adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2025-01-19 02:56:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fixing issue in error handler, where URL was not escaped with debug == 0.

Browse source 
Tests added.

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@8028 3807eeeb-6ff5-0310-8944-8be069107fe0
This commit is contained in:
mark_story 2009-02-13 14:56:00 +00:00
parent 2a36e5f8cd
commit fdd6ad856e
2 changed files with 14 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
cake/libs/error.php
View file

@ -151,7 +151,7 @@ class ErrorHandler extends Object {
$this->controller->set(array(
'code' => '404',
'name' => __('Not Found', true),
'message' => $url,
'message' => h($url),
'base' => $this->controller->base
));
$this->_outputMessage('error404');

12
cake/tests/cases/libs/error.test.php
View file

@ -259,6 +259,18 @@ class TestErrorHandlerTest extends CakeTestCase {
$result = ob_get_clean();
$this->assertPattern('/<h2>Not Found<\/h2>/', $result);
$this->assertPattern("/<strong>'\/test_error'<\/strong>/", $result);
ob_start();
$TestErrorHandler =& new TestErrorHandler('error404', array('message' => 'Page not found'));
ob_get_clean();
ob_start();
$TestErrorHandler->error404(array(
'url' => 'pages/<span id=333>pink</span></id><script>document.body.style.background = t=document.getElementById(333).innerHTML;window.alert(t);</script>',
'message' => 'Page not found'
));
$result = ob_get_clean();
$this->assertNoPattern('#<script>#', $result);
$this->assertNoPattern('#</script>#', $result);
}
/**
* testMissingController method