summaryrefslogtreecommitdiffstats
path: root/tests/codeigniter/core
AgeCommit message (Collapse)AuthorFilesLines
2015-09-21More XSS stuffAndrey Andreev1-0/+16
2015-09-17Don't allow open-ended tags to pass through xss_clean()Andrey Andreev1-0/+1
This was a regression caused by the previous commit
2015-09-17Refactor 'evil attributes' sanitization logicAndrey Andreev1-23/+34
Turned out pretty much impossible to do remove 'evil attributes' with just one pattern - it either breaks something else, hits pcre.backtrack_limit or causes PHP to segfault. No benchmarks made, but there shouldn't be any performance regressions since we're now trying to strip attributes only after it is determined that they are inside a tag; up until now this was done seprately for _sanitize_naughty_html() and _remove_evil_attributes().
2015-09-14Another addition to tag detection patterns in xss_clean()Andrey Andreev1-0/+5
2015-09-14Move _remove_evil_attributes() callAndrey Andreev1-0/+14
2015-09-11Harden xss_clean() moreAndrey Andreev1-2/+7
This time eliminate false positives for the 'naughty html' logic.
2015-09-11Improve on previous commitAndrey Andreev1-0/+5
2015-09-11Replace the latest XSS patchesAndrey Andreev1-1/+6
This one fixes yet another issue, is cleaner and faster.
2015-09-10Last commit didn't adjust a RE indexAndrey Andreev1-0/+5
2015-09-10Fix & extend 700619cebf75c4e4fcda6a2d7bea1afb84a029e4Andrey Andreev1-4/+4
2015-09-10Fix a broken unit test from 700619cebf75c4e4fcda6a2d7bea1afb84a029e4Andrey Andreev1-1/+1
2015-09-10Fix #4106Andrey Andreev1-0/+8
2015-08-03[ci skip] Normalize tabs/spacesAndrey Andreev1-1/+1
Partial changes from PR #4016
2015-07-22Fix testcases broken by b63dc1904e4f34cb48d7dce80155172c6e94d777Andrey Andreev1-2/+2
2015-03-30[ci skip] Whitespace cleanup following PRs #3713 #3714Andrey Andreev2-16/+15
2015-03-30Merge pull request #3713 from ahnh/UnitTest_Lang_testAndrey Andreev1-0/+26
CI_Lang unit tests
2015-03-30changed to lowercase array.Heesung Ahn1-1/+1
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-30changed to lowercase array and space.Heesung Ahn1-3/+3
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-30updated array style and removed assert trueHeesung Ahn1-2/+5
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-30added spacesHeesung Ahn1-1/+1
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-29Improved unit test code coverage.Heesung Ahn1-0/+46
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-29removed spaceHeesung Ahn1-1/+1
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-29Increased code coverageHeesung Ahn1-1/+24
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-26Remove an unnecessary checkAndrey Andreev1-2/+1
#3700 #3706
2015-03-26Add FSCommand and seekSegmentTime to evil HTML attributes listAndrey Andreev1-0/+2
2015-03-21[ci skip] Whitespace cleanup following PR #3682Andrey Andreev1-20/+20
2015-03-20updated based on commentHeesung Ahn1-2/+2
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-19updated based on commentHeesung Ahn1-2/+1
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-19minor updateHeesung Ahn1-2/+3
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-18Updated CI_Input unit test and fixed error "undefined offset" caused by ↵Heesung Ahn1-5/+56
using the same variable name, $i, twice for for loop inside for loop. Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-18Polish some recent changes in test casesAndrey Andreev2-16/+14
2015-03-17Updated fetch_from_array unit testHeesung Ahn1-0/+9
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-10Fixed indentationHeesung Ahn1-66/+65
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-10Update Security Unit testHeesung Ahn1-18/+18
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-10Update Security Unit testHeesung Ahn1-3/+91
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-05adding more img tags Heesung Ahn1-2/+14
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-03-02test_strip_omage_tagsHeesung Ahn1-0/+19
Signed-off-by:Heesung Ahn <ahn.heesung@gmail.com>
2015-02-17Fix #3572: CI_Security::_remove_evil_attributes()Andrey Andreev1-0/+12
2015-02-15[ci skip] Fix a PHP7 BC break in a test that wouldn't even runAndrey Andreev1-1/+1
2015-01-21Remove closing blocks at end of PHP filesvlakoff1-3/+0
2015-01-21Make libraries matching controller names loadableAndrey Andreev1-8/+8
2015-01-12Fix quoted_printable_encode() testAndrey Andreev1-1/+5
A false positive is triggered when imap_8bit() exists, as it seems to have slightly different output.
2015-01-12Added support for running unit tests on PHP 5.2Dan Bernardic1-11/+12
Signed-off-by: Dan Bernardic <dan.bernardic@gmail.com>
2015-01-11Added a unit test for #3464Dan Bernardic1-1/+6
Signed-off-by: Dan Bernardic <dan.bernardic@gmail.com>
2014-12-16Fix #3419Andrey Andreev1-4/+9
2014-12-15Remove minifier testAndrey Andreev1-10/+0
2014-12-05Fix a filter_uri() testAndrey Andreev1-1/+2
2014-12-05Further changes related to issue #47, PR #3323Andrey Andreev1-17/+3
- Removed a test that was created specifically for the 'convert programmatic characters to entities' feature. - Changed filter_uri() to accept by reference and to not return anything as its only purpose now is to trigger a show_error() call. - Added changelog messages and updated the upgrade instructions.
2014-11-11Fixed testsRazican1-1/+1
Signed-off-by: Razican <admin@razican.com>
2014-10-22[ci skip] Update 2 links to relate to bcit-ci/Andrey Andreev2-2/+2
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-07-13 17:15:40 +0200