Ticket #8222: sanitize_ie_problems.diff
| File sanitize_ie_problems.diff, 2.0 kB (added by wycats, 1 year ago) |
|---|
-
actionpack/lib/action_view/helpers/text_helper.rb
old new 202 202 203 203 VERBOTEN_TAGS = %w(form script plaintext) unless defined?(VERBOTEN_TAGS) 204 204 VERBOTEN_ATTRS = /^on/i unless defined?(VERBOTEN_ATTRS) 205 VERBOTEN_STYLE = /(expression\(|behavior\()/ unless defined?(VERBOTEN_STYLE) 205 206 206 207 # Sanitizes the +html+ by converting <form> and <script> tags into regular 207 208 # text, and removing all "onxxx" attributes (so that arbitrary Javascript … … 228 229 else 229 230 if node.closing != :close 230 231 node.attributes.delete_if { |attr,v| attr =~ VERBOTEN_ATTRS } 232 node.attributes.delete_if { |attr,v| attr == "style" && v =~ VERBOTEN_STYLE } 231 233 %w(href src).each do |attr| 232 234 node.attributes.delete attr if node.attributes[attr] =~ /^javascript:/i 233 235 end -
actionpack/test/template/text_helper_test.rb
old new 279 279 assert_equal %{src="javascript:bang" <img width="5">foo</img>, <span>bar</span>}, result 280 280 end 281 281 282 def test_sanitize_behavior 283 raw = %{style="behavior(foo.htc)" <div style="width: behavior(foo.htc)">foo</div>} 284 result = sanitize(raw) 285 assert_equal %{style="behavior(foo.htc)" <div>foo</div>}, result 286 end 287 288 def test_sanitize_expression 289 raw = %{style="expression(evilJS)" <div style="width: expression(evilJS)">foo</div>} 290 result = sanitize(raw) 291 assert_equal %{style="expression(evilJS)" <div>foo</div>}, result 292 end 293 282 294 def test_cycle_class 283 295 value = Cycle.new("one", 2, "3") 284 296 assert_equal("one", value.to_s)
