From 586a944ddd4d03e66dea1093306147594748037a Mon Sep 17 00:00:00 2001
From: Aaron Patterson <aaron.patterson@gmail.com>
Date: Tue, 16 Aug 2011 15:17:49 -0700
Subject: Tags with invalid names should also be stripped in order to prevent
 XSS attacks.  Thanks Sascha Depold for the report.

---
 actionpack/test/template/html-scanner/sanitizer_test.rb | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'actionpack/test/template/html-scanner/sanitizer_test.rb')

diff --git a/actionpack/test/template/html-scanner/sanitizer_test.rb b/actionpack/test/template/html-scanner/sanitizer_test.rb
index 678cb9eeeb..62ad6be680 100644
--- a/actionpack/test/template/html-scanner/sanitizer_test.rb
+++ b/actionpack/test/template/html-scanner/sanitizer_test.rb
@@ -5,6 +5,13 @@ class SanitizerTest < ActionController::TestCase
     @sanitizer = nil # used by assert_sanitizer
   end
 
+  def test_strip_tags_with_quote
+    sanitizer = HTML::FullSanitizer.new
+    string    = '<" <img src="trollface.gif" onload="alert(1)"> hi'
+
+    assert_equal ' hi', sanitizer.sanitize(string)
+  end
+
   def test_strip_tags
     sanitizer = HTML::FullSanitizer.new
     assert_equal("<<<bad html", sanitizer.sanitize("<<<bad html"))
-- 
cgit v1.2.3