diff options
author | Michał Gołębiowski-Owczarek <m.goleb@gmail.com> | 2021-04-29 18:27:58 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-04-29 18:27:58 +0200 |
commit | acb7c49c8d42f601fa347661b1118959079f6b52 (patch) | |
tree | 7eabd86077b9517481b8f3f508a415e753966398 | |
parent | b14ce54334a568eaaa107be4c441660a57c3db24 (diff) | |
download | jquery-acb7c49c8d42f601fa347661b1118959079f6b52.tar.gz jquery-acb7c49c8d42f601fa347661b1118959079f6b52.zip |
Tests: Strip untypical callback parameter characters from PHP files2.2-stable
Only allow alphanumeric characters & underscores for callback parameters.
This is only test code so we're not fixing any security issue but it happens
often enough that the whole jQuery repository directory structure is deployed
onto the server with PHP enabled that it makes is easy to introduce security
issues if this cleanup is not done.
This is a 1.x/2.x version of PR gh-4871.
The change doesn't require a release; it's meant at installations testing
the latest state of `1.12-stable` & `2.2-stable` branches.
This change also fixes testing on Travis & on Chrome/Firefox.
Closes gh-4875
Ref gh-4764
Ref gh-4871
-rw-r--r-- | .travis.yml | 9 | ||||
-rw-r--r-- | test/data/jsonp.php | 13 | ||||
-rw-r--r-- | test/data/with_fries_over_jsonp.php | 6 | ||||
-rw-r--r-- | test/unit/ajax.js | 22 | ||||
-rw-r--r-- | test/unit/support.js | 3 |
5 files changed, 33 insertions, 20 deletions
diff --git a/.travis.yml b/.travis.yml index 34f4d9aec..be6208602 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,8 +1,9 @@ language: node_js -sudo: false +os: linux node_js: -- "0.10" -- "0.12" - "4" -- "5" - "6" +- "8" +- "10" +- "12" +- "14" diff --git a/test/data/jsonp.php b/test/data/jsonp.php index 6c13d72e9..51eee1c6f 100644 --- a/test/data/jsonp.php +++ b/test/data/jsonp.php @@ -1,14 +1,15 @@ <?php error_reporting(0); +function cleanCallback( $callback ) { + return preg_replace( '/[^a-z0-9_]/i', '', $callback ); +} $callback = $_REQUEST['callback']; if ( ! $callback ) { $callback = explode("?",end(explode("/",$_SERVER['REQUEST_URI']))); $callback = $callback[0]; } -$json = $_REQUEST['json']; -if($json) { - echo $callback . '([ {"name": "John", "age": 21}, {"name": "Peter", "age": 25 } ])'; -} else { - echo $callback . '({ "data": {"lang": "en", "length": 25} })'; -} +$json = $_REQUEST['json'] ? + '[ { "name": "John", "age": 21 }, { "name": "Peter", "age": 25 } ]' : + '{ "data": { "lang": "en", "length": 25 } }'; +echo cleanCallback( $callback ) . '(' . $json . ')'; ?> diff --git a/test/data/with_fries_over_jsonp.php b/test/data/with_fries_over_jsonp.php index 456aeb3bd..7de47d125 100644 --- a/test/data/with_fries_over_jsonp.php +++ b/test/data/with_fries_over_jsonp.php @@ -1,7 +1,11 @@ <?php error_reporting(0); +function cleanCallback( $callback ) { + return preg_replace( '/[^a-z0-9_]/i', '', $callback ); +} $callback = $_REQUEST['callback']; +$cleanCallback = cleanCallback( $callback ); $json = $_REQUEST['json']; $text = json_encode(file_get_contents(dirname(__FILE__)."/with_fries.xml")); -echo "$callback($text)"; +echo "$cleanCallback($text)\n"; ?> diff --git a/test/unit/ajax.js b/test/unit/ajax.js index 8b46c57c2..d05d54a65 100644 --- a/test/unit/ajax.js +++ b/test/unit/ajax.js @@ -1758,14 +1758,20 @@ if ( typeof window.ArrayBuffer === "undefined" || typeof new XMLHttpRequest().re }; } ); - testIframeWithCallback( - "#14379 - jQuery.ajax() on unload", - "ajax/onunload.html", - function( status, assert ) { - assert.expect( 1 ); - assert.strictEqual( status, "success", "Request completed" ); - } - ); + // Chrome 78 dropped support for synchronous XHR requests inside of + // beforeunload, unload, pagehide, and visibilitychange event handlers. + // See https://bugs.chromium.org/p/chromium/issues/detail?id=952452 + // Safari 13 did similar changes. The below check will catch them both. + if ( !/safari/i.test( navigator.userAgent ) ) { + testIframeWithCallback( + "#14379 - jQuery.ajax() on unload", + "ajax/onunload.html", + function( status, assert ) { + assert.expect( 1 ); + assert.strictEqual( status, "success", "Request completed" ); + } + ); + } ajaxTest( "#14683 - jQuery.ajax() - Exceptions thrown synchronously by xhr.send should be caught", 4, function( assert ) { return [ { diff --git a/test/unit/support.js b/test/unit/support.js index e8d3715b8..437c23032 100644 --- a/test/unit/support.js +++ b/test/unit/support.js @@ -223,6 +223,7 @@ testIframeWithCallback( "reliableMarginRight": true }; } else if ( /firefox/i.test( userAgent ) ) { + version = userAgent.match( /firefox\/(\d+)/i )[ 1 ]; expected = { "ajax": true, "boxSizingReliable": true, @@ -237,7 +238,7 @@ testIframeWithCallback( "pixelMarginRight": true, "pixelPosition": true, "radioValue": true, - "reliableMarginLeft": false, + "reliableMarginLeft": version >= 61, "reliableMarginRight": true }; } else if ( /iphone os 9_/i.test( userAgent ) ) { |