Add a couple of additional XSS tests

BUG= Review URL: https://codereview.chromium.org/2160413002 .
2024-11-05 18:22:09 +00:00 · 2016-07-19 13:37:45 -07:00 · 2016-07-19 13:37:45 -07:00 · 4db29e8fbc
commit 4db29e8fbc
parent b5c34db44c
1 changed files with 8 additions and 0 deletions
--- a/tests/html/node_validator_important_if_you_suppress_make_the_bug_critical_test.dart
+++ b/tests/html/node_validator_important_if_you_suppress_make_the_bug_critical_test.dart
@ -116,6 +116,14 @@ main() {
        validator,
        '<span>![CDATA[ some text ]]></span>');

+    testHtml('backquotes not removed',
+             validator,
+             '<img src="dice.png" alt="``onload=xss()" />');
+
+    testHtml('0x3000 not removed',
+             validator,
+             '<a href="&#x3000;javascript:alert(1)">CLICKME</a>');
+
    test('sanitizes template contents', () {
      if (!TemplateElement.supported) return;