diff options
| author | Tim Almdal <tnalmdal@shaw.ca> | 2010-01-23 23:53:16 -0800 |
|---|---|---|
| committer | Tim Almdal <tnalmdal@shaw.ca> | 2010-01-23 23:53:16 -0800 |
| commit | 3b8636e5298f61eee3d9953468ef648c36e64e5c (patch) | |
| tree | 13ad20083bd50bcf4ab74dd141785a2c8011881c | |
| parent | c39437a1929a3383e66f6bc8d6fc1a367de23f27 (diff) | |
Update the Xss_Security_Test and the Controller_Auth_Test.
| -rw-r--r-- | modules/gallery/tests/controller_auth_data.txt | 3 | ||||
| -rw-r--r-- | modules/gallery/tests/xss_data.txt | 51 |
2 files changed, 32 insertions, 22 deletions
diff --git a/modules/gallery/tests/controller_auth_data.txt b/modules/gallery/tests/controller_auth_data.txt index beabee49..da7108d8 100644 --- a/modules/gallery/tests/controller_auth_data.txt +++ b/modules/gallery/tests/controller_auth_data.txt @@ -19,6 +19,9 @@ modules/gallery/controllers/quick.php form_edit modules/gallery/controllers/simple_uploader.php start DIRTY_AUTH modules/gallery/controllers/simple_uploader.php finish DIRTY_AUTH modules/gallery/controllers/upgrader.php index DIRTY_AUTH +modules/gallery/controllers/user_profile.php show DIRTY_CSRF|DIRTY_AUTH +modules/gallery/controllers/user_profile.php contact DIRTY_AUTH +modules/gallery/controllers/user_profile.php send DIRTY_AUTH modules/gallery/controllers/welcome_message.php index DIRTY_AUTH modules/rest/controllers/rest.php access_key DIRTY_CSRF|DIRTY_AUTH modules/rest/controllers/rest.php __call DIRTY_AUTH diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index 1530c73e..a89725c0 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -43,6 +43,7 @@ modules/g2_import/views/admin_g2_import.html.php 30 DIRTY $form modules/gallery/views/admin_advanced_settings.html.php 21 DIRTY_ATTR text::alternate("g-odd","g-even") modules/gallery/views/admin_advanced_settings.html.php 22 DIRTY $var->module_name modules/gallery/views/admin_block_log_entries.html.php 4 DIRTY_ATTR log::severity_class($entry->severity) +modules/gallery/views/admin_block_log_entries.html.php 5 DIRTY_JS user_profile::url($entryr->id) modules/gallery/views/admin_block_log_entries.html.php 6 DIRTY gallery::date_time($entry->timestamp) modules/gallery/views/admin_block_log_entries.html.php 7 DIRTY $entry->message modules/gallery/views/admin_block_log_entries.html.php 8 DIRTY $entry->html @@ -66,11 +67,6 @@ modules/gallery/views/admin_graphics_graphicsmagick.html.php 18 DIRTY $tk->e modules/gallery/views/admin_graphics_imagemagick.html.php 2 DIRTY_ATTR $is_active?" g-selected":"" modules/gallery/views/admin_graphics_imagemagick.html.php 2 DIRTY_ATTR $tk->installed?" g-installed-toolkit":" g-unavailable" modules/gallery/views/admin_graphics_imagemagick.html.php 18 DIRTY $tk->error -modules/gallery/views/admin_identity.html.php 43 DIRTY access::csrf_form_field() -modules/gallery/views/admin_identity.html.php 50 DIRTY_ATTR text::alternate("g-odd","g-even") -modules/gallery/views/admin_identity.html.php 52 DIRTY form::radio($data,$module_name,$module_name==$active) -modules/gallery/views/admin_identity_confirm.html.php 3 DIRTY access::csrf_form_field() -modules/gallery/views/admin_identity_confirm.html.php 4 DIRTY form::hidden("provider",$new_provider) modules/gallery/views/admin_languages.html.php 43 DIRTY access::csrf_form_field() modules/gallery/views/admin_languages.html.php 60 DIRTY_ATTR (isset($installed_locales[$code]))?"g-available":"" modules/gallery/views/admin_languages.html.php 60 DIRTY_ATTR ($default_locale==$code)?" g-selected":"" @@ -98,10 +94,16 @@ modules/gallery/views/admin_maintenance.html.php 158 DIRTY $task- modules/gallery/views/admin_maintenance_show_log.html.php 8 DIRTY_JS url::site("admin/maintenance/save_log/$task->id?csrf=$csrf") modules/gallery/views/admin_maintenance_show_log.html.php 13 DIRTY $task->name modules/gallery/views/admin_maintenance_task.html.php 55 DIRTY $task->name -modules/gallery/views/admin_modules.html.php 10 DIRTY access::csrf_form_field() -modules/gallery/views/admin_modules.html.php 19 DIRTY_ATTR text::alternate("g-odd","g-even") -modules/gallery/views/admin_modules.html.php 22 DIRTY form::checkbox($data,'1',module::is_active($module_name)) -modules/gallery/views/admin_modules.html.php 24 DIRTY $module_info->version +modules/gallery/views/admin_modules.html.php 25 DIRTY_JS t("Continue") +modules/gallery/views/admin_modules.html.php 35 DIRTY_JS t("Continue") +modules/gallery/views/admin_modules.html.php 51 DIRTY access::csrf_form_field() +modules/gallery/views/admin_modules.html.php 60 DIRTY_ATTR text::alternate("g-odd","g-even") +modules/gallery/views/admin_modules.html.php 63 DIRTY form::checkbox($data,'1',module::is_active($module_name)) +modules/gallery/views/admin_modules.html.php 65 DIRTY $module_info->version +modules/gallery/views/admin_modules_confirm.html.php 11 DIRTY_ATTR $class +modules/gallery/views/admin_modules_confirm.html.php 11 DIRTY $message +modules/gallery/views/admin_modules_confirm.html.php 16 DIRTY access::csrf_form_field() +modules/gallery/views/admin_modules_confirm.html.php 18 DIRTY form::hidden($module,1) modules/gallery/views/admin_sidebar.html.php 50 DIRTY $available modules/gallery/views/admin_sidebar.html.php 58 DIRTY $active modules/gallery/views/admin_sidebar_blocks.html.php 4 DIRTY_ATTR $ref @@ -118,11 +120,11 @@ modules/gallery/views/admin_themes.html.php 62 DIRTY $theme modules/gallery/views/admin_themes.html.php 76 DIRTY $info->name modules/gallery/views/admin_themes.html.php 78 DIRTY $info->description modules/gallery/views/admin_themes_preview.html.php 7 DIRTY_ATTR $url -modules/gallery/views/form_uploadify.html.php 24 DIRTY_JS url::file("lib/uploadify/uploadify.swf") -modules/gallery/views/form_uploadify.html.php 25 DIRTY_JS url::site("simple_uploader/add_photo/{$album->id}") -modules/gallery/views/form_uploadify.html.php 29 DIRTY_JS url::file("lib/uploadify/cancel.png") -modules/gallery/views/form_uploadify.html.php 30 DIRTY_JS $simultaneous_upload_limit -modules/gallery/views/form_uploadify.html.php 55 DIRTY_JS t("Completed") +modules/gallery/views/form_uploadify.html.php 30 DIRTY_JS url::file("lib/uploadify/uploadify.swf") +modules/gallery/views/form_uploadify.html.php 31 DIRTY_JS url::site("simple_uploader/add_photo/{$album->id}") +modules/gallery/views/form_uploadify.html.php 35 DIRTY_JS url::file("lib/uploadify/cancel.png") +modules/gallery/views/form_uploadify.html.php 36 DIRTY_JS $simultaneous_upload_limit +modules/gallery/views/form_uploadify.html.php 61 DIRTY_JS t("Completed") modules/gallery/views/in_place_edit.html.php 2 DIRTY form::open($action,array("method"=>"post","id"=>"g-in-place-edit-form","class"=>"g-short-form"),$hidden) modules/gallery/views/in_place_edit.html.php 5 DIRTY form::input("input",$form["input"]," class=\"textbox\"") modules/gallery/views/in_place_edit.html.php 12 DIRTY form::close() @@ -217,6 +219,10 @@ modules/gallery/views/upgrader.html.php 77 DIRTY $modul modules/gallery/views/upgrader.html.php 99 DIRTY_ATTR $done?"muted":"" modules/gallery/views/upgrader.html.php 102 DIRTY_ATTR $done?"muted":"" modules/gallery/views/user_languages_block.html.php 2 DIRTY form::dropdown("g-select-session-locale",$installed_locales,$selected) +modules/gallery/views/user_profile.html.php 35 DIRTY_ATTR $height +modules/gallery/views/user_profile.html.php 44 DIRTY $field +modules/gallery/views/user_profile.html.php 45 DIRTY $value +modules/gallery/views/user_profile.html.php 65 DIRTY_JS $return->for_html_attr() modules/image_block/views/image_block_block.html.php 3 DIRTY_JS $item->url() modules/image_block/views/image_block_block.html.php 4 DIRTY $item->thumb_img(array("class"=>"g-thumbnail")) modules/info/views/info_block.html.php 22 DIRTY date("M j, Y H:i:s",$item->captured) @@ -326,14 +332,15 @@ themes/admin_wind/views/admin.html.php 16 DIRTY_JS $theme themes/admin_wind/views/admin.html.php 33 DIRTY $theme->admin_head() themes/admin_wind/views/admin.html.php 37 DIRTY $theme->admin_page_top() themes/admin_wind/views/admin.html.php 45 DIRTY $theme->admin_header_top() -themes/admin_wind/views/admin.html.php 60 DIRTY_JS item::root()->url() -themes/admin_wind/views/admin.html.php 64 DIRTY $theme->admin_menu() -themes/admin_wind/views/admin.html.php 66 DIRTY $theme->admin_header_bottom() -themes/admin_wind/views/admin.html.php 73 DIRTY $content -themes/admin_wind/views/admin.html.php 79 DIRTY $sidebar -themes/admin_wind/views/admin.html.php 84 DIRTY $theme->admin_footer() -themes/admin_wind/views/admin.html.php 86 DIRTY $theme->admin_credits() -themes/admin_wind/views/admin.html.php 90 DIRTY $theme->admin_page_bottom() +themes/admin_wind/views/admin.html.php 46 DIRTY_JS item::root()->url() +themes/admin_wind/views/admin.html.php 49 DIRTY $theme->user_menu() +themes/admin_wind/views/admin.html.php 51 DIRTY $theme->admin_menu() +themes/admin_wind/views/admin.html.php 53 DIRTY $theme->admin_header_bottom() +themes/admin_wind/views/admin.html.php 60 DIRTY $content +themes/admin_wind/views/admin.html.php 66 DIRTY $sidebar +themes/admin_wind/views/admin.html.php 71 DIRTY $theme->admin_footer() +themes/admin_wind/views/admin.html.php 73 DIRTY $theme->admin_credits() +themes/admin_wind/views/admin.html.php 77 DIRTY $theme->admin_page_bottom() themes/admin_wind/views/block.html.php 3 DIRTY_ATTR $anchor themes/admin_wind/views/block.html.php 5 DIRTY $id themes/admin_wind/views/block.html.php 5 DIRTY_ATTR $css_id |