Commit Graph

1140 Commits

Author SHA1 Message Date
El RIDO a0740ff79f
getting rid of htmlEntities (except for tests) and setElementText (dropping IE9 support), changing urls2links interface, all to avoid double encoding sanitized HTML 2017-11-22 22:27:38 +01:00
El RIDO d0cccce7a8
removing patterns that don't get sanitized, but also don't get interpreted when inserted into the HTML 2017-11-22 20:49:23 +01:00
rugk 56f4ee5c20
Revert "Try to move sanitisation & links into setElementText"
This reverts commit 8d2e19f791.
2017-11-22 16:48:54 +01:00
rugk 8d2e19f791
Try to move sanitisation & links into setElementText 2017-11-22 16:48:00 +01:00
rugk 3d2dbabaec
add some more tests from OWASP 2017-11-22 15:41:49 +01:00
El RIDO 9fa2ea3373
ensuring text is sanitized in all cases, before being injected into the DOM 2017-11-22 08:05:06 +01:00
El RIDO 2d00202b42
correcting the XSS test, commenting two failing patterns, to be reviewed by @rugk 2017-11-22 07:03:29 +01:00
El RIDO 233bd65b00
Merge branch 'master' into sanitizeMarkdown, changing test to use new library 2017-11-22 06:30:38 +01:00
El RIDO f2628a0bf3
added a test for #183, fails at this point, #258 should fix this 2017-11-22 06:15:09 +01:00
El RIDO e40da8b1a6
Merge branch 'js-unit-testing' 2017-11-22 05:33:24 +01:00
rugk bbec693cab
Allow DOMPurify as a global 2017-11-21 22:26:02 +01:00
rugk b6d7d56774
Sanitize HTML code
using DOMPurify v1.0.2
Fixes https://github.com/PrivateBin/PrivateBin/issues/183
2017-11-21 21:22:51 +01:00
rugk bccb349226
adjust .gitignore to use new config file name 2017-11-21 20:02:22 +01:00
El RIDO 35ea65b797
handling JSVerify RNG state 89fdc94018a35b672e 2017-11-21 10:56:58 +01:00
El RIDO c6ddee317d
adding tests for PasteViewer class 2017-11-21 10:53:33 +01:00
El RIDO 10ee37b35c
handling JSVerify RNG state 08a74d310cfb58269e 2017-11-20 09:43:35 +01:00
El RIDO af073c9ca1
adding tests for Editor class 2017-11-20 09:37:43 +01:00
El RIDO 5a2bb1993d
handling JSVerify RNG state 82fb7d20c918a6e543 2017-11-20 08:58:53 +01:00
El RIDO 360a0921e2
adding tests for Prompt class, typos 2017-11-20 08:49:25 +01:00
El RIDO 984941f901
adding test for hiding messages 2017-11-16 09:04:27 +01:00
El RIDO 9d1a9a0da7
fixing paste success message handling in page template 2017-11-16 08:57:08 +01:00
El RIDO b1e1878861
fully testing remaining time display function 2017-11-16 08:50:38 +01:00
El RIDO 73bc685178
fixing error message display revealed by testing remaining time display function 2017-11-14 06:52:12 +01:00
El RIDO 86ecdb1155
fixing post increment 2017-11-13 22:15:14 +01:00
El RIDO 4652b5af7b
preferring pre-increment StyleCI recommendation 2017-11-13 22:12:31 +01:00
El RIDO 478cf288b4
implementing StyleCI recommendations 2017-11-13 22:05:29 +01:00
El RIDO c2133cfa7e
Merge branch 'master' into js-unit-testing 2017-11-13 22:02:15 +01:00
El RIDO 0cfb019615
handling JSVerify RNG state 0b2b38c4ef690d1a57 2017-11-13 22:00:26 +01:00
El RIDO 6c8f57f91f
making PasteStatus testable, adding test for paste creation notification 2017-11-13 21:57:49 +01:00
El RIDO e51aa7c80f
increasing coverage (by three lines) 2017-11-13 20:44:11 +01:00
El RIDO 9af4a4e2f5
handling JSVerify RNG states 08a8fd9e23076415bc & 8623a0cde74fb19568 2017-11-04 09:02:05 +01:00
El RIDO 01a6c0142a
adding test for alert handler 2017-11-04 08:59:31 +01:00
El RIDO c6e0f2d223
adding test for hiding messages 2017-11-04 07:44:42 +01:00
El RIDO 1fd13981d4
adding test for hiding loading indicator 2017-11-04 07:40:26 +01:00
El RIDO 29419d03cd
avoid logs polluting the unit test output 2017-10-30 07:04:59 +01:00
El RIDO 751731414e
adding test for loading indicator 2017-10-30 06:53:15 +01:00
El RIDO 87e88e3159
linking to pastebin wiki article for explanation 2017-10-29 08:09:27 +01:00
El RIDO 9c6aec86c4
making Alert class resetable and adding first tests for it 2017-10-23 21:33:07 +02:00
El RIDO d75cea856a
concluding UiHelper tests that are possible in headless jsdom at this time 2017-10-23 05:34:55 +02:00
El RIDO ef6b6816b0
implemented test, but again not supported yet by jsdom 2017-10-22 16:26:41 +02:00
El RIDO 4410ddcd84
adding tests for UiHelper.reloadHome, making UiHelper unit testable and handling JSVerify RNG states 846932d5afb10ce748 & 012c1f9483adb6e750 2017-10-22 13:39:23 +02:00
El RIDO cbcc26ec37
fixing false positive with RNG state 0bc96fe3b8d170254a 2017-10-22 10:55:28 +02:00
El RIDO 4cb21350a0
TravisCI can be a bit slow (locally this test takes 386ms) 2017-10-22 10:45:41 +02:00
El RIDO 414693fa90
testing both cases of the logic required for #167 2017-10-22 10:39:18 +02:00
El RIDO 6dbb098d7a
had to introduce a mock function to test the historyChange state 2017-10-22 09:56:44 +02:00
El RIDO 379571d522
Merge branch 'master' into js-unit-testing 2017-10-22 08:10:49 +02:00
El RIDO 502e96c129
StyleCI recommendations 2017-10-08 19:23:33 +02:00
El RIDO a5d5f6066a
refactoring as recommended by Scrutinizer 2017-10-08 19:16:09 +02:00
El RIDO 81ac232710
increasing timeouts for travisCI, that seems to have gotten slower 2017-10-08 17:29:07 +02:00
El RIDO cd5fded4a4
adapting configuration test generator to new INI model and point release support 2017-10-08 17:11:33 +02:00