Skip to content

Commit b54e732

Browse files
shlomiftrentmwillis
shlomif
authored and
trentmwillis
committed
HTML Reporter: Fix an unescaped details.source.
Fix an unescaped details.source in innerHTML. It became apparent when using .xhtml (application/xml+xhtml) but may have other XSS issues (see https://en.wikipedia.org/wiki/Cross-site_scripting ) in plain HTML. The new test gets stuck before the production code fix and completes successfully and promptly after applying it.
1 parent b385b83 commit b54e732

File tree

4 files changed

+24
-1
lines changed

4 files changed

+24
-1
lines changed

Gruntfile.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -162,6 +162,7 @@ module.exports = function( grunt ) {
162162
"test/reporter-html/single-testid.html",
163163
"test/reporter-html/window-onerror.html",
164164
"test/reporter-html/window-onerror-preexisting-handler.html",
165+
"test/reporter-html/xhtml-escape-details-source.xhtml",
165166
"test/reporter-html/xhtml-single-testid.xhtml",
166167
"test/reporter-urlparams.html",
167168
"test/moduleId.html",

reporter/html.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -936,7 +936,7 @@ export function escapeText( s ) {
936936
// Show the source of the test when showing assertions
937937
if ( details.source ) {
938938
sourceName = document.createElement( "p" );
939-
sourceName.innerHTML = "<strong>Source: </strong>" + details.source;
939+
sourceName.innerHTML = "<strong>Source: </strong>" + escapeText( details.source );
940940
addClass( sourceName, "qunit-source" );
941941
if ( testPassed ) {
942942
addClass( sourceName, "qunit-collapsed" );

test/reporter-html/test-escape-details-source.js

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
QUnit.module( "outer module", function() {
2+
QUnit.module( "inner module", function() {
3+
QUnit.test( "test name with a special char > after char", function( assert ) {
4+
assert.expect( 1 );
5+
assert.ok( true, "dummy test" );
6+
} );
7+
} );
8+
} );

test/reporter-html/xhtml-escape-details-source.xhtml

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
<?xml version="1.0" encoding="utf-8"?>
2+
<!DOCTYPE html>
3+
<html xml:lang="en-US" xmlns="http://www.w3.org/1999/xhtml">
4+
<head>
5+
<meta charset="UTF-8" />
6+
<title>QUnit Main Test Suite</title>
7+
<link rel="stylesheet" href="../../dist/qunit.css" />
8+
<script src="../../dist/qunit.js"></script>
9+
<script src="test-escape-details-source.js"></script>
10+
</head>
11+
<body>
12+
<div id="qunit"></div>
13+
</body>
14+
</html>

0 commit comments

Comments
 (0)