HTML Purifer 변경 후 달라진 예상 값 변경2

2026-04-02 01:52:10 +09:00 · 2016-01-02 15:39:30 +09:00 · 2016-01-02 15:39:30 +09:00 · 7ca4096161
commit 7ca4096161
parent 3a616adee3
1 changed files with 3 additions and 3 deletions
--- a/tests/unit/FuncIncTest.php
+++ b/tests/unit/FuncIncTest.php
@ -25,7 +25,7 @@ class FuncIncTest extends \Codeception\TestCase\Test
            // embedded encoded tab to break up XSS - http://ha.ckers.org/xss.html
            array(
                '<IMG SRC="jav&#x09;ascript:alert(\'XSS\');">',
-                '<img src="jav%20ascript%3Aalert(%5C\'XSS%5C\');" alt="jav ascript:alert(\\\'XSS\\\');" />'
+                '<img src="jav%20ascript%3Aalert(\%5C\'XSS\%5C\');" alt="jav ascript:alert(\\\'XSS\\\');" />'
            ),
            // issue 178
            array(
@ -35,12 +35,12 @@ class FuncIncTest extends \Codeception\TestCase\Test
            // issue 534
            array(
                '<img src=\'as"df dummy=\'"1234\'" 4321\' asdf/*/>*/"  onerror="console.log(\'Yet another XSS\')">',
-                '<img src="as" alt="as&quot;df dummy=" />*/"  onerror="console.log(\'Yet another XSS\')"&gt;'
+                '<img src="\%5C\'as" alt="\\\'as&quot;df" />*/"  onerror="console.log(\\\'Yet another XSS\\\')"&gt;'
            ),
            // issue 602
            array(
                '<img alt="test" src="(http://static.naver.com/www/u/2010/0611/nmms_215646753.gif" onload="eval(String.fromCharCode(105,61,49,48,48,59,119,104,105,108,101, 40,105,62,48,41,97,108,101,114,116,40,40,105,45,45,41,43,39,48264,47564,32, 45908,32,53364,47533,54616,49464,50836,39,41,59));">',
-                ''
+                '<img alt="test" src="(http%3A//static.naver.com/www/u/2010/0611/nmms_215646753.gif" />'
            ),
            // issue #1813 https://github.com/xpressengine/xe-core/issues/1813
            array(