candyman666 / crunchy

Automatically exported from code.google.com/p/crunchy
0 stars 0 forks source link

Security test needs to be split up #241

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1. Go to the test section and try the javascript security test

What is the expected output? What do you see instead?
A cleaned-up page should be displayed.  Instead nothing shows up.

Please use labels and text to provide additional information.
This page contains too many security tests.  It needs to be broken up into
many subtests and each test being linked either as an external file (so
that it can be showing that the tests are working if read straight through
the browser) and with a direct link so that we can see the effect of
processing by Crunchy.

Original issue reported on code.google.com by andre.ro...@gmail.com on 28 Aug 2009 at 4:05

GoogleCodeExporter commented 8 years ago
One thing we need to do is to remove "-moz-binding" from style files.  Just 
like we
have the security module (for html files - mostly...), we should have a module 
to
check for files being read and removing anything suspicious.  This might allow 
the
"trusted" mode to be a lot more secure.

Original comment by andre.ro...@gmail.com on 28 Aug 2009 at 7:28