From d5f0a2a0087624b5d7edd55a975d943b16c645ac Mon Sep 17 00:00:00 2001 From: Kamil Date: Fri, 27 Sep 2024 15:10:35 +0200 Subject: [PATCH] #2992 Prevent XSS for body request: - added cases test to BodyXssUtilsTest; --- .../web/security/BodyXssUtilsTest.java | 8 +++++ .../scada_lts/web/security/XssUtilsTest.java | 30 +++++++++++++++++++ 2 files changed, 38 insertions(+) diff --git a/test/org/scada_lts/web/security/BodyXssUtilsTest.java b/test/org/scada_lts/web/security/BodyXssUtilsTest.java index dc099a73b..c475d210d 100644 --- a/test/org/scada_lts/web/security/BodyXssUtilsTest.java +++ b/test/org/scada_lts/web/security/BodyXssUtilsTest.java @@ -136,6 +136,14 @@ public static Collection data() { " font-size: 2em !important;\n" + " display: inline-block !important;\n" + " line-height: 1 !important; \n" + + "}", true}, + {"#top-description-container {\n" + + " display: flex;\n" + + " align-items: flex-end;\n" + + " justify-content: center;\n" + + "}", true}, + {"#top-description-container {\n" + + " display: flex;\n" + "}", true} }); } diff --git a/test/org/scada_lts/web/security/XssUtilsTest.java b/test/org/scada_lts/web/security/XssUtilsTest.java index c371443fa..3412c4f37 100644 --- a/test/org/scada_lts/web/security/XssUtilsTest.java +++ b/test/org/scada_lts/web/security/XssUtilsTest.java @@ -115,6 +115,36 @@ public static Collection data() { {"param1=document.location", false}, {"param1=document.location/script>", false}, {"param1=document.location