tenfourfox/intl/uconv/tests/unit/test_bug601429.js
Cameron Kaiser c9b2922b70 hello FPR
2017-04-19 00:56:45 -07:00

79 lines
1.7 KiB
JavaScript

// Tests whether characters above 0x7F decode to ASCII characters liable to
// expose XSS vulnerabilities
load('CharsetConversionTests.js');
function run_test() {
var failures = false;
var decodingConverter = CreateScriptableConverter();
var decoders = [
"Big5",
"Big5-HKSCS",
"EUC-JP",
"EUC-KR",
"gb18030",
"IBM866",
"ISO-2022-JP",
"ISO-8859-1",
"ISO-8859-2",
"ISO-8859-3",
"ISO-8859-4",
"ISO-8859-5",
"ISO-8859-6",
"ISO-8859-7",
"ISO-8859-8",
"ISO-8859-8-I",
"ISO-8859-10",
"ISO-8859-13",
"ISO-8859-14",
"ISO-8859-15",
"ISO-8859-16",
"KOI8-R",
"KOI8-U",
"Shift_JIS",
"windows-1250",
"windows-1251",
"windows-1252",
"windows-1253",
"windows-1254",
"windows-1255",
"windows-1256",
"windows-1257",
"windows-1258",
"windows-874",
"macintosh",
"x-mac-cyrillic",
"x-user-defined",
"UTF-8"
];
var counter = 0;
while (counter < decoders.length) {
var charset = decoders[counter++];
dump("testing " + counter + " " + charset + "\n");
decodingConverter.charset = charset;
for (var i = 0x80; i < 0x100; ++i) {
var inString = String.fromCharCode(i);
var outString;
try {
outString = decodingConverter.ConvertToUnicode(inString) +
decodingConverter.Finish();
} catch(e) {
outString = String.fromCharCode(0xFFFD);
}
for (var n = 0; n < outString.length; ++n) {
var outChar = outString.charAt(n);
if (outChar == '<' || outChar == '>' || outChar == '/') {
dump(charset + " has a problem: " + escape(inString) +
" decodes to '" + outString + "'\n");
failures = true;
}
}
}
}
if (failures) {
do_throw("test failed\n");
}
}