18905: Create automatic test for XSS Purifier: Broken HTML - LimeSurvey bugs and feature requests

This bug affects 1 person(s).

ID	Project	Category	View Status	Date Submitted	Last Update

18905	Bug reports	Survey editing	public	2023-06-22 14:54	2023-09-04 10:52

Reporter	gabrieljenik	Assigned To	tibor.pacalat
Priority	none	Severity	partial_block
Status	closed	Resolution	fixed
Product Version	5.x

Summary	18905: Create automatic test for XSS Purifier: Broken HTML
Description	New testUnsafeHtml method, to avoid this (ex): <strong>strong <style> Poped up from this comment: https://github.com/LimeSurvey/LimeSurvey/pull/3238#discussion_r1238035068
Tags	No tags attached.

Bug heat	6
Complete LimeSurvey version number (& build)	5.0
I will donate to the project if issue is resolved	No
Browser
Database type & version	Mysql
Server OS (if known)
Webserver software & version (if known)
PHP Version	7

User List	There are no users monitoring this issue.

gabrieljenik 2023-08-22 14:14 manager ~76667	Master: https://github.com/LimeSurvey/LimeSurvey/pull/3378

gabrieljenik 2023-08-30 19:53 manager ~76795	v5: https://github.com/LimeSurvey/LimeSurvey/pull/3410

guest 2023-08-31 17:47 viewer ~76819	Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=35428

guest 2023-08-31 17:58 viewer ~76820	Fix committed to 5.x branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=35430

guest 2023-08-31 17:58 viewer ~76821	Fix committed to 5.x branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=35429

LimeBot 2023-09-04 10:52 administrator ~76863	Fixed in Release 6.2.6+230904

LimeSurvey: master 898dec3a 2023-08-31 17:47:44 Gabriel Jenik Committer: GitHub Details Diff	Fixed issue 18905: Create automatic test for XSS Purifier: Broken HTML (#3378) Test for broken html added. Co-authored-by: Lapiu Dev <devgit@lapiu.biz>	Affected Issues 18905
	mod - tests/unit/LSYiiValidatorsTest.php	Diff File
LimeSurvey: 5.x 309964d2 2023-08-31 17:49:23 Gabriel Jenik Committer: GitHub Details Diff	Fixed issue 18905: Create automatic test for XSS Purifier: Broken HTML (#3410) Test for broken html added. Co-authored-by: Lapiu Dev <devgit@lapiu.biz>	Affected Issues 18905
	mod - tests/unit/LSYiiValidatorsTest.php	Diff File
LimeSurvey: 5.x 309964d2 2023-08-31 17:49:23 Gabriel Jenik Committer: GitHub Details Diff	Fixed issue 18905: Create automatic test for XSS Purifier: Broken HTML (#3410) Test for broken html added. Co-authored-by: Lapiu Dev <devgit@lapiu.biz>	Affected Issues 18905
	mod - tests/unit/LSYiiValidatorsTest.php	Diff File

Date Modified	Username	Field	Change
2023-06-22 14:54	gabrieljenik	New Issue
2023-06-22 14:54	gabrieljenik	Issue generated from: 17536
2023-06-22 14:54	gabrieljenik	View Status	private => public
2023-06-22 14:54	gabrieljenik	Bug heat	6 => 0
2023-06-22 14:54	gabrieljenik	Status	new => confirmed
2023-07-07 20:00	gabrieljenik	Assigned To	=> gabrieljenik
2023-07-07 20:00	gabrieljenik	Status	confirmed => assigned
2023-08-22 14:14	gabrieljenik	Assigned To	gabrieljenik => DenisChenu
2023-08-22 14:14	gabrieljenik	Status	assigned => ready for code review
2023-08-22 14:14	gabrieljenik	Note Added: 76667
2023-08-22 14:14	gabrieljenik	Bug heat	0 => 2
2023-08-30 11:53	DenisChenu	Assigned To	DenisChenu => gabrieljenik
2023-08-30 11:53	DenisChenu	Status	ready for code review => ready for merge
2023-08-30 16:07	gabrieljenik	Assigned To	gabrieljenik => tibor.pacalat
2023-08-30 19:53	gabrieljenik	Note Added: 76795
2023-08-31 17:47		Changeset attached	=> LimeSurvey master 898dec3a
2023-08-31 17:47	guest	Note Added: 76819
2023-08-31 17:47	guest	Bug heat	2 => 4
2023-08-31 17:58		Changeset attached	=> LimeSurvey 5.x 309964d2
2023-08-31 17:58	guest	Note Added: 76820
2023-08-31 17:58		Changeset attached	=> LimeSurvey 5.x 309964d2
2023-08-31 17:58	guest	Note Added: 76821
2023-09-04 10:52	LimeBot	Note Added: 76863
2023-09-04 10:52	LimeBot	Status	ready for merge => closed
2023-09-04 10:52	LimeBot	Resolution	open => fixed
2023-09-04 10:52	LimeBot	Bug heat	4 => 6