diff options
| author | Andrey Andreev <narf@devilix.net> | 2015-09-10 11:44:50 +0200 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2015-09-10 11:44:50 +0200 |
| commit | 700619cebf75c4e4fcda6a2d7bea1afb84a029e4 (patch) | |
| tree | 52ba9b618fa82bcd2ceb29e3eb362e8df17d304d /tests | |
| parent | e70238e8acd4ebdf1a3e30d63e8ffb1a46ab6d15 (diff) | |
Fix #4106
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/codeigniter/core/Security_test.php | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index bab76dffb..52bb296ad 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -146,6 +146,14 @@ class Security_test extends CI_TestCase { $this->assertEquals('onNoTagAtAll = true', $this->security->remove_evil_attributes('onNoTagAtAll = true', FALSE)); $this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo fscommand=case-insensitive>', FALSE)); $this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo seekSegmentTime=whatever>', FALSE)); + $this->assertEquals( + '<foo bar=">" baz=\'\' [removed]>', + $this->security->remove_evil_attributes('<foo bar=">" baz=\'\' onAfterGreaterThan="quotes">', FALSE) + ); + $this->assertEquals( + '<foo bar=">" baz=\'\'[removed]>', + $this->security->remove_evil_attributes('<foo bar=">" baz=\'\' onAfterGreaterThan=noQuotes>', FALSE) + ); } // -------------------------------------------------------------------- |