[MediaWiki-commits] [Gerrit] mediawiki...parsoid[master]: Add some html/parsoid sections for safety tests

[jenkins-bot (Code Review)]

jenkins-bot has submitted this change and it was merged. ( 
https://gerrit.wikimedia.org/r/332724 )

Change subject: Add some html/parsoid sections for safety tests
..


Add some html/parsoid sections for safety tests

Change-Id: I4c36dce117eaf266e760483f23973204446c51d8
---
M tests/parserTests-blacklist.js
M tests/parserTests.txt
2 files changed, 33 insertions(+), 27 deletions(-)

Approvals:
  Subramanya Sastry: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/tests/parserTests-blacklist.js b/tests/parserTests-blacklist.js
index f6b670a..29310ae 100644
--- a/tests/parserTests-blacklist.js
+++ b/tests/parserTests-blacklist.js
@@ -496,11 +496,6 @@
 add("html2html", "Character reference normalization in link text (bug 1938)", 
"this&that\n");
 add("html2html", "(bug 19451) Links should refer to the normalized form.", "אַ\nאַ\nאַ\nאַ\nאַ\n");
 add("html2html", "Bug 2095: link with pipe and three closing brackets, version 
2", "[http://example.com/]\n");
-add("html2html", "Bug 2304: HTML attribute safety (dangerous style template; 
2309)", "\n");
-add("html2html", "Bug 2304: HTML attribute safety (unsafe parameter; 2309)", 
"Magic 
div\n");
-add("html2html", "Bug 3244: HTML attribute safety (extension; unsafe)", "\n");
-add("html2html", "MSIE CSS safety test: spurious slash", "evil\n");
-add("html2html", "MSIE CSS safety test: hex code", "evil\n");
 add("html2html", "Table attribute safety", "\n 
status\n\n");
 add("html2html", "CSS line continuation 1", "\n");
 add("html2html", "CSS line continuation 2", "\n");
@@ -1021,18 +1016,8 @@
 add("html2wt", "Empty attribute crash test single-quotes (bug 2067)", "foo\n");
 add("html2wt", "Attribute test: unquoted but illegal value (hash)", "foo\n");
 add("html2wt", "Bug 2095: link with pipe and three closing brackets, version 
2", "[[Main Page|[http://example.com/]]]\n");
-add("html2wt", "Bug 2304: HTML attribute safety (safe template; regression bug 
2309)", "\n");
-add("html2wt", "Bug 2304: HTML attribute safety (dangerous style template; 
2309)", "\n");
-add("html2wt", "Bug 2304: HTML attribute safety (safe parameter; 2309)", "Magic div\n");
-add("html2wt", "Bug 2304: HTML attribute safety (unsafe parameter; 2309)", 
"Magic div\n");
 add("html2wt", "Bug 2304: HTML attribute safety (unsafe breakout parameter; 
2309)", "alert(document.cookie)\">Magic div\n");
 add("html2wt", "Bug 2304: HTML attribute safety (unsafe breakout parameter 2; 
2309)", "alert(document.cookie)\">Magic div\n");
-add("html2wt", "Bug 3244: HTML attribute safety (extension; safe)", "\n");
-add("html2wt", "Bug 3244: HTML attribute safety (extension; unsafe)", "\n");
-add("html2wt", "MSIE CSS safety test: spurious slash", "evil\n");
-add("html2wt", "MSIE CSS safety test: hex code", "evil\n");
-add("html2wt", "MSIE CSS safety test: comment in url", "evil\n");
-add("html2wt", "MSIE CSS safety test: comment in expression", "evil4\n");
 add("html2wt", "Table attribute legitimate extension", "{|\n! 
style=\"color:blue\" | status\n|}\n");
 add("html2wt", "Table attribute safety", "{|\n! style=\"/* insecure input */\" 
| status\n|}\n");
 add("html2wt", "CSS line continuation 1", "\n");
diff --git a/tests/parserTests.txt b/tests/parserTests.txt
index a93ce62..fb9f7dc 100644
--- a/tests/parserTests.txt
+++ b/tests/parserTests.txt
@@ -16487,9 +16487,11 @@
 Bug 2304: HTML attribute safety (safe template; regression bug 2309)
 !! wikitext
 
-!! html
+!! html/php
 
 
+!! html/parsoid
+
 !! end
 
 # Parsoid has enough context to handle this case
@@ -16508,29 +16510,36 @@
 Bug 2304: HTML attribute safety (dangerous style template; 2309)
 !! wikitext
 
-!! html
+!! html/php
 
 
+!! html/parsoid
+
 !! end
 
 !! test
 Bug 2304: HTML attribute safety (safe parameter; 2309)
 !! wikitext
 {{div style|width: 200px}}
-!! html
+!! html/php
 Magic div
 
+!! html/parsoid
+Magic div
 !! end
 
 !! test
 Bug 2304: HTML attribute safety (unsafe parameter; 2309)
 !! wikitext
 {{div style|width: expression(alert(document.cookie))}}
-!! html
+!! html/php
 Magic div
 
+!! html/parsoid
+Magic div
 !! end
 
+## Parsoid output here differs; needs investigation.
 !! test
 Bug 2304: HTML attribute safety (unsafe breakout parameter; 2309)
 !! wikitext
@@ -16540,6 +16549,7 @@
 
 !! end
 
+## Parsoid output here differs; needs investigation.
 !! test
 Bug 2304: HTML attribute safety (unsafe breakout parameter 2; 2309)
 !! wikitext
@@ -16575,7 +16585,6 @@
 
 
 !! end
-
 
 !! test
 Bug 2304: HTML attribute safety (ISBN)
@@ -16626,18 +16635,22 @@
 Bug 3244: HTML attribute safety (extension; safe)
 !! wikitext
 
-!! html
+!! html/php
 
 
+!! html/parsoid
+
 !! end
 
 !! test
 Bug 3244: HTML attribute safety (extension; unsafe)
 !! wikitext
 
-!! html
+!! html/php
 
 
+!! html/parsoid
+
 !! end
 
 # More MSIE fun discovered by Tom Gilder
@@ -16646,36 +16659,44 @@
 MSIE CSS safety test: spurious slash
 !! wikitext
 evil
-!! html
+!! html/php
 evil
 
+!! html/pa

[MediaWiki-commits] [Gerrit] mediawiki...parsoid[master]: Add some html/parsoid sections for safety tests

[Arlolra (Code Review)]

Arlolra has uploaded a new change for review. ( 
https://gerrit.wikimedia.org/r/332724 )

Change subject: Add some html/parsoid sections for safety tests
..

Add some html/parsoid sections for safety tests

Change-Id: I4c36dce117eaf266e760483f23973204446c51d8
---
M tests/parserTests-blacklist.js
M tests/parserTests.txt
2 files changed, 33 insertions(+), 27 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/services/parsoid 
refs/changes/24/332724/1

diff --git a/tests/parserTests-blacklist.js b/tests/parserTests-blacklist.js
index f6b670a..29310ae 100644
--- a/tests/parserTests-blacklist.js
+++ b/tests/parserTests-blacklist.js
@@ -496,11 +496,6 @@
 add("html2html", "Character reference normalization in link text (bug 1938)", 
"this&that\n");
 add("html2html", "(bug 19451) Links should refer to the normalized form.", "אַ\nאַ\nאַ\nאַ\nאַ\n");
 add("html2html", "Bug 2095: link with pipe and three closing brackets, version 
2", "[http://example.com/]\n");
-add("html2html", "Bug 2304: HTML attribute safety (dangerous style template; 
2309)", "\n");
-add("html2html", "Bug 2304: HTML attribute safety (unsafe parameter; 2309)", 
"Magic 
div\n");
-add("html2html", "Bug 3244: HTML attribute safety (extension; unsafe)", "\n");
-add("html2html", "MSIE CSS safety test: spurious slash", "evil\n");
-add("html2html", "MSIE CSS safety test: hex code", "evil\n");
 add("html2html", "Table attribute safety", "\n 
status\n\n");
 add("html2html", "CSS line continuation 1", "\n");
 add("html2html", "CSS line continuation 2", "\n");
@@ -1021,18 +1016,8 @@
 add("html2wt", "Empty attribute crash test single-quotes (bug 2067)", "foo\n");
 add("html2wt", "Attribute test: unquoted but illegal value (hash)", "foo\n");
 add("html2wt", "Bug 2095: link with pipe and three closing brackets, version 
2", "[[Main Page|[http://example.com/]]]\n");
-add("html2wt", "Bug 2304: HTML attribute safety (safe template; regression bug 
2309)", "\n");
-add("html2wt", "Bug 2304: HTML attribute safety (dangerous style template; 
2309)", "\n");
-add("html2wt", "Bug 2304: HTML attribute safety (safe parameter; 2309)", "Magic div\n");
-add("html2wt", "Bug 2304: HTML attribute safety (unsafe parameter; 2309)", 
"Magic div\n");
 add("html2wt", "Bug 2304: HTML attribute safety (unsafe breakout parameter; 
2309)", "alert(document.cookie)\">Magic div\n");
 add("html2wt", "Bug 2304: HTML attribute safety (unsafe breakout parameter 2; 
2309)", "alert(document.cookie)\">Magic div\n");
-add("html2wt", "Bug 3244: HTML attribute safety (extension; safe)", "\n");
-add("html2wt", "Bug 3244: HTML attribute safety (extension; unsafe)", "\n");
-add("html2wt", "MSIE CSS safety test: spurious slash", "evil\n");
-add("html2wt", "MSIE CSS safety test: hex code", "evil\n");
-add("html2wt", "MSIE CSS safety test: comment in url", "evil\n");
-add("html2wt", "MSIE CSS safety test: comment in expression", "evil4\n");
 add("html2wt", "Table attribute legitimate extension", "{|\n! 
style=\"color:blue\" | status\n|}\n");
 add("html2wt", "Table attribute safety", "{|\n! style=\"/* insecure input */\" 
| status\n|}\n");
 add("html2wt", "CSS line continuation 1", "\n");
diff --git a/tests/parserTests.txt b/tests/parserTests.txt
index a93ce62..fb9f7dc 100644
--- a/tests/parserTests.txt
+++ b/tests/parserTests.txt
@@ -16487,9 +16487,11 @@
 Bug 2304: HTML attribute safety (safe template; regression bug 2309)
 !! wikitext
 
-!! html
+!! html/php
 
 
+!! html/parsoid
+
 !! end
 
 # Parsoid has enough context to handle this case
@@ -16508,29 +16510,36 @@
 Bug 2304: HTML attribute safety (dangerous style template; 2309)
 !! wikitext
 
-!! html
+!! html/php
 
 
+!! html/parsoid
+
 !! end
 
 !! test
 Bug 2304: HTML attribute safety (safe parameter; 2309)
 !! wikitext
 {{div style|width: 200px}}
-!! html
+!! html/php
 Magic div
 
+!! html/parsoid
+Magic div
 !! end
 
 !! test
 Bug 2304: HTML attribute safety (unsafe parameter; 2309)
 !! wikitext
 {{div style|width: expression(alert(document.cookie))}}
-!! html
+!! html/php
 Magic div
 
+!! html/parsoid
+Magic div
 !! end
 
+## Parsoid output here differs; needs investigation.
 !! test
 Bug 2304: HTML attribute safety (unsafe breakout parameter; 2309)
 !! wikitext
@@ -16540,6 +16549,7 @@
 
 !! end
 
+## Parsoid output here differs; needs investigation.
 !! test
 Bug 2304: HTML attribute safety (unsafe breakout parameter 2; 2309)
 !! wikitext
@@ -16575,7 +16585,6 @@
 
 
 !! end
-
 
 !! test
 Bug 2304: HTML attribute safety (ISBN)
@@ -16626,18 +16635,22 @@
 Bug 3244: HTML attribute safety (extension; safe)
 !! wikitext
 
-!! html
+!! html/php
 
 
+!! html/parsoid
+
 !! end
 
 !! test
 Bug 3244: HTML attribute safety (extension; unsafe)
 !! wikitext
 
-!! html
+!! html/php
 
 
+!! html/parsoid
+
 !! end
 
 # More MSIE fun discovered by Tom Gilder
@@ -16646,36 +16659,44 @@
 MSIE CSS safety test: spurious slash
 !! wikitext
 evil
-!! html
+!! html/php
 evil
 
+!! html/p