RESOLVED FIXED 26589
Write more XSSAuditor tests
https://bugs.webkit.org/show_bug.cgi?id=26589
Summary Write more XSSAuditor tests
Adam Barth
Reported 2009-06-21 14:40:19 PDT
I kind of skimped on the XSSAuditor test in the first patch. We should add some more coverage. Dan Bates has a lot of good test cases here: http://webblaze.org/dbates/ I'll try to adapt as many of them as possible to the LayoutTest framework.
Attachments
Tests! (20.20 KB, patch)
2009-06-21 19:48 PDT, Adam Barth
no flags
Adam Barth
Comment 1 2009-06-21 19:48:02 PDT
Created attachment 31630 [details] Tests! Here's a bunch of new tests. I didn't do everything on Dan's page. We can do another round at some point.
Adam Barth
Comment 2 2009-06-23 00:25:40 PDT
Sending LayoutTests/ChangeLog Adding LayoutTests/http/tests/security/xssAuditor/link-onclick-expected.txt Adding LayoutTests/http/tests/security/xssAuditor/link-onclick.html Adding LayoutTests/http/tests/security/xssAuditor/property-escape-expected.txt Adding LayoutTests/http/tests/security/xssAuditor/property-escape.html Adding LayoutTests/http/tests/security/xssAuditor/resources/echo-intertag-post-and- notify.php Adding LayoutTests/http/tests/security/xssAuditor/resources/echo-intertag-post.php Adding LayoutTests/http/tests/security/xssAuditor/resources/echo-intertag-utf-7.php Sending LayoutTests/http/tests/security/xssAuditor/resources/echo-intertag.php Adding LayoutTests/http/tests/security/xssAuditor/resources/echo-property.php Adding LayoutTests/http/tests/security/xssAuditor/resources/redir.php Adding LayoutTests/http/tests/security/xssAuditor/resources/xss.js Adding LayoutTests/http/tests/security/xssAuditor/script-tag-convoluted-expected.tx t Adding LayoutTests/http/tests/security/xssAuditor/script-tag-convoluted.html Adding LayoutTests/http/tests/security/xssAuditor/script-tag-open-redirect-expected .txt Adding LayoutTests/http/tests/security/xssAuditor/script-tag-open-redirect.html Adding LayoutTests/http/tests/security/xssAuditor/script-tag-post-expected.txt Adding LayoutTests/http/tests/security/xssAuditor/script-tag-post.html Adding LayoutTests/http/tests/security/xssAuditor/script-tag-redirect-expected.txt Adding LayoutTests/http/tests/security/xssAuditor/script-tag-redirect.html Adding LayoutTests/http/tests/security/xssAuditor/script-tag-utf-7-expected.txt Adding LayoutTests/http/tests/security/xssAuditor/script-tag-utf-7.html Adding LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-expected.txt Adding LayoutTests/http/tests/security/xssAuditor/script-tag-with-source.html Transmitting file data ........................ Committed revision 44977.
Adam Barth
Comment 3 2009-06-23 00:49:34 PDT
These test failed on Tiger and Windows. I wonder if it has to do with different versions of PHP.
Adam Barth
Comment 4 2009-06-23 00:49:53 PDT
Comment on attachment 31630 [details] Tests! Clearing review flag while we figure this out.
Adam Barth
Comment 5 2009-06-27 08:48:26 PDT
I did eventually get these to stick by converting the server-side parts to Perl.
Note You need to log in before you can comment on or make changes to this bug.