Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve reliability of the test server #6600

Merged
merged 1 commit into from
Nov 11, 2015
Merged

Improve reliability of the test server #6600

merged 1 commit into from
Nov 11, 2015

Conversation

Rob--W
Copy link
Member

@Rob--W Rob--W commented Nov 6, 2015

  • replace // with / (otherwise http://localhost:8888// links to e.g. http://src/ instead of http://localhost:8888/src).
  • Solve XSS issue (file names should be sanitized, not output as-is).
  • Prevent server from crashing if there is a stat error (e.g. permission error or file not found (e.g. broken symlink)).

@Rob--W Rob--W added the test label Nov 6, 2015
yurydelendik
yurydelendik reviewed Nov 11, 2015
View reviewed changes
test/webserver.js
// Escape untrusted input so that it can safely be used in a HTML response
// in HTML and in HTML attributes.
return untrusted
.replace(/&/g, '&ampl;')
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

'&'

@Rob--W
Improve reliability of the test server
b0ff49e 
- replace // with /
  (otherwise http://localhost:8888// links to e.g. http://src/ instead
   of http://localhost:8888/src).

- Solve XSS issue (file names should be sanitized, not output as-is).

- Prevent server from crashing if there is a stat error (e.g. permission
  error or file not found (e.g. broken symlink)).
yurydelendik added a commit that referenced this pull request Nov 11, 2015
@yurydelendik
Merge pull request #6600 from Rob--W/test-server-improved
248e211 
Improve reliability of the test server
@yurydelendik yurydelendik merged commit 248e211 into mozilla:master Nov 11, 2015
@yurydelendik
Copy link
Contributor

Thank you for the patch

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@brendandahl brendandahl

Labels
test
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Rob--W @yurydelendik @brendandahl