зеркало из https://github.com/mozilla/pjs.git
47 строки
1.4 KiB
JavaScript
47 строки
1.4 KiB
JavaScript
// Tests whether characters above 0x7F decode to ASCII characters liable to
|
|
// expose XSS vulnerabilities
|
|
load('CharsetConversionTests.js');
|
|
|
|
function run_test() {
|
|
var failures = false;
|
|
var ccManager = Cc["@mozilla.org/charset-converter-manager;1"]
|
|
.getService(Ci.nsICharsetConverterManager);
|
|
var decodingConverter = CreateScriptableConverter();
|
|
|
|
var charsetList = ccManager.getDecoderList();
|
|
var counter = 0;
|
|
while (charsetList.hasMore()) {
|
|
++counter;
|
|
var charset = charsetList.getNext();
|
|
dump("testing " + counter + " " + charset + "\n");
|
|
|
|
try {
|
|
decodingConverter.charset = charset;
|
|
} catch(e) {
|
|
dump("Warning: couldn't set decoder charset to " + charset + "\n");
|
|
continue;
|
|
}
|
|
for (var i = 0x80; i < 0x100; ++i) {
|
|
var inString = String.fromCharCode(i);
|
|
var outString;
|
|
try {
|
|
outString = decodingConverter.ConvertToUnicode(inString) +
|
|
decodingConverter.Finish();
|
|
} catch(e) {
|
|
outString = String.fromCharCode(0xFFFD);
|
|
}
|
|
for (var n = 0; n < outString.length; ++n) {
|
|
var outChar = outString.charAt(n);
|
|
if (outChar == '<' || outChar == '>' || outChar == '/') {
|
|
dump(charset + " has a problem: " + escape(inString) +
|
|
" decodes to '" + outString + "'\n");
|
|
failures = true;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
if (failures) {
|
|
do_throw("test failed\n");
|
|
}
|
|
}
|