From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)
---
tests/Framework/Washtml.php | 33 +++++++++++++++++++++++++++++++--
1 files changed, 31 insertions(+), 2 deletions(-)
diff --git a/tests/Framework/Washtml.php b/tests/Framework/Washtml.php
index 6f4aa97..cb72343 100644
--- a/tests/Framework/Washtml.php
+++ b/tests/Framework/Washtml.php
@@ -18,7 +18,6 @@
.'<a href="vbscript:alert(document.cookie)">Internet Explorer</a></p>';
$washer = new rcube_washtml;
-
$washed = $washer->wash($html);
$this->assertNotRegExp('/data:text/', $washed, "Remove data:text/html links");
@@ -33,10 +32,40 @@
$html = "<p><a href=\"\nhttp://test.com\n\">Firefox</a>";
$washer = new rcube_washtml;
-
$washed = $washer->wash($html);
$this->assertRegExp('|href="http://test.com">|', $washed, "Link href with newlines (#1488940)");
}
+ /**
+ * Test handling HTML comments
+ */
+ function test_comments()
+ {
+ $washer = new rcube_washtml;
+
+ $html = "<!--[if gte mso 10]><p>p1</p><!--><p>p2</p>";
+ $washed = $washer->wash($html);
+
+ $this->assertEquals('<!-- node type 8 --><!-- html ignored --><!-- body ignored --><p>p2</p>', $washed, "HTML conditional comments (#1489004)");
+
+ $html = "<!--TestCommentInvalid><p>test</p>";
+ $washed = $washer->wash($html);
+
+ $this->assertEquals('<!-- html ignored --><!-- body ignored --><p>test</p>', $washed, "HTML invalid comments (#1487759)");
+ }
+
+ /**
+ * Test fixing of invalid self-closing elements (#1489137)
+ */
+ function test_self_closing()
+ {
+ $html = "<textarea>test";
+
+ $washer = new rcube_washtml;
+ $washed = $washer->wash($html);
+
+ $this->assertRegExp('|<textarea>test</textarea>|', $washed, "Self-closing textarea (#1489137)");
+ }
+
}
--
Gitblit v1.9.1