fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-07 10:41:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

issue 602 xss code(onload) remove test complete

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.0@9713 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
ovclas 2011-10-24 06:24:36 +00:00
parent bf180ef208
commit d8a1b4fbab
1 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
tests/FuncIncTest.class.php
View file

@ -39,6 +39,11 @@ class FuncIncTest extends PHPUnit_Framework_TestCase
'<img src=\'as"df dummy=\'"1234\'" 4321\' asdf/*/>*/" onerror="console.log(\'Yet another XSS\')">',
'<img src="as&quot;df dummy=" />*/" onerror="console.log(\'Yet another XSS\')">'
),
// issue 602
array(
'<img alt="test" src="(http://static.naver.com/www/u/2010/0611/nmms_215646753.gif" onload="eval(String.fromCharCode(105,61,49,48,48,59,119,104,105,108,101, 40,105,62,48,41,97,108,101,114,116,40,40,105,45,45,41,43,39,48264,47564,32, 45908,32,53364,47533,54616,49464,50836,39,41,59));">',
'<img alt="test" src="(http://static.naver.com/www/u/2010/0611/nmms_215646753.gif">'
)
);
}