From: Antoine Musso <hashar@users.mediawiki.org>
Date: Mon, 24 Oct 2011 08:39:58 +0000 (+0000)
Subject: Test handling of escaped CSS comments
X-Git-Tag: 1.31.0-rc.0~26938
X-Git-Url: http://git.cyclocoop.org/%22.%24info%5B?a=commitdiff_plain;h=1b39c964abdd9fc20497575bda35e18cddd23f1d;p=lhc%2Fweb%2Fwiklou.git

Test handling of escaped CSS comments

r85856 fixed a CSS injection issue but lacked testing. This
test verify we properly strip out CSS comments even when the
token delimiter '/*' is backslash-escaped : \2f\2a
---

diff --git a/tests/phpunit/includes/SanitizerTest.php b/tests/phpunit/includes/SanitizerTest.php
index 2959e6ff04..b76aa5c762 100644
--- a/tests/phpunit/includes/SanitizerTest.php
+++ b/tests/phpunit/includes/SanitizerTest.php
@@ -126,5 +126,31 @@ class SanitizerTest extends MediaWikiTestCase {
 		$GLOBALS['wgCleanupPresentationalAttributes'] = false;
 		$this->assertEquals( Sanitizer::fixTagAttributes( 'clear="left"', 'br' ), ' clear="left"', 'Deprecated attributes are not converted to styles when enabled.' );
 	}
+
+	/**
+	 * @dataProvider provideCssCommentsFixtures
+	 */
+	function testCssCommentsChecking( $expected, $css, $message = '' ) {
+		$this->assertEquals(
+			$expected,
+			Sanitizer::checkCss( $css ),
+			$message
+		);
+	}
+
+	function provideCssCommentsFixtures() {
+		/** array( <expected>, <css>, [message] ) */
+		return array(
+			array( ' ', '/**/' ),
+			array( ' ', '/****/' ),
+			array( ' ', '/* comment */' ),
+			array( ' ', "\\2f\\2a foo \\2a\\2f",
+				'Backslash-escaped comments must be stripped (bug 28450)' ),
+			array( '', '/* unfinished comment structure',
+	 			'Remove anything after a comment-start token' ),
+			array( '', "\\2f\\2a unifinished comment'",
+	 			'Remove anything after a backslash-escaped comment-start token' ),
+		);
+	}
 }