From f1c2e26f0af688240f915e3d8d2aab428f0ff76f Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Sun, 14 Apr 2019 14:11:36 +0200 Subject: [PATCH] [ticket/security/234] Add test for URL validation SECURITY-234 --- tests/functions_acp/validate_config_vars_test.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/tests/functions_acp/validate_config_vars_test.php b/tests/functions_acp/validate_config_vars_test.php index 1182d659f0..3bd2204de9 100644 --- a/tests/functions_acp/validate_config_vars_test.php +++ b/tests/functions_acp/validate_config_vars_test.php @@ -19,10 +19,11 @@ class phpbb_functions_acp_validate_config_vars_test extends phpbb_test_case { parent::setUp(); - global $user; + global $language, $user; $user = new phpbb_mock_user(); $user->lang = new phpbb_mock_lang(); + $language = $user->lang; } /** @@ -44,6 +45,7 @@ class phpbb_functions_acp_validate_config_vars_test extends phpbb_test_case 'test_int_32' => array('lang' => 'TEST_INT', 'validate' => 'int:32'), 'test_int_32_64' => array('lang' => 'TEST_INT', 'validate' => 'int:32:64'), 'test_lang' => array('lang' => 'TEST_LANG', 'validate' => 'lang'), + 'test_url' => array('lang' => 'TEST_URL', 'validate' => 'url'), /* 'test_sp' => array('lang' => 'TEST_SP', 'validate' => 'script_path'), 'test_rpath' => array('lang' => 'TEST_RPATH', 'validate' => 'rpath'), @@ -64,6 +66,7 @@ class phpbb_functions_acp_validate_config_vars_test extends phpbb_test_case 'test_int_32' => 32, 'test_int_32_64' => 48, 'test_lang' => 'en', + 'test_url' => 'http://foobar.com', ), ), ); @@ -148,6 +151,11 @@ class phpbb_functions_acp_validate_config_vars_test extends phpbb_test_case array('test_lang' => 'this_is_no_language'), array('WRONG_DATA_LANG'), ), + array( + array('test_url' => array('lang' => 'TEST_URL', 'validate' => 'url')), + array('test_url' => 'javascript://foobar.com'), + array('URL_INVALID TEST_URL'), + ), ); }