summaryrefslogtreecommitdiffstats
path: root/tests/codeigniter/core
AgeCommit message (Collapse)AuthorFilesLines
2016-03-07Fix #4475Andrey Andreev1-2/+4
2016-02-11Skip CI_Log tests on PHP 5.2Andrey Andreev1-1/+10
We still run those (with failures enabled) and that test breaks them
2016-02-09[ci skip] WhitespaceAndrey Andreev1-1/+1
2016-02-09Add CI_Log test casesAndrey Andreev1-0/+64
2015-11-09Merge pull request #4225 from zhanghongyi/loader-testAndrey Andreev1-4/+25
Improve Loader test cases for libraries
2015-10-31Prevent Host header injectionsAndrey Andreev1-30/+17
2015-10-31Harden xss_clean()Andrey Andreev1-15/+20
2015-10-30Fix #3201Andrey Andreev1-0/+5
2015-10-05Some more intrusive XSS cleaningAndrey Andreev1-2/+7
2015-10-02More XSS stuffAndrey Andreev1-1/+6
2015-09-28Merge pull request #4125 from jim-parry/fix/lang_testAndrey Andreev1-5/+17
Improve CI_Lang tests
2015-09-21More XSS stuffAndrey Andreev1-0/+16
2015-09-17Don't allow open-ended tags to pass through xss_clean()Andrey Andreev1-0/+1
This was a regression caused by the previous commit
2015-09-17Refactor 'evil attributes' sanitization logicAndrey Andreev1-23/+34
Turned out pretty much impossible to do remove 'evil attributes' with just one pattern - it either breaks something else, hits pcre.backtrack_limit or causes PHP to segfault. No benchmarks made, but there shouldn't be any performance regressions since we're now trying to strip attributes only after it is determined that they are inside a tag; up until now this was done seprately for _sanitize_naughty_html() and _remove_evil_attributes().
2015-09-14Another addition to tag detection patterns in xss_clean()Andrey Andreev1-0/+5
2015-09-14Move _remove_evil_attributes() callAndrey Andreev1-0/+14
2015-09-11Harden xss_clean() moreAndrey Andreev1-2/+7
This time eliminate false positives for the 'naughty html' logic.
2015-09-11Improve on previous commitAndrey Andreev1-0/+5
2015-09-11Replace the latest XSS patchesAndrey Andreev1-1/+6
This one fixes yet another issue, is cleaner and faster.
2015-09-10Last commit didn't adjust a RE indexAndrey Andreev1-0/+5
2015-09-10Fix & extend 700619cebf75c4e4fcda6a2d7bea1afb84a029e4Andrey Andreev1-4/+4
2015-09-10Fix a broken unit test from 700619cebf75c4e4fcda6a2d7bea1afb84a029e4Andrey Andreev1-1/+1
2015-09-10Fix #4106Andrey Andreev1-0/+8
2015-08-03[ci skip] Normalize tabs/spacesAndrey Andreev1-1/+1
Partial changes from PR #4016
2015-07-22Fix testcases broken by b63dc1904e4f34cb48d7dce80155172c6e94d777Andrey Andreev1-2/+2
2015-03-30[ci skip] Whitespace cleanup following PRs #3713 #3714Andrey Andreev2-16/+15
2015-03-30Merge pull request #3713 from ahnh/UnitTest_Lang_testAndrey Andreev1-0/+26
CI_Lang unit tests
2015-03-30changed to lowercase array.Heesung Ahn1-1/+1
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-30changed to lowercase array and space.Heesung Ahn1-3/+3
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-30updated array style and removed assert trueHeesung Ahn1-2/+5
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-30added spacesHeesung Ahn1-1/+1
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-29Improved unit test code coverage.Heesung Ahn1-0/+46
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-29removed spaceHeesung Ahn1-1/+1
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-29Increased code coverageHeesung Ahn1-1/+24
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-26Remove an unnecessary checkAndrey Andreev1-2/+1
#3700 #3706
2015-03-26Add FSCommand and seekSegmentTime to evil HTML attributes listAndrey Andreev1-0/+2
2015-03-21[ci skip] Whitespace cleanup following PR #3682Andrey Andreev1-20/+20
2015-03-20updated based on commentHeesung Ahn1-2/+2
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-19updated based on commentHeesung Ahn1-2/+1
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-19minor updateHeesung Ahn1-2/+3
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-18Updated CI_Input unit test and fixed error "undefined offset" caused by ↵Heesung Ahn1-5/+56
using the same variable name, $i, twice for for loop inside for loop. Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-18Polish some recent changes in test casesAndrey Andreev2-16/+14
2015-03-17Updated fetch_from_array unit testHeesung Ahn1-0/+9
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-10Fixed indentationHeesung Ahn1-66/+65
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-10Update Security Unit testHeesung Ahn1-18/+18
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-10Update Security Unit testHeesung Ahn1-3/+91
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-05adding more img tags Heesung Ahn1-2/+14
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-02test_strip_omage_tagsHeesung Ahn1-0/+19
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-02-17Fix #3572: CI_Security::_remove_evil_attributes()Andrey Andreev1-0/+12
2015-02-15[ci skip] Fix a PHP7 BC break in a test that wouldn't even runAndrey Andreev1-1/+1