From 4fe5801c885088e5e6c11b8a20a561415941b864 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Wed, 18 Nov 2009 10:34:39 -0800 Subject: Simplify the maintenance of the xss golden file by having each module contibute its own golden file to a consolidated one. This will make it easier for -contrib modules or themes to be included in the xss security test w/o having to keep modifying a central golden file. --- themes/admin_wind/tests/xss_data.txt | 22 +++++++++++++++++++ themes/wind/tests/xss_data.txt | 41 ++++++++++++++++++++++++++++++++++++ 2 files changed, 63 insertions(+) create mode 100644 themes/admin_wind/tests/xss_data.txt create mode 100644 themes/wind/tests/xss_data.txt (limited to 'themes') diff --git a/themes/admin_wind/tests/xss_data.txt b/themes/admin_wind/tests/xss_data.txt new file mode 100644 index 00000000..cf60bd12 --- /dev/null +++ b/themes/admin_wind/tests/xss_data.txt @@ -0,0 +1,22 @@ +themes/admin_wind/views/admin.html.php 16 DIRTY_JS $theme->url() +themes/admin_wind/views/admin.html.php 33 DIRTY $theme->admin_head() +themes/admin_wind/views/admin.html.php 37 DIRTY $theme->admin_page_top() +themes/admin_wind/views/admin.html.php 45 DIRTY $theme->admin_header_top() +themes/admin_wind/views/admin.html.php 60 DIRTY_JS item::root()->url() +themes/admin_wind/views/admin.html.php 64 DIRTY $theme->admin_menu() +themes/admin_wind/views/admin.html.php 66 DIRTY $theme->admin_header_bottom() +themes/admin_wind/views/admin.html.php 73 DIRTY $content +themes/admin_wind/views/admin.html.php 79 DIRTY $sidebar +themes/admin_wind/views/admin.html.php 84 DIRTY $theme->admin_footer() +themes/admin_wind/views/admin.html.php 86 DIRTY $theme->admin_credits() +themes/admin_wind/views/admin.html.php 90 DIRTY $theme->admin_page_bottom() +themes/admin_wind/views/block.html.php 3 DIRTY_ATTR $anchor +themes/admin_wind/views/block.html.php 5 DIRTY $id +themes/admin_wind/views/block.html.php 5 DIRTY_ATTR $css_id +themes/admin_wind/views/block.html.php 13 DIRTY $title +themes/admin_wind/views/block.html.php 16 DIRTY $content +themes/admin_wind/views/pager.html.php 13 DIRTY_JS str_replace('{page}',1,$url) +themes/admin_wind/views/pager.html.php 20 DIRTY_JS str_replace('{page}',$previous_page,$url) +themes/admin_wind/views/pager.html.php 27 DIRTY $from_to_msg +themes/admin_wind/views/pager.html.php 30 DIRTY_JS str_replace('{page}',$next_page,$url) +themes/admin_wind/views/pager.html.php 37 DIRTY_JS str_replace('{page}',$last_page,$url) diff --git a/themes/wind/tests/xss_data.txt b/themes/wind/tests/xss_data.txt new file mode 100644 index 00000000..a57df6e8 --- /dev/null +++ b/themes/wind/tests/xss_data.txt @@ -0,0 +1,41 @@ +themes/wind/views/album.html.php 16 DIRTY_ATTR $child->id +themes/wind/views/album.html.php 16 DIRTY_ATTR $item_class +themes/wind/views/album.html.php 18 DIRTY_JS $child->url() +themes/wind/views/album.html.php 19 DIRTY $child->thumb_img(array("class"=>"g-thumbnail")) +themes/wind/views/album.html.php 23 DIRTY_ATTR $item_class +themes/wind/views/album.html.php 24 DIRTY_JS $child->url() +themes/wind/views/album.html.php 42 DIRTY $theme->paginator() +themes/wind/views/block.html.php 3 DIRTY_ATTR $anchor +themes/wind/views/block.html.php 5 DIRTY_ATTR $css_id +themes/wind/views/block.html.php 6 DIRTY $title +themes/wind/views/block.html.php 8 DIRTY $content +themes/wind/views/dynamic.html.php 11 DIRTY_ATTR $child->is_album()?"g-album":"" +themes/wind/views/dynamic.html.php 13 DIRTY_JS $child->url() +themes/wind/views/dynamic.html.php 14 DIRTY_ATTR $child->id +themes/wind/views/dynamic.html.php 15 DIRTY_ATTR $child->thumb_url() +themes/wind/views/dynamic.html.php 16 DIRTY_ATTR $child->thumb_width +themes/wind/views/dynamic.html.php 17 DIRTY_ATTR $child->thumb_height +themes/wind/views/dynamic.html.php 29 DIRTY $theme->paginator() +themes/wind/views/movie.html.php 5 DIRTY $theme->paginator() +themes/wind/views/movie.html.php 8 DIRTY $item->movie_img(array("class"=>"g-movie","id"=>"g-movie-id-{$item->id}")) +themes/wind/views/page.html.php 9 DIRTY $page_title +themes/wind/views/page.html.php 33 DIRTY_JS $theme->url() +themes/wind/views/page.html.php 42 DIRTY $new_width +themes/wind/views/page.html.php 43 DIRTY $new_height +themes/wind/views/page.html.php 44 DIRTY $thumb_proportion +themes/wind/views/page.html.php 81 DIRTY $header_text +themes/wind/views/page.html.php 83 DIRTY_JS item::root()->url() +themes/wind/views/page.html.php 87 DIRTY $theme->user_menu() +themes/wind/views/page.html.php 104 DIRTY_JS $parent->url($parent==$theme->item()->parent()?"show={$theme->item()->id}":null) +themes/wind/views/page.html.php 120 DIRTY $content +themes/wind/views/page.html.php 126 DIRTY newView("sidebar.html") +themes/wind/views/page.html.php 133 DIRTY $footer_text +themes/wind/views/paginator.html.php 33 DIRTY_JS $first_page_url +themes/wind/views/paginator.html.php 42 DIRTY_JS $previous_page_url +themes/wind/views/paginator.html.php 70 DIRTY_JS $next_page_url +themes/wind/views/paginator.html.php 79 DIRTY_JS $last_page_url +themes/wind/views/photo.html.php 8 DIRTY_JS $theme->item()->width +themes/wind/views/photo.html.php 8 DIRTY_JS $theme->item()->height +themes/wind/views/photo.html.php 18 DIRTY $theme->paginator() +themes/wind/views/photo.html.php 23 DIRTY_JS $item->file_url() +themes/wind/views/photo.html.php 25 DIRTY $item->resize_img(array("id"=>"g-photo-id-{$item->id}","class"=>"g-resize")) -- cgit v1.2.3