moparisthebest/SickRage
1
0
Fork 0
mirror of https://github.com/moparisthebest/SickRage synced 2024-11-06 01:15:05 -05:00
Code Issues Releases Wiki Activity
2785abe8a4
SickRage/lib/feedparser/tests/wellformed/sanitize/item_description_crazy.xml

81 lines
1.4 KiB
XML
Raw Normal View History

Added RSS feedparser lib to process custom torrent RSS feeds. Adjusted code for custom RSS feed parsing now that feedparser does the parsing for us all we do is pull the data from the returned entries.
2014-04-25 19:41:40 -04:00
<!--
Description: item description is crazy
Expect: not bozo and entries[0]['description'] == u'Crazy HTML -' + u'- Can Your Regex Parse This?\n\n\n\n<!-' + u'- <script> -' + u'->\n\n<!-' + u'- \n\t<script> \n-' + u'->\n\n\n\nfunction executeMe()\n{\n\n\n\n\n/* \n<h1>Did The Javascript Execute?</h1>\n<div>\nI will execute here, too, if you mouse over me\n</div>'
-->
<rss version="2.0">
<channel>
<title>Crazy RSS</title>
<description>Contains unsafe script</description>
<link>http://crazy.example.com/</link>
<language>en</language>
<item>
<description>
&lt;!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
&lt;html xmlns="http://www.w3.org/1999/xhtml">
&lt;head>
&lt;title>Crazy HTML -- Can Your Regex Parse This?&lt;/title>
&lt;/head>
&lt;body notRealAttribute="value"onload="executeMe();"foo="bar"
>
&lt;!-- &lt;script> -->
&lt;!--
&lt;script>
-->
&lt;/script>
&lt;script
>
function executeMe()
{
/* &lt;script>
function am_i_javascript()
{
var str = "Some innocuously commented out stuff";
}
&lt; /script>
*/
alert("Executed");
}
&lt;/script
>
&lt;h1>Did The Javascript Execute?&lt;/h1>
&lt;div notRealAttribute="value
"onmouseover="
executeMe();
"foo="bar">
I will execute here, too, if you mouse over me
&lt;/div>
&lt;/body>
&lt;/html>
</description>
</item>
</channel>
</rss>
Reference in New Issue Copy Permalink