summaryrefslogtreecommitdiffstats
path: root/intl/uconv/tests/unit/test_bug601429.js
diff options
context:
space:
mode:
authorMatt A. Tobin <mattatobin@localhost.localdomain>2018-02-02 04:16:08 -0500
committerMatt A. Tobin <mattatobin@localhost.localdomain>2018-02-02 04:16:08 -0500
commit5f8de423f190bbb79a62f804151bc24824fa32d8 (patch)
tree10027f336435511475e392454359edea8e25895d /intl/uconv/tests/unit/test_bug601429.js
parent49ee0794b5d912db1f95dce6eb52d781dc210db5 (diff)
downloadUXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.gz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.lz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.xz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.zip
Add m-esr52 at 52.6.0
Diffstat (limited to 'intl/uconv/tests/unit/test_bug601429.js')
-rw-r--r--intl/uconv/tests/unit/test_bug601429.js78
1 files changed, 78 insertions, 0 deletions
diff --git a/intl/uconv/tests/unit/test_bug601429.js b/intl/uconv/tests/unit/test_bug601429.js
new file mode 100644
index 000000000..42b536f3e
--- /dev/null
+++ b/intl/uconv/tests/unit/test_bug601429.js
@@ -0,0 +1,78 @@
+// Tests whether characters above 0x7F decode to ASCII characters liable to
+// expose XSS vulnerabilities
+load('CharsetConversionTests.js');
+
+function run_test() {
+ var failures = false;
+ var decodingConverter = CreateScriptableConverter();
+
+ var decoders = [
+ "Big5",
+ "Big5-HKSCS",
+ "EUC-JP",
+ "EUC-KR",
+ "gb18030",
+ "IBM866",
+ "ISO-2022-JP",
+ "ISO-8859-1",
+ "ISO-8859-2",
+ "ISO-8859-3",
+ "ISO-8859-4",
+ "ISO-8859-5",
+ "ISO-8859-6",
+ "ISO-8859-7",
+ "ISO-8859-8",
+ "ISO-8859-8-I",
+ "ISO-8859-10",
+ "ISO-8859-13",
+ "ISO-8859-14",
+ "ISO-8859-15",
+ "ISO-8859-16",
+ "KOI8-R",
+ "KOI8-U",
+ "Shift_JIS",
+ "windows-1250",
+ "windows-1251",
+ "windows-1252",
+ "windows-1253",
+ "windows-1254",
+ "windows-1255",
+ "windows-1256",
+ "windows-1257",
+ "windows-1258",
+ "windows-874",
+ "macintosh",
+ "x-mac-cyrillic",
+ "x-user-defined",
+ "UTF-8"
+ ];
+
+ var counter = 0;
+ while (counter < decoders.length) {
+ var charset = decoders[counter++];
+ dump("testing " + counter + " " + charset + "\n");
+
+ decodingConverter.charset = charset;
+ for (var i = 0x80; i < 0x100; ++i) {
+ var inString = String.fromCharCode(i);
+ var outString;
+ try {
+ outString = decodingConverter.ConvertToUnicode(inString) +
+ decodingConverter.Finish();
+ } catch(e) {
+ outString = String.fromCharCode(0xFFFD);
+ }
+ for (var n = 0; n < outString.length; ++n) {
+ var outChar = outString.charAt(n);
+ if (outChar == '<' || outChar == '>' || outChar == '/') {
+ dump(charset + " has a problem: " + escape(inString) +
+ " decodes to '" + outString + "'\n");
+ failures = true;
+ }
+ }
+ }
+ }
+ if (failures) {
+ do_throw("test failed\n");
+ }
+}