diff options
Diffstat (limited to 'modules/gallery/tests/xss_data.txt')
| -rw-r--r-- | modules/gallery/tests/xss_data.txt | 34 |
1 files changed, 16 insertions, 18 deletions
diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index a89725c0..65b45a08 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -34,19 +34,21 @@ modules/comment/views/comment.mrss.php 35 DIRTY_ATTR $chi modules/comment/views/comment.mrss.php 35 DIRTY_ATTR $child->thumb_width modules/comment/views/comments.html.php 16 DIRTY_ATTR $comment->id modules/comment/views/comments.html.php 19 DIRTY_ATTR $comment->author()->avatar_url(40,$theme->url(,true)) +modules/comment/views/user_profile_comments.html.php 5 DIRTY_ATTR $comment->id +modules/comment/views/user_profile_comments.html.php 10 DIRTY_JS $comment->item()->url() +modules/comment/views/user_profile_comments.html.php 11 DIRTY $comment->item()->thumb_img(array(),50) modules/digibug/views/digibug_form.html.php 4 DIRTY form::open("http://www.digibug.com/dapi/order.php") -modules/digibug/views/digibug_form.html.php 5 DIRTY form::hidden($order_parms) -modules/digibug/views/digibug_form.html.php 6 DIRTY form::close() +modules/digibug/views/digibug_form.html.php 6 DIRTY form::hidden($key,$value) modules/exif/views/exif_dialog.html.php 14 DIRTY $details[$i]["caption"] modules/exif/views/exif_dialog.html.php 21 DIRTY $details[$i]["caption"] modules/g2_import/views/admin_g2_import.html.php 30 DIRTY $form modules/gallery/views/admin_advanced_settings.html.php 21 DIRTY_ATTR text::alternate("g-odd","g-even") modules/gallery/views/admin_advanced_settings.html.php 22 DIRTY $var->module_name modules/gallery/views/admin_block_log_entries.html.php 4 DIRTY_ATTR log::severity_class($entry->severity) -modules/gallery/views/admin_block_log_entries.html.php 5 DIRTY_JS user_profile::url($entryr->id) -modules/gallery/views/admin_block_log_entries.html.php 6 DIRTY gallery::date_time($entry->timestamp) -modules/gallery/views/admin_block_log_entries.html.php 7 DIRTY $entry->message -modules/gallery/views/admin_block_log_entries.html.php 8 DIRTY $entry->html +modules/gallery/views/admin_block_log_entries.html.php 8 DIRTY_JS user_profile::url($entry->user->id) +modules/gallery/views/admin_block_log_entries.html.php 10 DIRTY gallery::date_time($entry->timestamp) +modules/gallery/views/admin_block_log_entries.html.php 11 DIRTY $entry->message +modules/gallery/views/admin_block_log_entries.html.php 12 DIRTY $entry->html modules/gallery/views/admin_block_news.html.php 5 DIRTY_JS $entry["link"] modules/gallery/views/admin_block_news.html.php 5 DIRTY $entry["title"] modules/gallery/views/admin_block_news.html.php 7 DIRTY text::limit_words(strip_tags($entry["description"]),25); @@ -94,13 +96,11 @@ modules/gallery/views/admin_maintenance.html.php 158 DIRTY $task- modules/gallery/views/admin_maintenance_show_log.html.php 8 DIRTY_JS url::site("admin/maintenance/save_log/$task->id?csrf=$csrf") modules/gallery/views/admin_maintenance_show_log.html.php 13 DIRTY $task->name modules/gallery/views/admin_maintenance_task.html.php 55 DIRTY $task->name -modules/gallery/views/admin_modules.html.php 25 DIRTY_JS t("Continue") -modules/gallery/views/admin_modules.html.php 35 DIRTY_JS t("Continue") modules/gallery/views/admin_modules.html.php 51 DIRTY access::csrf_form_field() modules/gallery/views/admin_modules.html.php 60 DIRTY_ATTR text::alternate("g-odd","g-even") modules/gallery/views/admin_modules.html.php 63 DIRTY form::checkbox($data,'1',module::is_active($module_name)) modules/gallery/views/admin_modules.html.php 65 DIRTY $module_info->version -modules/gallery/views/admin_modules_confirm.html.php 11 DIRTY_ATTR $class +modules/gallery/views/admin_modules_confirm.html.php 11 DIRTY_ATTR $css_class modules/gallery/views/admin_modules_confirm.html.php 11 DIRTY $message modules/gallery/views/admin_modules_confirm.html.php 16 DIRTY access::csrf_form_field() modules/gallery/views/admin_modules_confirm.html.php 18 DIRTY form::hidden($module,1) @@ -124,11 +124,9 @@ modules/gallery/views/form_uploadify.html.php 30 DIRTY_JS url::f modules/gallery/views/form_uploadify.html.php 31 DIRTY_JS url::site("simple_uploader/add_photo/{$album->id}") modules/gallery/views/form_uploadify.html.php 35 DIRTY_JS url::file("lib/uploadify/cancel.png") modules/gallery/views/form_uploadify.html.php 36 DIRTY_JS $simultaneous_upload_limit -modules/gallery/views/form_uploadify.html.php 61 DIRTY_JS t("Completed") -modules/gallery/views/in_place_edit.html.php 2 DIRTY form::open($action,array("method"=>"post","id"=>"g-in-place-edit-form","class"=>"g-short-form"),$hidden) -modules/gallery/views/in_place_edit.html.php 5 DIRTY form::input("input",$form["input"]," class=\"textbox\"") -modules/gallery/views/in_place_edit.html.php 12 DIRTY form::close() -modules/gallery/views/in_place_edit.html.php 14 DIRTY $errors["input"] +modules/gallery/views/in_place_edit.html.php 2 DIRTY form::open($action,array("method"=>"post","id"=>"g-in-place-edit-form","class"=>"g-short-form")) +modules/gallery/views/in_place_edit.html.php 3 DIRTY access::csrf_form_field() +modules/gallery/views/in_place_edit.html.php 6 DIRTY form::input("input",$form["input"]," class=\"textbox\"") modules/gallery/views/kohana_error_page.php 102 DIRTY $message modules/gallery/views/kohana_error_page.php 116 DIRTY $trace modules/gallery/views/kohana_profiler.php 32 DIRTY $profile->render(); @@ -219,10 +217,8 @@ modules/gallery/views/upgrader.html.php 77 DIRTY $modul modules/gallery/views/upgrader.html.php 99 DIRTY_ATTR $done?"muted":"" modules/gallery/views/upgrader.html.php 102 DIRTY_ATTR $done?"muted":"" modules/gallery/views/user_languages_block.html.php 2 DIRTY form::dropdown("g-select-session-locale",$installed_locales,$selected) -modules/gallery/views/user_profile.html.php 35 DIRTY_ATTR $height -modules/gallery/views/user_profile.html.php 44 DIRTY $field -modules/gallery/views/user_profile.html.php 45 DIRTY $value -modules/gallery/views/user_profile.html.php 65 DIRTY_JS $return->for_html_attr() +modules/gallery/views/user_profile.html.php 36 DIRTY_ATTR $user->avatar_url(40,$theme->url(,true)) +modules/gallery/views/user_profile.html.php 47 DIRTY $info->view modules/image_block/views/image_block_block.html.php 3 DIRTY_JS $item->url() modules/image_block/views/image_block_block.html.php 4 DIRTY $item->thumb_img(array("class"=>"g-thumbnail")) modules/info/views/info_block.html.php 22 DIRTY date("M j, Y H:i:s",$item->captured) @@ -235,6 +231,8 @@ modules/notification/views/item_deleted.html.php 18 DIRTY_JS $item- modules/notification/views/item_deleted.html.php 19 DIRTY $item->parent()->abs_url() modules/notification/views/item_updated.html.php 20 DIRTY_JS $item->abs_url() modules/notification/views/item_updated.html.php 20 DIRTY $item->abs_url() +modules/notification/views/user_profile_notification.html.php 5 DIRTY_ATTR $subscription->id +modules/notification/views/user_profile_notification.html.php 6 DIRTY_JS $subscription->url modules/organize/views/organize_dialog.html.php 3 DIRTY_JS url::site("organize/move_to/__ALBUM_ID__?csrf=$csrf") modules/organize/views/organize_dialog.html.php 4 DIRTY_JS url::site("organize/rearrange/__TARGET_ID__/__BEFORE__?csrf=$csrf") modules/organize/views/organize_dialog.html.php 5 DIRTY_JS url::site("organize/sort_order/__ALBUM_ID__/__COL__/__DIR__?csrf=$csrf") |