Testcases for Recent XSS flaws

Testcases for unsanitized chunk-handling.
This commit is contained in:
Jacques Distler 2007-09-11 20:49:56 -05:00
parent d0e834978a
commit 3f5d804c22

View file

@ -231,6 +231,12 @@ class PageRendererTest < Test::Unit::TestCase
"and http://this.url.com </nowiki> but markup [[this]]") "and http://this.url.com </nowiki> but markup [[this]]")
end end
def test_sanitize_nowiki_tag
assert_markup_parsed_as(
'<p>[[test]]&amp;<a href=\'a&amp;b\'>shebang</a> &lt;script&gt;alert("xss!");&lt;/script&gt; *foo*</p>',
'<nowiki>[[test]]&<a href="a&b">shebang</a> <script>alert("xss!");</script> *foo*</nowiki>')
end
def test_content_with_bracketted_wiki_word def test_content_with_bracketted_wiki_word
set_web_property :brackets_only, true set_web_property :brackets_only, true
assert_markup_parsed_as( assert_markup_parsed_as(
@ -370,6 +376,16 @@ class PageRendererTest < Test::Unit::TestCase
assert_equal WikiReference::CATEGORY, references[0].link_type assert_equal WikiReference::CATEGORY, references[0].link_type
end end
def test_references_creation_sanitized_categories
new_page = @web.add_page('NewPage', "Foo\ncategory: <script>alert('XSS');</script>",
Time.local(2004, 4, 4, 16, 50), 'AlexeyVerkhovsky', test_renderer)
references = new_page.wiki_references(true)
assert_equal 1, references.size
assert_equal "&lt;script&gt;alert(&#39;XSS&#39;);&lt;/script&gt;", references[0].referenced_name
assert_equal WikiReference::CATEGORY, references[0].link_type
end
def test_rendering_included_page_under_different_modes def test_rendering_included_page_under_different_modes
included = @web.add_page('Included', 'link to HomePage', Time.now, 'AnAuthor', test_renderer) included = @web.add_page('Included', 'link to HomePage', Time.now, 'AnAuthor', test_renderer)
main = @web.add_page('Main', '[[!include Included]]', Time.now, 'AnAuthor', test_renderer) main = @web.add_page('Main', '[[!include Included]]', Time.now, 'AnAuthor', test_renderer)