From 0aba1faa0803af6013c9ac2071e87f117e9c4835 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Wed, 26 Jul 2017 21:14:05 +0200
Subject: [ticket/security/211] Do not match javascript URIs with URL regexes

SECURITY-211
---
 tests/functions/make_clickable_test.php | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'tests/functions/make_clickable_test.php')

diff --git a/tests/functions/make_clickable_test.php b/tests/functions/make_clickable_test.php
index 63beeb06b2..2cdefe689d 100644
--- a/tests/functions/make_clickable_test.php
+++ b/tests/functions/make_clickable_test.php
@@ -55,6 +55,10 @@ class phpbb_functions_make_clickable_test extends phpbb_test_case
 				'http://testhost/viewtopic.php?t=1',
 				'<!-- l --><a class="postlink-local" href="http://testhost/viewtopic.php?t=1">viewtopic.php?t=1</a><!-- l -->'
 			),
+			array(
+				'javascript://testhost/viewtopic.php?t=1',
+				'javascript://testhost/viewtopic.php?t=1'
+			),
 			array(
 				'email@domain.com',
 				'<!-- e --><a href="mailto:email@domain.com">email@domain.com</a><!-- e -->'
@@ -92,6 +96,10 @@ class phpbb_functions_make_clickable_test extends phpbb_test_case
 				'ftp://ftp.täst.de/',
 				'<!-- m --><a class="postlink" href="ftp://ftp.täst.de/">ftp://ftp.täst.de/</a><!-- m -->'
 			),
+			array(
+				'javascript://täst.de/',
+				'javascript://täst.de/'
+			),
 			array(
 				'sip://bantu@täst.de',
 				'<!-- m --><a class="postlink" href="sip://bantu@täst.de">sip://bantu@täst.de</a><!-- m -->'
-- 
cgit v1.2.1