mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-06 16:56:44 +02:00
Code Issues Releases Wiki Activity

[ticket/security-203] Do not add null values to versions info

Browse Source 
Also stopped using reference for validate_versions() method argument.

SECURTIY-203
This commit is contained in:
Marc Alexander
2016-12-27 18:11:31 +01:00
parent 658820654f
commit ad251e4590
2 changed files with 22 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
tests/version/version_helper_remote_test.php
View File

@@ -172,7 +172,20 @@ class version_helper_remote_test extends \phpbb_test_case
'current' => '1.0.1',
'download' => 'https://www.phpbb.com/customise/db/download/104136',
'announcement' => 'https://www.phpbb.com/customise/db/extension/boardrules/',
'eol' => null,
'security' => false,
))), 'VERSIONCHECK_INVALID_ENTRY'),
array('{
"unstable": {
"1.0": {
"current<script>alert(\'foo\');</script>": "1.0.1",
"download2": "https://www.phpbb.com/customise/db/download/104136",
"bannouncement": "https://www.phpbb.com/customise/db/extension/boardrules/",
"eol": null,
"security": false,
"foobar": "<script>alert(\'test\');<script>"
}
}
}', true, array('stable' => array(), 'unstable' => array('1.0' => array(
'security' => false,
))), 'VERSIONCHECK_INVALID_ENTRY'),
);