SECURITY: fix XSS in link's href

2025-05-31 01:17:16 +08:00 · 2014-07-15 16:11:37 +02:00
parent 09924da60b
commit a9342dbf92
2 changed files with 10 additions and 1 deletions
--- a/test/javascripts/lib/markdown_test.js
+++ b/test/javascripts/lib/markdown_test.js
@ -401,14 +401,20 @@ test("URLs in BBCode tags", function() {
 });

 test("urlAllowed", function() {
+  var urlAllowed = Discourse.Markdown.urlAllowed;
+
  var allowed = function(url, msg) {
-    equal(Discourse.Markdown.urlAllowed(url), url, msg);
+    equal(urlAllowed(url), url, msg);
  };

  allowed("/foo/bar.html", "allows relative urls");
  allowed("http://eviltrout.com/evil/trout", "allows full urls");
  allowed("https://eviltrout.com/evil/trout", "allows https urls");
  allowed("//eviltrout.com/evil/trout", "allows protocol relative urls");
+
+  equal(urlAllowed("http://google.com/test'onmouseover=alert('XSS!');//.swf"),
+        "http://google.com/test&#39;onmouseover=alert(&#39;XSS!&#39;);//.swf",
+        "escape single quotes");
 });

 test("images", function() {