source: subversion/trunk/roundcubemail/tests/src/BID-26800.txt @ 2323

Last change on this file since 2323 was 2323, checked in by thomasb, 4 years ago

Create some basic unit tests based in simpletest.org
File size: 2.1 KB
Line 
1<html>
2<head>
3</head>
4<body>
5<h1>1 test</h1>
6<p>&lt;style&gt; block</p>
7<style>input { left:expression( alert(&#039;expression!&#039;) ) }</style>
8<style>div   { background:url(alert(&#039;URL!&#039;) ) }</style>
9
10<h1>2 test</h1>
11<p>&lt;div&gt; block</p>
12<div style="font-style:italic">valid css</div>
13<div style="{ left:expression( alert(&#039;expression!&#039;) ) }">
14<div style="{ background:url( alert(&#039;URL!&#039;) ) }">
15
16<h1>3 test</h1>
17<p>Inject comment text</p>
18<div style="{ left:exp/*  */ression( alert(&#039;xss3&#039;) ) }">
19<div style="{ background:u/* */rl( alert(&#039;xssurl3&#039;) ) }">
20
21<h1>4 test</h1>
22<p>Using reverse solid to directe the codepoint</p>
23<div style="{ left:\0065\0078pression( alert(&#039;xss4&#039;) ) }">
24<div style="{ background:\0075rl( alert(&#039;xssurl4&#039;) ) }">
25
26<h1>5 test</h1>
27<p>Character entity references</p>
28<p>Character entity references is acceptable in "inline styles"</p>
29<div style="{ left:&#x0065;xpression( alert(&#039;xss&#039;) ) }">
30<div style="{ left:&#101;xpression( alert(&#039;xss&#039;) ) }">
31<div style="{ background:&#x0075;rl( alert(&#039;URL!&#039;) ) }">
32<div style="{ background:&#117;rl( alert(&#039;URL!&#039;) ) }">
33<div style="{ left:&#x0065xpression( alert(&#039;xss&#039;) ) }">
34
35<div style="{ left:ïœ.ïœ.ïœ.ïœ.ïœ.ïœ.ïœ.ïœ.( alert(&#039;xss&#039;) ) }">
36<div style="{ left:ïœ.ïœ.&#x2f;**/pression( alert(&#039;xss&#039;) ) }">
37<div style="{ left:exp&#x0280;essio&#x0274;( alert(&#039;xss&#039;) ) }">
38<div style="{ left:&#x5c;0065&#x5c;0078pression( alert(&#039;xss&#039;) ) }">
39<div style="{ left:ex p ression( alert(&#039;xss&#039;) ) }">
40
41<div style="{ background:ïœ.ïœ.ïœ.( javascript:alert(&#039;xss&#039;) ) }">
42<div style="{ background:&#x0075;/**/rl( javascript:alert(&#039;xss&#039;) ) }">
43<div style="{ background:\0075\0072\006c( javascript:alert(&#039;xss&#039;) ) }">
44<div style="{ background:u&#x0280;&#x029F;( javascript:alert(&#039;xss&#039;) )
45}">
46<div style="{ background:&#x5c;0075&#x5c;0280l( javascript:alert(&#039;xss&#039;)
47) }">
48<div style="{ background:u r l( javascript:alert(&#039;xss&#039;) ) }">
49
50</body>
51</html>
52
Note: See TracBrowser for help on using the repository browser.