Some TESTING
I've been using something like this as test page content:
====================================
BW version {version}
HTML chars test:
mdash—mdash nbsp nbsp
special HTML character test:
"begin: string test a < b > c & d 'xyz' end."
variable test:
abc = $abc plink = $pageLink
snippet test:
sitename = $$sitename
embed script test:
<embed xss>
script test:
<script>alert("Hello")</script>
info update test:
name: 33333
[form]
[text name size=50]
[submit]
[session info "field=name value='{=name}'"]
[form]
=========================================
the embed.xss page got this content:
===============================
<script>alert("Javascript alert!")</script>
===============================
Then I check the page file to see if it saves okay.
I do some info var updates, to see if that corrupts the page file,
or for trying simple XSS attacks.
Then I check the HTML source to see how characters are encoded or not.
~Hans
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"BoltWire" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/boltwire?hl=en
-~----------~----~----~----~------~----~------~--~---
