From 69e27289868cae86446ad77492d4405ee49adaba Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Thu, 2 May 2019 20:49:37 -0400 Subject: [PATCH] Revert "Bug 22478: (QA follow-up) Update tests to check for any script tags" This reverts commit d9b3b90849fd95d296b73b330c4e32ff018c81a5. https://bugs.koha-community.org/show_bug.cgi?id=22836 Signed-off-by: Martin Renvoize Signed-off-by: Katrin Fischer Signed-off-by: Nick Clemens (cherry picked from commit c265fcc476bc4d4fc74d5a23c0d5ef8ef21650b2) Signed-off-by: Martin Renvoize --- t/db_dependent/selenium/regressions.t | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/t/db_dependent/selenium/regressions.t b/t/db_dependent/selenium/regressions.t index 8d379a2761..e8d355fd0c 100644 --- a/t/db_dependent/selenium/regressions.t +++ b/t/db_dependent/selenium/regressions.t @@ -186,7 +186,7 @@ subtest 'Display circulation table correctly' => sub { }; subtest 'XSS vulnerabilities in pagination' => sub { - plan tests => 4; + plan tests => 3; my $patron = $builder->build_object({ class => 'Koha::Patrons' }); for ( 1 .. 30 ) { # We want the pagination to be displayed @@ -226,8 +226,7 @@ subtest 'XSS vulnerabilities in pagination' => sub { is( $alert_text, undef, 'No alert box displayed, even if evil intent' ); my $second_page = $driver->find_element('//div[@class="pages"]/span[@class="currentPage"]/following-sibling::a'); - unlike( $second_page->get_attribute('href'), qr{%22%3E%3Cscript%3Ealert%28%27booh%21%27%29%3C%2Fscript%3E}, 'The second page link should not contain any script tags (escaped or otherwise)' ); - unlike( $second_page->get_attribute('href'), qr{"}, 'The second page link should not contain any script tags (escaped or otherwise)' ); + like( $second_page->get_attribute('href'), qr{category=1%22%3E%3Cscript%3Ealert%28%27booh%21%27%29%3C%2Fscript%3E}, 'The second patch should displayed the variables and attributes correctly URI escaped' ); push @cleanup, $patron, $patron->category, $patron->library; }; -- 2.39.5