Project

General

Profile

Enhancement(機能追加・改善) #1817

#1741 で作成された XSS 脆弱性、CSRF 脆弱性のテストのmasterへの取り込み

Added by Shogo Kawahara over 8 years ago. Updated over 7 years ago.

Status:
Fixed(完了)
Priority:
High(高め)
Target version:
Start date:
2010-11-30
Due date:
% Done:

100%


Description

Overview

#1741 で作成された XSS 脆弱性、CSRF 脆弱性のテストのmasterへの取り込みを行う
#1741 対応完了後 )


Related issues

Related to OpenPNE 3 - Enhancement(機能追加・改善) #1741: XSS 脆弱性、 CSRF 脆弱性のテストを完備できるように体制を整える Fixed(完了) 2010-10-26 2011-06-24

Associated revisions

Revision b7ae23a3 (diff)
Added by Kousuke Ebihara about 8 years ago

fixed test for uploading member profile image doesn't work (refs #1817 BP from #1741)

Revision e2d09003 (diff)
Added by Kousuke Ebihara about 8 years ago

changed repositories in the current connection before executing functional test (refs #1817 BP from #1741)

Revision e9784bd0 (diff)
Added by Masato Nagasawa about 8 years ago

added the opTesterHtmlEscape class and I've tried this class in member/profile and community/search (refs #1817 BP from #1741)

Conflicts:

test/functional/pc_frontend/communityActionsTest.php

Revision 5f059bfd (diff)
Added by Masato Nagasawa about 8 years ago

fixed some functional tests for pc_frontend is broken (refs #1817 BP from #1741)

Conflicts:

test/functional/pc_frontend/confirmationActionsTest.php
test/functional/pc_frontend/friendActionsTest.php

Revision aca533ea (diff)
Added by Masato Nagasawa about 8 years ago

fixed functional test in pc_backend, added CSRF check (refs #1817 BP from #1741)

Conflicts:

lib/test/opTestFunctional.class.php
test/functional/pc_backend/monitoringActionsTest.php

Revision bb937ed5 (diff)
Added by Masato Nagasawa about 8 years ago

CSRF check method changed to the regular expression (refs #1817 BP from #1741)

Revision c6b0c222 (diff)
Added by Masato Nagasawa about 8 years ago

added community of the pc_backend to the functional test (refs #1817 BP from #1741)

Revision 07cea9fa (diff)
Added by Masato Nagasawa about 8 years ago

added member of the backend actions to the functional test (refs #1817 BP from #1741)

Conflicts:

test/functional/pc_backend/memberActionsTest.php

Revision 2210e34e (diff)
Added by Masato Nagasawa about 8 years ago

added the profile actions of pc_backend for the functional test (refs #1817 BP from #1741)

Revision b98eb984 (diff)
Added by Masato Nagasawa about 8 years ago

added the sns/changeRichTextareaButtonOrder action of pc_backend for the functional test (refs #1817 BP from #1741)

Conflicts:

test/functional/pc_backend/snsActionsTest.php

Revision 6f5c07cf (diff)
Added by Masato Nagasawa about 8 years ago

added the connection actions of pc_backend for the functional test (refs #1817 BP from #1741)

Revision cb51f42b (diff)
Added by Masato Nagasawa about 8 years ago

added design/editGadget action of pc_backend for the functional test (refs #1817 BP from #1741)

Revision f0f95eaf (diff)
Added by Masato Nagasawa about 8 years ago

added the admin actions of pc_backend for the functional test (refs #1817 BP from #1741)

Revision bcfda328 (diff)
Added by Masato Nagasawa about 8 years ago

added the navigation/sort action of pc_backend for the functional test (refs #1817 BP from #1741)

Revision 3ba33f60 (diff)
Added by Masato Nagasawa about 8 years ago

added the default actions of pc_backend for the functional test (refs #1817 BP from #1741)

Revision af28e4e2 (diff)
Added by Masato Nagasawa about 8 years ago

added the monitoring actions of pc_backend for the functional test (refs #1817 BP from #1741)

Revision 4edc7851 (diff)
Added by Masato Nagasawa about 8 years ago

fixed removed 'echo' (refs #1817 BP from #1741)

Revision ba3c613b (diff)
Added by Masato Nagasawa about 8 years ago

added the friend actions of pc_frontend for the functional test (refs #1817 BP from #1741)

Revision a0fdb71f (diff)
Added by Masato Nagasawa about 8 years ago

added the community actions of pc_frontend for the functional test (refs #1817 BP from #1741)

Conflicts:

test/functional/pc_frontend/communityActionsTest.php

Revision 8aa83daf (diff)
Added by Masato Nagasawa about 8 years ago

added the member actions of pc_frontend for the functional test (refs #1817 BP from #1741)

Conflicts:

test/functional/pc_frontend/memberActionsTest.php

Revision 08379ac3 (diff)
Added by Masato Nagasawa about 8 years ago

added the member actions of pc_frontend for the functional test (refs #1817 BP from #1741)

Revision 960ccd68 (diff)
Added by Masato Nagasawa about 8 years ago

added the connection actions of pc_frontend for the functional test (refs #1817 BP from #1741)

Revision 3241f269 (diff)
Added by Masato Nagasawa about 8 years ago

added the XSS/CSRF functional tests for oauth module in the pc_frontend application (refs #1817 BP from #1741)

Conflicts:

test/fixtures/xss_test_data.yml

Revision 23138451 (diff)
Added by Kousuke Ebihara about 8 years ago

added a XSS test for connection/show in pc_frontend (refs #1817 BP from #1741)

Revision f11bbf12 (diff)
Added by Kousuke Ebihara about 8 years ago

fixed the form for modifying consumer that doesn't display some localized form error message (refs #1817 BP from #1741)

Revision dc8bfda8 (diff)
Added by Kousuke Ebihara about 8 years ago

fixed the deprecated error message make generate invalid array keys (refs #1817 BP from #1741)

Revision 2aebd8cb (diff)
Added by Kousuke Ebihara about 8 years ago

fixed failed tests of the member module that have mistakes in test and / or test data (refs #1817 BP from #1741)

Revision f491a1e8 (diff)
Added by Kousuke Ebihara about 8 years ago

changed to reset repositories in current connection for unit test (refs #1817 BP from #1741)

Revision 27bd8e71 (diff)
Added by Masato Nagasawa about 8 years ago

added confirmation/list action of pc_frontend for the functional test (refs #1817 BP from #1741)

Conflicts:

test/functional/pc_frontend/confirmationActionsTest.php

Revision 7f2d82e8 (diff)
Added by Masato Nagasawa about 8 years ago

fixed from the parameters you can specify additional selectors (refs #1817 BP from #1741)

History

#1 Updated by Shogo Kawahara over 8 years ago

  • Tracker changed from Bug(バグ) to Enhancement(機能追加・改善)

#2 Updated by Masato Nagasawa about 8 years ago

  • Status changed from New(新規) to Accepted(着手)
  • Assignee set to Masato Nagasawa

#3 Updated by Masato Nagasawa about 8 years ago

  • Status changed from Accepted(着手) to Pending Review(レビュー待ち)
  • % Done changed from 0 to 50

#4 Updated by Kousuke Ebihara over 7 years ago

  • Status changed from Pending Review(レビュー待ち) to Pending Testing(テスト待ち)
  • % Done changed from 50 to 70

#5 Updated by Fumie Toyooka over 7 years ago

  • Status changed from Pending Testing(テスト待ち) to Fixed(完了)
  • % Done changed from 70 to 100

テスターテストは不要とのことなので、チケット完了します。

Also available in: Atom PDF