issue 178 : improving a function which protects XSS attacks

git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.0@9508 201d5d3c-b55e-5fd7-737f-ddc643e51545
2026-04-30 15:52:17 +09:00 · 2011-10-06 06:56:23 +00:00 · 2011-10-06 06:56:23 +00:00 · 2830183520
commit 2830183520
parent 7786046d6f
2 changed files with 76 additions and 93 deletions
--- a/tests/FuncIncTest.class.php
+++ b/tests/FuncIncTest.class.php
@ -0,0 +1,48 @@
+<?php
+
+define('__XE__', 1);
+define('_XE_PATH_', realpath(dirname(__FILE__).'/../'));
+require _XE_PATH_.'/config/func.inc.php';
+
+class FuncIncTest extends PHPUnit_Framework_TestCase
+{
+	static public function xssProvider()
+	{
+		return array(
+			// remove iframe
+			array(
+				'<div class="frame"><iframe src="path/to/file.html"></iframe><p><a href="#iframe">IFrame</a></p></div>',
+				'<div class="frame">&lt;iframe src="path/to/file.html">&lt;/iframe><p><a href="#iframe">IFrame</a></p></div>'
+			),
+			// expression
+			array(
+				'<div class="dummy" style="xss:expr/*XSS*/ession(alert(\'XSS\'))">',
+				'<div class="dummy">'
+			),
+			// no quotes and no semicolon - http://ha.ckers.org/xss.html
+			array(
+				'<img src=javascript:alert(\'xss\')>',
+				'<img>'
+			),
+			// embedded encoded tab to break up XSS - http://ha.ckers.org/xss.html
+			array(
+				'<IMG SRC="jav&#x09;ascript:alert(\'XSS\');">',
+				'<img>'
+			),
+			// issue 178
+			array(
+				"<img src=\"invalid\"\nonerror=\"alert(1)\" />",
+				'<img src="invalid" />'
+			)
+		);
+	}
+
+	/**
+	 * @dataProvider xssProvider
+	 */
+	public function testXSS($source, $expected)
+	{
+		$result = removeHackTag($source);
+		$this->assertEquals($result, $expected);
+	}
+}