Hi all, Cucumber has a way to add abitrary content into the test report. It embeds base64 encoded content and a mime type.
The majority of the time this is used for images which could then be embedded into the report. However it may not be images and could be HTML with links to evil.js In some respects this is no different to browsing the workspace - however with the WS what you are going to get is obvious ahead of time. At the moment all I can think of is dispokay anything that is image/* inline and everything else serve as application/octect-stream via a link to force non display in the browser. Any other suggestions? /james -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
