diff options
author | Andrey Andreev <narf@devilix.net> | 2015-09-14 15:06:37 +0200 |
---|---|---|
committer | Andrey Andreev <narf@devilix.net> | 2015-09-14 15:06:37 +0200 |
commit | 1e6d4d611d80dc7f20566ecc125354d84deebd1c (patch) | |
tree | 8891f690a863c091130c1a62990fc79c9f834932 /tests/codeigniter/core/Security_test.php | |
parent | 392f8da2ebc22efeb1b688a75c49c1a52e12f0f2 (diff) |
Another addition to tag detection patterns in xss_clean()
Diffstat (limited to 'tests/codeigniter/core/Security_test.php')
-rw-r--r-- | tests/codeigniter/core/Security_test.php | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index 2e9cd01c4..ee5b82cbc 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -174,6 +174,11 @@ class Security_test extends CI_TestCase { '<img src="x"> on=\'x\' onerror=``,alert(1)>', $this->security->remove_evil_attributes('<img src="x"> on=\'x\' onerror=``,alert(1)>', FALSE) ); + + $this->assertEquals( + '<a< [removed]>', + $this->security->remove_evil_attributes('<a< onmouseover="alert(1)">', FALSE) + ); } // -------------------------------------------------------------------- |