Sha256: 6258aed1d1b78951e34d01504d8141440ec27eb6f4b15ba7306fadafcfb31b1e

Contents?: true

Size: 1.99 KB

Versions: 96

Compression:

Stored size: 1.99 KB

Contents

---
in:  Just a little harmless xss <script src=http://ha.ckers.org/xss.js>stuff</script>.
sanitized_html: <p>Just a little harmless xss stuff.</p>
---
in: Here's a bad image <img src="JaVaScRiPt:alert('XSS');" />
sanitized_html: <p>Here&#8217;s a bad image <img /></p>
---
in: Just some random > and < characters, but also a <br/> tag.
sanitized_html: <p>Just some random &gt; and &lt; characters, but also a <br/> tag.</p>
---
name: processes text beginning with space
in: ' This began with a space and ends with some XSS: <script type="text/javascript">alert("Hai. I`m in ya PC. Makin ya XSS viruzz! KThxBye");</script>'
sanitized_html: 'This began with a space and ends with some <span class="caps">XSS</span>: alert(&#8220;Hai. I`m in ya PC. Makin ya <span class="caps">XSS</span> viruzz! KThxBye&#8221;);'
---
name: processes text in notextile tags
in: |-
  <notextile>
  The bad tags should be <b>missing</b>: <script type="text/javascript">alert("Hai. I`m in ya PC. Makin ya XSS viruzz! KThxBye");</script>
  </notextile>
sanitized_html: |-
  The bad tags should be <b>missing</b>: alert("Hai. I`m in ya PC. Makin ya XSS viruzz! KThxBye");
---
name: processes text in inline notextile tags
in: |-
  The bad tags should be <b>missing</b>: <notextile><script type="text/javascript">alert("Hai. I`m in ya PC. Makin ya XSS viruzz! KThxBye");</script></notextile>
sanitized_html: |-
  <p>The bad tags should be <b>missing</b>: alert("Hai. I`m in ya PC. Makin ya XSS viruzz! KThxBye");</p>
---
name: removes script tags
in: |-
  <script type="text/javascript">
    alert("Hai. I`m in ya PC. Makin ya XSS viruzz! KThxBye");
  </script>
sanitized_html: "alert(&#8220;Hai. I`m in ya PC. Makin ya <span class=\"caps\">XSS</span> viruzz! KThxBye&#8221;);"
---
name: removes nested script tags
in: |-
  <script type="text/javascript"><script>
    alert("Hai. I`m in ya PC. Makin ya XSS viruzz! KThxBye");
  </script></script>
sanitized_html: |-
  alert(&#8220;Hai. I`m in ya PC. Makin ya <span class="caps">XSS</span> viruzz! KThxBye&#8221;);

Version data entries

96 entries across 96 versions & 10 rubygems

Version Path
RedCloth-4.2.4.pre2-x86-mingw32 spec/fixtures/sanitize_html.yml
RedCloth-4.2.4.pre2-java spec/fixtures/sanitize_html.yml
RedCloth-4.2.4.pre2 spec/fixtures/sanitize_html.yml
RedCloth-4.2.4.pre1 spec/fixtures/sanitize_html.yml
BBRedCloth-0.8.0 test/sanitize_html.yml
RedCloth-4.2.3-x86-mswin32-60 spec/fixtures/sanitize_html.yml
RedCloth-4.2.3-universal-java spec/fixtures/sanitize_html.yml
RedCloth-4.2.3 spec/fixtures/sanitize_html.yml
RedCloth-4.2.2-x86-mswin32-60 spec/fixtures/sanitize_html.yml
RedCloth-4.2.2-universal-java spec/fixtures/sanitize_html.yml
RedCloth-4.2.1-x86-mswin32-60 spec/fixtures/sanitize_html.yml
RedCloth-4.2.1-universal-java spec/fixtures/sanitize_html.yml
RedCloth-4.2.1 spec/fixtures/sanitize_html.yml
RedCloth-4.2.2 spec/fixtures/sanitize_html.yml
RedCloth-4.0.2-x86-mswin32-60 test/sanitize_html.yml
RedCloth-4.0.0-x86-mswin32-60 test/sanitize_html.yml
RedCloth-4.0.1-x86-mswin32-60 test/sanitize_html.yml
RedCloth-4.0.1 test/sanitize_html.yml
RedCloth-4.0.2 test/sanitize_html.yml
RedCloth-4.0.3 test/sanitize_html.yml