diff options
| author | Waylan Limberg <waylan@gmail.com> | 2010-02-12 16:24:15 -0500 |
|---|---|---|
| committer | Waylan Limberg <waylan@gmail.com> | 2010-02-12 16:24:15 -0500 |
| commit | 28caf01c8082dbed3a5ca87b070ffe5657514f01 (patch) | |
| tree | 6aff8e9eb06daa4a4e5ebe6994e67f08b4397ee6 /tests/safe_mode/unsafe_urls.txt | |
| parent | 7e0b959ef2a64f2339be28f258b895d7a79003a8 (diff) | |
| download | markdown-28caf01c8082dbed3a5ca87b070ffe5657514f01.tar.gz markdown-28caf01c8082dbed3a5ca87b070ffe5657514f01.tar.bz2 markdown-28caf01c8082dbed3a5ca87b070ffe5657514f01.zip | |
Moved test dir back out of markdown lib. We don't need to install the tests in everyones site-packages. We just need to distrubute them in the tarball for people to run before installing etc.
Diffstat (limited to 'tests/safe_mode/unsafe_urls.txt')
| -rw-r--r-- | tests/safe_mode/unsafe_urls.txt | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/tests/safe_mode/unsafe_urls.txt b/tests/safe_mode/unsafe_urls.txt new file mode 100644 index 0000000..7bfd81d --- /dev/null +++ b/tests/safe_mode/unsafe_urls.txt @@ -0,0 +1,27 @@ +These links should be unsafe and not allowed in safe_mode + +[link](javascript:alert%28'Hello%20world!'%29) +[link](vbscript:msgbox%28%22Hello%20world!%22%29) +[link](livescript:alert%28'Hello%20world!'%29) +[link](mocha:[code]) +[link](jAvAsCrIpT:alert%28'Hello%20world!'%29) +[link](ja vas cr ipt:alert%28'Hello%20world!'%29) +[link](ja vas cr ipt:alert%28'Hello%20world!'%29) +[link](ja vas cr ipt:alert%28'Hello%20world!'%29) +[link](ja%09 %0Avas cr
ipt:alert%28'Hello%20world!'%29) +[link](ja%20vas%20cr%20ipt:alert%28'Hello%20world!'%29) +[link](live%20script:alert%28'Hello%20world!'%29) + + +[ref][] +![imgref][] + +[ref]: javascript:alert%29'XSS'%29 +[imgref]: javascript:alert%29'XSS'%29 + +These should work regardless: + +[relative](relative/url.html) +[email](mailto:foo@bar.com) +[news scheme](news:some.news.group.com) +[http link](http://example.com) |