diff options
| author | Aleksander Machniak <alec@alec.pl> | 2014-02-05 20:18:51 +0100 |
|---|---|---|
| committer | Aleksander Machniak <alec@alec.pl> | 2014-02-05 20:18:51 +0100 |
| commit | b37954110d2184279a7f400d8750996a27b8f666 (patch) | |
| tree | 0a0b3d1ecd72c157b4d229cb4ecd9ed928198b32 /tests/src/htmlxss.txt | |
| parent | e445e0acb558b2c4805cef3ed13c84139962a5b3 (diff) | |
Bring back unit tests (they should be removed when creating a package)
Diffstat (limited to 'tests/src/htmlxss.txt')
| -rw-r--r-- | tests/src/htmlxss.txt | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/tests/src/htmlxss.txt b/tests/src/htmlxss.txt new file mode 100644 index 000000000..f6c43e353 --- /dev/null +++ b/tests/src/htmlxss.txt @@ -0,0 +1,22 @@ +<html> +<body> + +<p><img onLoad.="alert(document.cookie)" src="skins/default/images/roundcube_logo.png" /></p> + +<p><a href="mailto:xss@somehost.net') && alert(document.cookie) || ignore('">mail me!</a> +<a href="http://roundcube.net" target="_self">roundcube.net</a> +<a href="http://roundcube.net" \onmouseover="alert('XSS')">roundcube.net (2)</a> + +</p> + +<div>Brilliant!</div> + +<table><tbody><tr><td background="javascript:alert('XSS')">BBBBBB</td></tr></tbody></table> + +<p> +Have a nice Christmas time.<br /> +Thomas +</p> + +</body> +</html> |