o]&&(n[e.responseFields[o]]=t),!u&&r&&e.dataFilter&&(t=e.dataFilter(t,e.dataType)),u=o,o=c.shift())if("*"===o)o=u;else if("*"!==u&&u!==o){if(!(a=l[u+" "+o]||l["* "+o]))for(i in l)if((s=i.split(" "))[1]===o&&(a=l[u+" "+s[0]]||l["* "+s[0]])){!0===a?a=l[i]:!0!==l[i]&&(o=s[0],c.unshift(s[1]));break}if(!0!==a)if(a&&e["throws"])t=a(t);else try{t=a(t)}catch(e){return{state:"parsererror",error:a?e:"No conversion from "+u+" to "+o}}}return{state:"success",data:t}}w.extend({active:0,lastModified:{},etag:{},ajaxSettings:{url:Ct.href,type:"GET",isLocal:Pt.test(Ct.protocol),global:!0,processData:!0,async:!0,contentType:"application/x-www-form-urlencoded; charset=UTF-8",accepts:{"*":$t,text:"text/plain",html:"text/html",xml:"application/xml, text/xml",json:"application/json, text/javascript"},contents:{xml:/\bxml\b/,html:/\bhtml/,json:/\bjson\b/},responseFields:{xml:"responseXML",text:"responseText",json:"responseJSON"},converters:{"* text":String,"text html":!0,"text json":JSON.parse,"text xml":w.parseXML},flatOptions:{url:!0,context:!0}},ajaxSetup:function(e,t){return t?zt(zt(e,w.ajaxSettings),t):zt(w.ajaxSettings,e)},ajaxPrefilter:Ft(It),ajaxTransport:Ft(Wt),ajax:function(t,n){"object"==typeof t&&(n=t,t=void 0),n=n||{};var i,o,a,s,u,l,c,f,p,d,h=w.ajaxSetup({},n),g=h.context||h,y=h.context&&(g.nodeType||g.jquery)?w(g):w.event,v=w.Deferred(),m=w.Callbacks("once memory"),x=h.statusCode||{},b={},T={},C="canceled",E={readyState:0,getResponseHeader:function(e){var t;if(c){if(!s){s={};while(t=Ot.exec(a))s[t[1].toLowerCase()]=t[2]}t=s[e.toLowerCase()]}return null==t?null:t},getAllResponseHeaders:function(){return c?a:null},setRequestHeader:function(e,t){return null==c&&(e=T[e.toLowerCase()]=T[e.toLowerCase()]||e,b[e]=t),this},overrideMimeType:function(e){return null==c&&(h.mimeType=e),this},statusCode:function(e){var t;if(e)if(c)E.always(e[E.status]);else for(t in e)x[t]=[x[t],e[t]];return this},abort:function(e){var t=e||C;return i&&i.abort(t),k(0,t),this}};if(v.promise(E),h.url=((t||h.url||Ct.href)+"").replace(Rt,Ct.protocol+"//"),h.type=n.method||n.type||h.method||h.type,h.dataTypes=(h.dataType||"*").toLowerCase().match(M)||[""],null==h.crossDomain){l=r.createElement("a");try{l.href=h.url,l.href=l.href,h.crossDomain=Bt.protocol+"//"+Bt.host!=l.protocol+"//"+l.host}catch(e){h.crossDomain=!0}}if(h.data&&h.processData&&"string"!=typeof h.data&&(h.data=w.param(h.data,h.traditional)),_t(It,h,n,E),c)return E;(f=w.event&&h.global)&&0==w.active++&&w.event.trigger("ajaxStart"),h.type=h.type.toUpperCase(),h.hasContent=!Mt.test(h.type),o=h.url.replace(Lt,""),h.hasContent?h.data&&h.processData&&0===(h.contentType||"").indexOf("application/x-www-form-urlencoded")&&(h.data=h.data.replace(qt,"+")):(d=h.url.slice(o.length),h.data&&(h.processData||"string"==typeof h.data)&&(o+=(kt.test(o)?"&":"?")+h.data,delete h.data),!1===h.cache&&(o=o.replace(Ht,"$1"),d=(kt.test(o)?"&":"?")+"_="+Et+++d),h.url=o+d),h.ifModified&&(w.lastModified[o]&&E.setRequestHeader("If-Modified-Since",w.lastModified[o]),w.etag[o]&&E.setRequestHeader("If-None-Match",w.etag[o])),(h.data&&h.hasContent&&!1!==h.contentType||n.contentType)&&E.setRequestHeader("Content-Type",h.contentType),E.setRequestHeader("Accept",h.dataTypes[0]&&h.accepts[h.dataTypes[0]]?h.accepts[h.dataTypes[0]]+("*"!==h.dataTypes[0]?", "+$t+"; q=0.01":""):h.accepts["*"]);for(p in h.headers)E.setRequestHeader(p,h.headers[p]);if(h.beforeSend&&(!1===h.beforeSend.call(g,E,h)||c))return E.abort();if(C="abort",m.add(h.complete),E.done(h.success),E.fail(h.error),i=_t(Wt,h,n,E)){if(E.readyState=1,f&&y.trigger("ajaxSend",[E,h]),c)return E;h.async&&h.timeout>0&&(u=e.setTimeout(function(){E.abort("timeout")},h.timeout));try{c=!1,i.send(b,k)}catch(e){if(c)throw e;k(-1,e)}}else k(-1,"No Transport");function k(t,n,r,s){var l,p,d,b,T,C=n;c||(c=!0,u&&e.clearTimeout(u),i=void 0,a=s||"",E.readyState=t>0?4:0,l=t>=200&&t<300||304===t,r&&(b=Xt(h,E,r)),b=Ut(h,b,E,l),l?(h.ifModified&&((T=E.getResponseHeader("Last-Modified"))&&(w.lastModified[o]=T),(T=E.getResponseHeader("etag"))&&(w.etag[o]=T)),204===t||"HEAD"===h.type?C="nocontent":304===t?C="notmodified":(C=b.state,p=b.data,l=!(d=b.error))):(d=C,!t&&C||(C="error",t<0&&(t=0))),E.status=t,E.statusText=(n||C)+"",l?v.resolveWith(g,[p,C,E]):v.rejectWith(g,[E,C,d]),E.statusCode(x),x=void 0,f&&y.trigger(l?"ajaxSuccess":"ajaxError",[E,h,l?p:d]),m.fireWith(g,[E,C]),f&&(y.trigger("ajaxComplete",[E,h]),--w.active||w.event.trigger("ajaxStop")))}return E},getJSON:function(e,t,n){return w.get(e,t,n,"json")},getScript:function(e,t){return w.get(e,void 0,t,"script")}}),w.each(["get","post"],function(e,t){w[t]=function(e,n,r,i){return g(n)&&(i=i||r,r=n,n=void 0),w.ajax(w.extend({url:e,type:t,dataType:i,data:n,success:r},w.isPlainObject(e)&&e))}}),w._evalUrl=function(e){return w.ajax({url:e,type:"GET",dataType:"script",cache:!0,async:!1,global:!1,"throws":!0})},w.fn.extend({wrapAll:function(e){var t;return this[0]&&(g(e)&&(e=e.call(this[0])),t=w(e,this[0].ownerDocument).eq(0).clone(!0),this[0].parentNode&&t.insertBefore(this[0]),t.map(function(){var e=this;while(e.firstElementChild)e=e.firstElementChild;return e}).append(this)),this},wrapInner:function(e){return g(e)?this.each(function(t){w(this).wrapInner(e.call(this,t))}):this.each(function(){var t=w(this),n=t.contents();n.length?n.wrapAll(e):t.append(e)})},wrap:function(e){var t=g(e);return this.each(function(n){w(this).wrapAll(t?e.call(this,n):e)})},unwrap:function(e){return this.parent(e).not("body").each(function(){w(this).replaceWith(this.childNodes)}),this}}),w.expr.pseudos.hidden=function(e){return!w.expr.pseudos.visible(e)},w.expr.pseudos.visible=function(e){return!!(e.offsetWidth||e.offsetHeight||e.getClientRects().length)},w.ajaxSettings.xhr=function(){try{return new e.XMLHttpRequest}catch(e){}};var Vt={0:200,1223:204},Gt=w.ajaxSettings.xhr();h.cors=!!Gt&&"withCredentials"in Gt,h.ajax=Gt=!!Gt,w.ajaxTransport(function(t){var n,r;if(h.cors||Gt&&!t.crossDomain)return{send:function(i,o){var a,s=t.xhr();if(s.open(t.type,t.url,t.async,t.username,t.password),t.xhrFields)for(a in t.xhrFields)s[a]=t.xhrFields[a];t.mimeType&&s.overrideMimeType&&s.overrideMimeType(t.mimeType),t.crossDomain||i["X-Requested-With"]||(i["X-Requested-With"]="XMLHttpRequest");for(a in i)s.setRequestHeader(a,i[a]);n=function(e){return function(){n&&(n=r=s.onload=s.onerror=s.onabort=s.ontimeout=s.onreadystatechange=null,"abort"===e?s.abort():"error"===e?"number"!=typeof s.status?o(0,"error"):o(s.status,s.statusText):o(Vt[s.status]||s.status,s.statusText,"text"!==(s.responseType||"text")||"string"!=typeof s.responseText?{binary:s.response}:{text:s.responseText},s.getAllResponseHeaders()))}},s.onload=n(),r=s.onerror=s.ontimeout=n("error"),void 0!==s.onabort?s.onabort=r:s.onreadystatechange=function(){4===s.readyState&&e.setTimeout(function(){n&&r()})},n=n("abort");try{s.send(t.hasContent&&t.data||null)}catch(e){if(n)throw e}},abort:function(){n&&n()}}}),w.ajaxPrefilter(function(e){e.crossDomain&&(e.contents.script=!1)}),w.ajaxSetup({accepts:{script:"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"},contents:{script:/\b(?:java|ecma)script\b/},converters:{"text script":function(e){return w.globalEval(e),e}}}),w.ajaxPrefilter("script",function(e){void 0===e.cache&&(e.cache=!1),e.crossDomain&&(e.type="GET")}),w.ajaxTransport("script",function(e){if(e.crossDomain){var t,n;return{send:function(i,o){t=w("