xssFiltrationPattern boundary script tag restriction

osrecio commented 5 days ago

Add script boundary as word

If you have an html like:

<body>
    <p class="product-description">
     hello world product description
    </p>
</body>

The problem is the class: product-description

Manual testing scenarios (*)

Create a CMS Page with content:

<p class="product-description">
 hello world product description
</p>

Save and see error:

Contribution checklist (*)

[x] Pull request has a meaningful description of its purpose
[ ] All commits are accompanied by meaningful commit messages
[ ] All new or changed code is covered with unit/integration tests (if applicable)
[ ] README.md files for modified modules are updated and included in the pull request if any README.md predefined sections require an update
[ ] All automated tests passed successfully (all builds are green)

Resolved issues:

[x] resolves magento/magento2#39384: xssFiltrationPattern boundary script tag restriction

m2-assistant[bot] commented 5 days ago

Hi @osrecio. Thank you for your contribution! Here are some useful tips on how you can test your changes using Magento test environment. :exclamation: Automated tests can be triggered manually with an appropriate comment:

@magento run all tests - run or re-run all required tests against the PR changes
@magento run <test-build(s)> - run or re-run specific test build(s) For example: @magento run Unit Tests

<test-build(s)> is a comma-separated list of build names.

Allowed build names are:

1. `Database Compare` 2. `Functional Tests CE` 3. `Functional Tests EE` 4. `Functional Tests B2B` 5. `Integration Tests` 6. `Magento Health Index` 7. `Sample Data Tests CE` 8. `Sample Data Tests EE` 9. `Sample Data Tests B2B` 10. `Static Tests` 11. `Unit Tests` 12. `WebAPI Tests` 13. `Semantic Version Checker`

You can find more information about the builds here :information_source: Run only required test builds during development. Run all test builds before sending your pull request for review.

For more details, review the Code Contributions documentation. Join Magento Community Engineering Slack and ask your questions in #github channel.

osrecio commented 5 days ago

@magento run all tests

engcom-Charlie commented 4 days ago

@magento create issue

ihor-sviziev commented 4 days ago

Approved + added a test coverage for this case:

on 2.4-develop - unit test fails ✅
on a branch with changes - unit test passes

ihor-sviziev commented 4 days ago

@magento run all tests

magento / magento2