AC-12738: Fixed web api test case

Deepak Tiwari · Deepak Tiwari · commit dccda60b08a8 · 2024-10-02T18:13:59.000+05:30
diff --git a/lib/internal/Magento/Framework/Webapi/ServiceInputProcessor.php b/lib/internal/Magento/Framework/Webapi/ServiceInputProcessor.php
@@ -357,16 +357,14 @@ protected function _createFromArray($className, $data)
     }
 
     /**
-     * Check if input value contains any XSS vector
+     * Validate input param value
      *
      * @param string $value
      * @return bool
      */
     private function validateParamsValue(string $value)
     {
-        // Check for <script> tags or any common XSS vectors
-        return preg_match('/<script\b[^>]*>(.*?)<\/script>/is', $value) ||
-            preg_match('/[<>]/', $value);
+        return preg_match('/<script\b[^>]*>(.*?)<\/script>/is', $value);
     }
 
     /**

Original file line number	Diff line number	Diff line change
`@@ -357,16 +357,14 @@ protected function _createFromArray($className, $data)`
`357`	`357`	`}`
`358`	`358`
`359`	`359`	`/**`
`360`		`- * Check if input value contains any XSS vector`
	`360`	`+ * Validate input param value`
`361`	`361`	`*`
`362`	`362`	`* @param string $value`
`363`	`363`	`* @return bool`
`364`	`364`	`*/`
`365`	`365`	`private function validateParamsValue(string $value)`
`366`	`366`	`{`
`367`		`- // Check for <script> tags or any common XSS vectors`
`368`		`- return preg_match('/<script\b[^>]>(.?)<\/script>/is', $value) \|\|`
`369`		`- preg_match('/[<>]/', $value);`
	`367`	`+ return preg_match('/<script\b[^>]>(.?)<\/script>/is', $value);`
`370`	`368`	`}`
`371`	`369`
`372`	`370`	`/**`