Search moodle.org's
Developer Documentation
Developer Documentation
See Release Notes
Long Term Support Release
- Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
- Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
- PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.
/lib/tests/ -> core_renderer_template_exploit_test.php (source)
Differences Between: [Versions 310 and 401] [Versions 39 and 401] [Versions 401 and 402] [Versions 401 and 403]
(no description)
| File Size: | 443 lines (17 kb) |
| Included or required: | 0 times |
| Referenced: | 0 times |
| Includes or requires: | 0 files |
Defines 1 class
core_renderer_template_exploit_test:: (2 methods):
get_template_testcases()
test_core_mustache_engine_strips_js_helper()
Class: core_renderer_template_exploit_test - X-Ref
Unit tests for core renderer render template exploit.| get_template_testcases() X-Ref |
| Test cases to confirm that blacklisted helpers are stripped from the source text by the helper before being passed to other another helper. This prevents nested calls to helpers. |
| test_core_mustache_engine_strips_js_helper($templates,$torender,$context,$helpers,$js,$expected,$include) X-Ref |
| Test that the mustache_helper_collection class correctly strips param: string $templates The template to add param: string $torender The name of the template to render param: array $context The template context param: array $helpers Mustache helpers to add param: string $js The JS string from the template param: string $expected The expected output of the string after stripping JS param: bool $include If the JS should be added to the page or not |
