Revision: 5502
Author: [email protected]
Date: Wed Jul 24 11:20:09 2013
Log: Added testcase for issue 1804 -- extraneous commas and brackets
in selectors
https://codereview.appspot.com/11507048
https://code.google.com/p/google-caja/issues/detail?id=1804
lexCss/sanitizeCssSelectors will not handle the following cases correctly:
"a," or ",a" or "," -- drops comma silently
"bad[" -- throws an internal error rather than invoking
opt_onUntranslatableSelector
[email protected]
http://code.google.com/p/google-caja/source/detail?r=5502
Modified:
/trunk/src/com/google/caja/plugin/sanitizecss.js
/trunk/tests/com/google/caja/plugin/CssLexerTest.java
/trunk/tests/com/google/caja/plugin/csslexer-test.js
/trunk/tests/com/google/caja/plugin/sanitizecss_test.js
=======================================
--- /trunk/src/com/google/caja/plugin/sanitizecss.js Wed Jul 24 10:50:28
2013
+++ /trunk/src/com/google/caja/plugin/sanitizecss.js Wed Jul 24 11:20:09
2013
@@ -472,7 +472,7 @@
} else {
valid = false;
}
- } else if (start < end && selectors[start] === '[') {
+ } else if (start + 1 < end && selectors[start] === '[') {
++start;
var attr = selectors[start++].toLowerCase();
var atype = html4.ATTRIBS[element + '::' + attr];
@@ -560,6 +560,8 @@
} else {
break;
}
+ } else {
+ break; // Unrecognized token.
}
}
if (start !== end) { // Tokens not consumed.
=======================================
--- /trunk/tests/com/google/caja/plugin/CssLexerTest.java Tue Oct 18
15:14:25 2011
+++ /trunk/tests/com/google/caja/plugin/CssLexerTest.java Wed Jul 24
11:20:09 2013
@@ -23,7 +23,7 @@
* @author [email protected]
*/
public final class CssLexerTest extends CajaTestCase {
- public final void testHtmlSanitizer() throws Exception {
+ public final void testCssLexer() throws Exception {
RhinoTestBed.runJsUnittestFromHtml(
html(fromResource("csslexer-test.html")));
}
=======================================
--- /trunk/tests/com/google/caja/plugin/csslexer-test.js Thu Jan 19
09:04:11 2012
+++ /trunk/tests/com/google/caja/plugin/csslexer-test.js Wed Jul 24
11:20:09 2013
@@ -965,3 +965,11 @@
'url("")');
jsunit.pass();
});
+
+jsunitRegister('testIssue1804', function testIssue1804() {
+ assertLexedCss(',', ',');
+ assertLexedCss('a,', 'a', ',');
+ assertLexedCss(',a', ',', 'a');
+ assertLexedCss('bad[ ]', 'bad', '[', ' ', ']');
+ jsunit.pass();
+});
=======================================
--- /trunk/tests/com/google/caja/plugin/sanitizecss_test.js Wed Jul 24
10:50:28 2013
+++ /trunk/tests/com/google/caja/plugin/sanitizecss_test.js Wed Jul 24
11:20:09 2013
@@ -388,3 +388,11 @@
jsunit.pass();
});
+
+jsunitRegister('testIssue1804', function testIssue1804() {
+ assertSelector("a,", "sfx", [[".sfx a"], []]);
+ assertSelector(",a", "sfx", [[".sfx a"], []]);
+ assertSelector(",", "sfx", [[], []]);
+ assertSelector("a[", "sfx", [[], []]);
+ jsunit.pass();
+});
--
---
You received this message because you are subscribed to the Google Groups "Google Caja Discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
