Search moodle.org's
Developer Documentation
Developer Documentation
- Bug fixes for general core bugs in 3.11.x will end 14 Nov 2022 (12 months plus 6 months extension).
- Bug fixes for security issues in 3.11.x will end 13 Nov 2023 (18 months plus 12 months extension).
- PHP version: minimum PHP 7.3.0 Note: minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is supported too.
/lib/tests/ -> core_renderer_template_exploit_test.php (source)
Differences Between: [Versions 310 and 311] [Versions 311 and 402] [Versions 311 and 403] [Versions 39 and 311]
(no description)
| File Size: | 443 lines (17 kb) |
| Included or required: | 0 times |
| Referenced: | 0 times |
| Includes or requires: | 0 files |
Defines 1 class
core_renderer_template_exploit_test:: (2 methods):
get_template_testcases()
test_core_mustache_engine_strips_js_helper()
Class: core_renderer_template_exploit_test - X-Ref
Unit tests for core renderer render template exploit.| get_template_testcases() X-Ref |
| Test cases to confirm that blacklisted helpers are stripped from the source text by the helper before being passed to other another helper. This prevents nested calls to helpers. |
| test_core_mustache_engine_strips_js_helper($templates,$torender,$context,$helpers,$js,$expected,$include) X-Ref |
| Test that the mustache_helper_collection class correctly strips param: string $templates The template to add param: string $torender The name of the template to render param: array $context The template context param: array $helpers Mustache helpers to add param: string $js The JS string from the template param: string $expected The expected output of the string after stripping JS param: bool $include If the JS should be added to the page or not |
