[Phpmyadmin-git] [SCM] phpMyAdmin branch, master, updated. RELEASE_3_4_3_1-11912-gc2b530c
Michal Čihař
nijel at users.sourceforge.net
Mon Jul 25 14:17:42 CEST 2011
The branch, master has been updated
via c2b530c005105fc0615ee04ebb5c1c550917a8f4 (commit)
from a418fa95b962d77a614a0cbf66626123db4fc87f (commit)
- Log -----------------------------------------------------------------
commit c2b530c005105fc0615ee04ebb5c1c550917a8f4
Author: Michal Čihař <mcihar at suse.cz>
Date: Mon Jul 25 14:18:36 2011 +0200
Add another testcase for xss
-----------------------------------------------------------------------
Summary of changes:
test/libraries/PMA_sanitize_test.php | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/test/libraries/PMA_sanitize_test.php b/test/libraries/PMA_sanitize_test.php
index d88a82c..5d18355 100644
--- a/test/libraries/PMA_sanitize_test.php
+++ b/test/libraries/PMA_sanitize_test.php
@@ -33,6 +33,12 @@ class PMA_sanitize_test extends PHPUnit_Framework_TestCase
PMA_sanitize('[a at ./Documentation.html]doc[/a]'));
}
+ public function testLinkDocXss()
+ {
+ $this->assertEquals('[a at ./Documentation.html" onmouseover="alert(foo)"]doc</a>',
+ PMA_sanitize('[a at ./Documentation.html" onmouseover="alert(foo)"]doc[/a]'));
+ }
+
public function testLinkAndXssInHref()
{
$this->assertEquals('<a href="./Documentation.html">doc</a>[a at javascript:alert(\'XSS\');@target]link</a>',
hooks/post-receive
--
phpMyAdmin
More information about the Git
mailing list