El RIDO
bab95cce1b
addressing false positive jsverify rngState 8bf7605ea139db4c28
2020-02-04 18:58:24 +01:00
El RIDO
cc0920fc09
add HTML entity encoding to PHP translation logic, remove exception to allow <br/> tags in DOMpurify by eliminating the single case that made use of it
2020-02-01 08:46:59 +01:00
El RIDO
9a4018bffe
jsverify rngState 8270695ec83abf412d was a false positive, due to incorrect test logic
2020-02-01 07:40:14 +01:00
El RIDO
8a6415ef5f
fixing jsverify rngStates 0220439df7ec68a15b, 015c81b7afd06e4293 & 041e3d57692b08fc4a
2020-01-31 22:42:42 +01:00
El RIDO
29efc14aa7
Revert "implement simplified translation logic, forcing the use of safe application via jQuery element"
...
This reverts commit 62365880b4
. The unit tests showed that the text2string function completely undid the XSS fix, so it was always unsafe to use it. Also the logic simplifications were smaller then expected.
2020-01-25 09:07:29 +01:00
El RIDO
62365880b4
implement simplified translation logic, forcing the use of safe application via jQuery element
2020-01-25 09:07:06 +01:00
El RIDO
685c354d0e
several changes:
...
- added tests for all 4 cases: output to string or into element vs first param contains link or not
- cleaned up logic - skip HTML entity encoding only if we can ensure insertion to text node / when output to string, we always encode
- DOMpurify sanitizes gopher, ws & wss links, which we previosly had tested for
2020-01-18 10:44:35 +01:00
El RIDO
fa9d3037ba
fixing logic & indentation
2020-01-18 07:44:32 +01:00
El RIDO
fd4492f229
ensuring that both critical branches get tested
2020-01-18 07:09:56 +01:00
El RIDO
4bf7f863dc
more general solution addressing #554 , kudos @rugk for the suggestions
2020-01-04 13:14:53 +01:00
El RIDO
70007285bf
remove console suppression, fixing I18n mock
2018-12-25 16:42:18 +01:00
rugk
3b90020559
Add explanation
...
Ref https://github.com/PrivateBin/PrivateBin/pull/297#issuecomment-379586428
2018-04-09 14:13:18 +02:00
Alexander Do
944c8c2912
Add test for missing browser language
2018-04-07 03:22:26 +00:00
El RIDO
72acc95326
improving code quality issues suggested by JSHint
2018-01-06 09:26:10 +01:00
El RIDO
3fed63ce28
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests
2017-12-14 07:19:05 +01:00