smallsolar
/
libkiwix
mirror of https://github.com/kiwix/libkiwix.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add some tests to emulate XSS attack

This commit is contained in:
Nikhil Tanwar 2022-03-02 00:21:24 +05:30 committed by Kelson
parent 8136138492
commit 04d682486a
1 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
test/server.cpp
View File

@ -512,6 +512,30 @@ TEST_F(ServerTest, 404WithBodyTesting)
</p> </p>
)" }, )" },
{ /* url */ R"(/ROOT/"><svg onload=alert(1)>)",
/* expected body */ R"(
<h1>Not Found</h1>
<p>
The requested URL "/ROOT/&quot;&gt;&lt;svg onload=alert(1)&gt;" was not found on this server.
</p>
<p>
Make a full text search for <a href="/ROOT/search?pattern=%22%3E%3Csvg%20onload%3Dalert(1)%3E">&quot;&gt;&lt;svg onload=alert(1)&gt;</a>
</p>
)" },
{ /* url */ R"(/ROOT/zimfile/"><svg onload=alert(1)>)",
/* book name */ "zimfile",
/* book title */ "Ray Charles",
/* expected body */ R"(
<h1>Not Found</h1>
<p>
The requested URL "/ROOT/zimfile/&quot;&gt;&lt;svg onload=alert(1)&gt;" was not found on this server.
</p>
<p>
Make a full text search for <a href="/ROOT/search?content=zimfile&pattern=%22%3E%3Csvg%20onload%3Dalert(1)%3E">&quot;&gt;&lt;svg onload=alert(1)&gt;</a>
</p>
)" },
{ /* url */ "/ROOT/raw/no-such-book/meta/Title", { /* url */ "/ROOT/raw/no-such-book/meta/Title",
/* expected body */ R"( /* expected body */ R"(
<h1>Not Found</h1> <h1>Not Found</h1>