cargdev/angular
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(platform-browser): prevent clobbered elements from freezing the browser

Browse Source 
see
4f69d38f09
This commit is contained in:
Victor Berchet
2017-03-14 17:15:46 -07:00
committed by Chuck Jazdzewski
parent 52bbc9baf4
commit a4076c70cc
6 changed files with 58 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
packages/platform-browser/test/security/html_sanitizer_spec.ts
View File

@ -112,6 +112,28 @@ export function main() {
}
});
it('should not enter an infinite loop on clobbered elements', () => {
// Some browsers are vulnerable to clobbered elements and will throw an expected exception
// IE and EDGE does not seems to be affected by those cases
// Anyway what we want to test is that browsers do not enter an infinite loop which would
// result in a timeout error for the test.
try {
sanitizeHtml(defaultDoc, '<form><input name="parentNode" /></form>');
} catch (e) {
// depending on the browser, we might ge an exception
}
try {
sanitizeHtml(defaultDoc, '<form><input name="nextSibling" /></form>')
} catch (e) {
// depending on the browser, we might ge an exception
}
try {
sanitizeHtml(defaultDoc, '<form><div><div><input name="nextSibling" /></div></div></form>');
} catch (e) {
// depending on the browser, we might ge an exception
}
});
if (browserDetection.isWebkit) {
it('should prevent mXSS attacks', function() {
expect(sanitizeHtml(defaultDoc, '<a href="&#x3000;javascript:alert(1)">CLICKME</a>'))