dépôts
/
lhc
/
web
/
wiklou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
0ff594e
)
Follow up r66990. Fix parser tests.
author
Platonides
<platonides@users.mediawiki.org>
Sun, 30 May 2010 18:59:25 +0000
(18:59 +0000)
committer
Platonides
<platonides@users.mediawiki.org>
Sun, 30 May 2010 18:59:25 +0000
(18:59 +0000)
maintenance/parserTests.txt
patch
|
blob
|
history
diff --git
a/maintenance/parserTests.txt
b/maintenance/parserTests.txt
index
d0ba342
..
364b9d6
100644
(file)
--- a/
maintenance/parserTests.txt
+++ b/
maintenance/parserTests.txt
@@
-402,7
+402,7
@@
Regression with preformatted in <center>
!! input
<pre width="8" style="border-width: expression(alert(document.cookie))">Narrow screen goodies</pre>
!! result
!! input
<pre width="8" style="border-width: expression(alert(document.cookie))">Narrow screen goodies</pre>
!! result
-<pre width="8">Narrow screen goodies</pre>
+<pre width="8"
style="/* insecure input */"
>Narrow screen goodies</pre>
!! end
!! end
@@
-4269,7
+4269,7
@@
Bug 2304: HTML attribute safety (dangerous style template; 2309)
!! input
<div style="{{dangerous style attribute}}"></div>
!! result
!! input
<div style="{{dangerous style attribute}}"></div>
!! result
-<div></div>
+<div
style="/* insecure input */"
></div>
!! end
!! end
@@
-4287,7
+4287,7
@@
Bug 2304: HTML attribute safety (unsafe parameter; 2309)
!! input
{{div style|width: expression(alert(document.cookie))}}
!! result
!! input
{{div style|width: expression(alert(document.cookie))}}
!! result
-<div>Magic div</div>
+<div
style="/* insecure input */"
>Magic div</div>
!! end
!! end
@@
-4396,7
+4396,7
@@
Bug 3244: HTML attribute safety (extension; unsafe)
!! input
<div style="<nowiki>border-left:expression(alert(document.cookie))</nowiki>"></div>
!! result
!! input
<div style="<nowiki>border-left:expression(alert(document.cookie))</nowiki>"></div>
!! result
-<div></div>
+<div
style="/* insecure input */"
></div>
!! end
!! end
@@
-4416,7
+4416,7
@@
MSIE CSS safety test: spurious slash
!! input
<div style="background-image:u\rl(javascript:alert('boo'))">evil</div>
!! result
!! input
<div style="background-image:u\rl(javascript:alert('boo'))">evil</div>
!! result
-<div>evil</div>
+<div
style="/* insecure input */"
>evil</div>
!! end
!! end
@@
-4425,7
+4425,7
@@
MSIE CSS safety test: hex code
!! input
<div style="background-image:u\72l(javascript:alert('boo'))">evil</div>
!! result
!! input
<div style="background-image:u\72l(javascript:alert('boo'))">evil</div>
!! result
-<div>evil</div>
+<div
style="/* insecure input */"
>evil</div>
!! end
!! end
@@
-4471,7
+4471,7
@@
Table attribute safety
!! result
<table>
<tr>
!! result
<table>
<tr>
-<th> status
+<th
style="/* insecure input */"
> status
</th></tr></table>
!! end
</th></tr></table>
!! end
@@
-4481,7
+4481,7
@@
CSS line continuation 1
!! input
<div style="background-image: u\ rl(test.jpg);"></div>
!! result
!! input
<div style="background-image: u\ rl(test.jpg);"></div>
!! result
-<div></div>
+<div
style="/* insecure input */"
></div>
!! end
!! end
@@
-4490,7
+4490,7
@@
CSS line continuation 2
!! input
<div style="background-image: u\ rl(test.jpg); "></div>
!! result
!! input
<div style="background-image: u\ rl(test.jpg); "></div>
!! result
-<div></div>
+<div
style="/* insecure input */"
></div>
!! end
!! end