Commit 71c5846c authored by Oliver Hader's avatar Oliver Hader Committed by Oliver Hader
Browse files

[TASK] Upgrade to typo3/html-sanitizer v2.0.9

composer req typo3/html-sanitizer:^2.0.9
composer req typo3/html-sanitizer:^2.0.9 \
  -d typo3/sysext/core --no-update

Resolves: #94883
Releases: master, 11.3, 10.4, 9.5
Change-Id: I997ddc423ffcb216927e3ba807e303e604174ee8
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/70614


Tested-by: Oliver Hader's avatarOliver Hader <oliver.hader@typo3.org>
Reviewed-by: Oliver Hader's avatarOliver Hader <oliver.hader@typo3.org>
parent 6a197e75
Pipeline #15215 passed with stages
in 47 minutes and 4 seconds
......@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "7bf31b3ea38ea5c3ec6a128d71f94230",
"content-hash": "bb122f07731fd60b9a4e3488e9a667ff",
"packages": [
{
"name": "bacon/bacon-qr-code",
......@@ -4924,16 +4924,16 @@
},
{
"name": "typo3/html-sanitizer",
"version": "v2.0.8",
"version": "v2.0.9",
"source": {
"type": "git",
"url": "https://github.com/TYPO3/html-sanitizer.git",
"reference": "8df823ea5aa2335a2740e121c3f3d6db2c01626e"
"reference": "5dfd055b3d62a505d6dd8381f3145d17147ceb6d"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/TYPO3/html-sanitizer/zipball/8df823ea5aa2335a2740e121c3f3d6db2c01626e",
"reference": "8df823ea5aa2335a2740e121c3f3d6db2c01626e",
"url": "https://api.github.com/repos/TYPO3/html-sanitizer/zipball/5dfd055b3d62a505d6dd8381f3145d17147ceb6d",
"reference": "5dfd055b3d62a505d6dd8381f3145d17147ceb6d",
"shasum": ""
},
"require": {
......@@ -4969,9 +4969,9 @@
"description": "HTML sanitizer aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values.",
"support": {
"issues": "https://github.com/TYPO3/html-sanitizer/issues",
"source": "https://github.com/TYPO3/html-sanitizer/tree/v2.0.8"
"source": "https://github.com/TYPO3/html-sanitizer/tree/v2.0.9"
},
"time": "2021-08-12T15:11:29+00:00"
"time": "2021-08-16T10:44:16+00:00"
},
{
"name": "typo3/phar-stream-wrapper",
......
......@@ -66,7 +66,7 @@
"typo3/class-alias-loader": "^1.0",
"typo3/cms-cli": "^3.0",
"typo3/cms-composer-installers": "^2.0 || ^3.0",
"typo3/html-sanitizer": "^2.0.8",
"typo3/html-sanitizer": "^2.0.9",
"typo3/phar-stream-wrapper": "^3.1.6",
"typo3/symfony-psr-event-dispatcher-adapter": "^1.0 || ^2.0",
"typo3fluid/fluid": "^2.7.0"
......
......@@ -275,7 +275,7 @@ class SecureHtmlRenderingTest extends FunctionalTestCase
'#08 ' . self::TYPE_PLAIN => [
self::TYPE_PLAIN,
'08: <meta whatever="whatever">',
'<p>08: &lt;meta whatever="whatever"&gt;</p>',
'<p>08: </p>',
],
'#08 ' . self::TYPE_EMPTY_PARSEFUNCTSPATH => [
self::TYPE_EMPTY_PARSEFUNCTSPATH,
......@@ -303,6 +303,21 @@ class SecureHtmlRenderingTest extends FunctionalTestCase
'09: <sdfield onmouseover="alert(1)">',
'<p>09: <sdfield onmouseover="alert(1)"></p>',
],
'#10 ' . self::TYPE_PLAIN => [
self::TYPE_PLAIN,
'10: <meta itemprop="type" content="voice">',
'<p>10: <meta itemprop="type" content="voice"></p>',
],
'#10 ' . self::TYPE_EMPTY_PARSEFUNCTSPATH => [
self::TYPE_EMPTY_PARSEFUNCTSPATH,
'10: <meta itemprop="type" content="voice">',
'10: <meta itemprop="type" content="voice">',
],
'#10 ' . self::TYPE_DISABLE_HTML_SANITIZE => [
self::TYPE_DISABLE_HTML_SANITIZE,
'10: <meta itemprop="type" content="voice">',
'<p>10: <meta itemprop="type" content="voice"></p>',
],
];
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment