dépôts
/
lhc
/
web
/
wiklou.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
SECURITY: blacklist CSS var()
[lhc/web/wiklou.git]
/
tests
/
phpunit
/
includes
/
parser
/
SanitizerTest.php
diff --git
a/tests/phpunit/includes/parser/SanitizerTest.php
b/tests/phpunit/includes/parser/SanitizerTest.php
index
1f6f4e8
..
1b67bbd
100644
(file)
--- a/
tests/phpunit/includes/parser/SanitizerTest.php
+++ b/
tests/phpunit/includes/parser/SanitizerTest.php
@@
-326,6
+326,7
@@
class SanitizerTest extends MediaWikiTestCase {
],
[ '/* insecure input */', 'foo: attr( title, url );' ],
[ '/* insecure input */', 'foo: attr( title url );' ],
+ [ '/* insecure input */', 'foo: var(--evil-attribute)' ],
];
}
dépôts / lhc / web / wiklou.git / blobdiff