| | |
|---|
| | | function test_html_xss2() |
|---|
| | | { |
|---|
| | | $part = $this->get_html_part('src/BID-26800.txt'); |
|---|
| | | $washed = rcmail_print_body($part, array('safe' => true)); |
|---|
| | | $washed = rcmail_html4inline(rcmail_print_body($part, array('safe' => true)), 'dabody', '', $attr, true); |
|---|
| | | |
|---|
| | | $this->assertNoPattern('/alert|expression|javascript|xss/', $washed, "Remove evil style blocks"); |
|---|
| | | $this->assertNoPattern('/font-style:italic/', $washed, "Allow valid styles"); |
|---|
| | |
|---|
| | | <h1>2 test</h1> |
|---|
| | | <p><div> block</p> |
|---|
| | | <div style="font-style:italic">valid css</div> |
|---|
| | | <div style="color:red; background:url('//somedomain.com/somepath/somefile.png')"> |
|---|
| | | <div style="{ left:expression( alert('expression!') ) }"> |
|---|
| | | <div style="{ background:url( alert('URL!') ) }"> |
|---|
| | | |
|---|
| | | <h1>3 test</h1> |
|---|
| | | <p>Inject comment text</p> |
|---|
| | | <div style="{ left:exp/* */ression( alert('xss3') ) }"> |
|---|
| | | <div style="{ background:u/* */rl( alert('xssurl3') ) }"> |
|---|
| | | <div style=" background:u/* */rl( alert('xssurl3') ) "> |
|---|
| | | |
|---|
| | | <h1>4 test</h1> |
|---|
| | | <p>Using reverse solid to directe the codepoint</p> |
|---|
