diff options
Diffstat (limited to 't/008filter.t')
-rw-r--r-- | t/008filter.t | 40 |
1 files changed, 26 insertions, 14 deletions
diff --git a/t/008filter.t b/t/008filter.t index b8d05af8a..1111c16f6 100644 --- a/t/008filter.t +++ b/t/008filter.t @@ -1,9 +1,23 @@ -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# -*- Mode: perl; indent-tabs-mode: nil -*- # -# This Source Code Form is "Incompatible With Secondary Licenses", as -# defined by the Mozilla Public License, v. 2.0. +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code are the Bugzilla tests. +# +# The Initial Developer of the Original Code is Jacob Steenhagen. +# Portions created by Jacob Steenhagen are +# Copyright (C) 2001 Jacob Steenhagen. All +# Rights Reserved. +# +# Contributor(s): Gervase Markham <gerv@gerv.net> ################# #Bugzilla Test 8# @@ -15,11 +29,10 @@ # Sample exploit code: '>"><script>alert('Oh dear...')</script> -use 5.10.1; use strict; -use warnings; +use lib qw(. lib t); -use lib qw(. lib local/lib/perl5 t); +use vars qw(%safe); use Bugzilla::Constants; use Support::Templates; @@ -31,7 +44,6 @@ use Cwd; my $oldrecsep = $/; my $topdir = cwd; $/ = undef; -our %safe; foreach my $path (@Support::Templates::include_paths) { $path =~ s|\\|/|g if ON_WINDOWS; # convert \ to / in path if on windows @@ -82,13 +94,13 @@ foreach my $path (@Support::Templates::include_paths) { foreach my $file (@testitems) { # There are some files we don't check, because there is no need to # filter their contents due to their content-type. - if ($file =~ /\.(pm|txt|rst|png)\.tmpl$/) { + if ($file =~ /\.(pm|txt|png)\.tmpl$/) { ok(1, "($lang/$flavor) $file is filter-safe"); next; } - + # Read the entire file into a string - open (FILE, "<$file") || die "Can't open $file: $!\n"; + open (FILE, "<$file") || die "Can't open $file: $!\n"; my $slurp = <FILE>; close (FILE); @@ -213,8 +225,8 @@ sub directive_ok { return 1 if $directive =~ /FILTER\ (html|csv|js|base64|css_class_quote|ics| quoteUrls|time|uri|xml|lower|html_light| obsolete|inactive|closed|unitconvert| - txt|html_linebreak|none|json|null|id| - markdown)\b/x; + txt|html_linebreak|none|json|null|id)\b/x; + return 0; } |