diff options
Diffstat (limited to 'maintenance')
| -rw-r--r-- | maintenance/parserTests.txt | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/maintenance/parserTests.txt b/maintenance/parserTests.txt index d7249ff2..2d3907d8 100644 --- a/maintenance/parserTests.txt +++ b/maintenance/parserTests.txt @@ -399,7 +399,7 @@ Regression with preformatted in <center> !! input <pre width="8" style="border-width: expression(alert(document.cookie))">Narrow screen goodies</pre> !! result -<pre width="8">Narrow screen goodies</pre> +<pre width="8" style="/* insecure input */">Narrow screen goodies</pre> !! end @@ -2198,7 +2198,7 @@ Magic links: PMID incorrectly converts space to underscore !! input PMID 1234 !! result -<p><a href="http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?cmd=Retrieve&db=pubmed&dopt=Abstract&list_uids=1234" class="external" title="http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?cmd=Retrieve&db=pubmed&dopt=Abstract&list_uids=1234">PMID 1234</a> +<p><a href="http://www.ncbi.nlm.nih.gov/pubmed/1234?dopt=Abstract" class="external" title="http://www.ncbi.nlm.nih.gov/pubmed/1234?dopt=Abstract">PMID 1234</a> </p> !! end @@ -4150,7 +4150,7 @@ Bug 2304: HTML attribute safety (dangerous style template; 2309) !! input <div style="{{dangerous style attribute}}"></div> !! result -<div></div> +<div style="/* insecure input */"></div> !! end @@ -4168,7 +4168,7 @@ Bug 2304: HTML attribute safety (unsafe parameter; 2309) !! input {{div style|width: expression(alert(document.cookie))}} !! result -<div>Magic div</div> +<div style="/* insecure input */">Magic div</div> !! end @@ -4277,7 +4277,7 @@ Bug 3244: HTML attribute safety (extension; unsafe) !! input <div style="<nowiki>border-left:expression(alert(document.cookie))</nowiki>"></div> !! result -<div></div> +<div style="/* insecure input */"></div> !! end @@ -4297,7 +4297,7 @@ MSIE CSS safety test: spurious slash !! input <div style="background-image:u\rl(javascript:alert('boo'))">evil</div> !! result -<div>evil</div> +<div style="/* insecure input */">evil</div> !! end @@ -4306,7 +4306,7 @@ MSIE CSS safety test: hex code !! input <div style="background-image:u\72l(javascript:alert('boo'))">evil</div> !! result -<div>evil</div> +<div style="/* insecure input */">evil</div> !! end @@ -4352,7 +4352,7 @@ Table attribute safety !! result <table> <tr> -<th> status +<th style="/* insecure input */"> status </th></tr></table> !! end @@ -4362,7 +4362,7 @@ CSS line continuation 1 !! input <div style="background-image: u\ rl(test.jpg);"></div> !! result -<div></div> +<div style="/* insecure input */"></div> !! end @@ -4371,7 +4371,7 @@ CSS line continuation 2 !! input <div style="background-image: u\ rl(test.jpg); "></div> !! result -<div></div> +<div style="/* insecure input */"></div> !! end |