diff -r 000000000000 -r 6474c204b198 parser/xml/test/unit/results.js --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/parser/xml/test/unit/results.js Wed Dec 31 06:09:35 2014 +0100 @@ -0,0 +1,844 @@ +// vectors by the html5security project (https://code.google.com/p/html5security/ & Creative Commons 3.0 BY), see CC-BY-LICENSE for the full license + +var vectors = [ + { + "data": "", + "sanitized": "" + }, + { + "data": "&ADz&AGn&AG0&AEf&ACA&AHM&AHI&AGO&AD0&AGn&ACA&AG8Abg&AGUAcgByAG8AcgA9AGEAbABlAHIAdAAoADEAKQ&ACAAPABi", + "sanitized": "&ADz&AGn&AG0&AEf&ACA&AHM&AHI&AGO&AD0&AGn&ACA&AG8Abg&AGUAcgByAG8AcgA9AGEAbABlAHIAdAAoADEAKQ&ACAAPABi" + }, + { + "data": "&alert&A7&(1)&R&UA;&&<&A9&11/script&X&>", + "sanitized": "&alert&A7&(1)&R&UA;&&<&A9&11/script&X&>" + }, + { + "data": "0? :postMessage(importScripts('data:;base64,cG9zdE1lc3NhZ2UoJ2FsZXJ0KDEpJyk'))", + "sanitized": "0? :postMessage(importScripts('data:;base64,cG9zdE1lc3NhZ2UoJ2FsZXJ0KDEpJyk'))" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "X", + "sanitized": "X" + }, + { + "data": "

", + "sanitized": "

" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "

...

", + "sanitized": "

...

" + }, + { + "data": "01", + "sanitized": "01" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "X", + "sanitized": "X" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "�script �alert(1)//�/script �", + "sanitized": "�script �alert(1)//�/script �" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "1", + "sanitized": "1" + }, + { + "data": ";1", + "sanitized": ";1" + }, + { + "data": "+ADw-html+AD4APA-body+AD4APA-div+AD4-top secret+ADw-/div+AD4APA-/body+AD4APA-/html+AD4-.toXMLString().match(/.*/m),alert(RegExp.input);", + "sanitized": "+ADw-html+AD4APA-body+AD4APA-div+AD4-top secret+ADw-/div+AD4APA-/body+AD4APA-/html+AD4-.toXMLString().match(/.*/m),alert(RegExp.input);" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "1", + "sanitized": "1" + }, + { + "data": "" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "

", + "sanitized": "

" + }, + { + "data": "XXX XXX", + "sanitized": "XXX XXX" + }, + { + "data": "1", + "sanitized": "1" + }, + { + "data": "1", + "sanitized": "1" + }, + { + "data": "XXX", + "sanitized": "XXX" + }, + { + "data": "

", + "sanitized": "" + }, + { + "data": "

", + "sanitized": "" + }, + { + "data": "\r\n

\r\n\r\n\r\n

", + "sanitized": "\n\n\n><image xlink:href=\"" + }, + { + "data": "

", + "sanitized": "" + }, + { + "data": "

\n

", + "sanitized": "

\n

" + }, + { + "data": "XXX", + "sanitized": "XXX" + }, + { + "data": "\r\n\r\n\r\n\r\n\r\nHello\r\n", + "sanitized": "\n\n\nHello\n" + }, + { + "data": "X", + "sanitized": "X" + }, + { + "data": "

XXX

", + "sanitized": "

XXX

" + }, + { + "data": "

XXX

", + "sanitized": "

XXX

" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "

", + "sanitized": "" + }, + { + "data": "

", + "sanitized": "" + }, + { + "data": "

", + "sanitized": "" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "\r\n", + "sanitized": "\n" + }, + { + "data": "", + "sanitized": "" + }, + { + "data": "