[ticket/security-203] Do not add null values to versions info

Also stopped using reference for validate_versions() method argument.

SECURTIY-203

1 files changed, 14 insertions, 1 deletions

diff --git a/tests/version/version_helper_remote_test.php b/tests/version/version_helper_remote_test.php
index 596b7194de..b2d497b72a 100644
--- a/tests/version/version_helper_remote_test.php
+++ b/tests/version/version_helper_remote_test.php
@@ -172,7 +172,20 @@ class version_helper_remote_test extends \phpbb_test_case
 				'current' => '1.0.1',
 				'download'	=> 'https://www.phpbb.com/customise/db/download/104136',
 				'announcement'	=> 'https://www.phpbb.com/customise/db/extension/boardrules/',
-				'eol'		=> null,
+				'security'	=> false,
+			))), 'VERSIONCHECK_INVALID_ENTRY'),
+			array('{
+    "unstable": {
+        "1.0": {
+            "current<script>alert(\'foo\');</script>": "1.0.1",
+            "download2": "https://www.phpbb.com/customise/db/download/104136",
+            "bannouncement": "https://www.phpbb.com/customise/db/extension/boardrules/",
+            "eol": null,
+            "security": false,
+            "foobar": "<script>alert(\'test\');<script>"
+        }
+    }
+}', true, array('stable' => array(), 'unstable' => array('1.0' => array(
 				'security'	=> false,
 			))), 'VERSIONCHECK_INVALID_ENTRY'),
 		);