Html report for console test runner is not escaping html in test case - Build/Test Issues

Welcome Guest! To enable all features please Login or Register.

Notification

Error

NCrunch Forum » General Support » Build/Test Issues » Html report for console test runner is not escaping html in test case

Html report for console test runner is not escaping html in test case

Options

Previous Topic Next Topic

GreenMoose		#1 Posted : Wednesday, September 3, 2014 7:02:46 AM(UTC)
Rank: Advanced Member Groups: Registered Joined: 6/17/2012(UTC) Posts: 507 Thanks: 145 times Was thanked: 66 time(s) in 64 post(s)		v2.9.0.3 So I have a NUnit test case with a string containing "<script>alert(123);</script>", this is not escaped in html output so when I open the AllResults.html I get these alerts executed.
Back to top

User Profile View All Posts by User View Thanks

Remco		#2 Posted : Wednesday, September 3, 2014 7:07:49 AM(UTC)
Rank: NCrunch Developer Groups: Administrators Joined: 4/16/2011(UTC) Posts: 7,144 Thanks: 959 times Was thanked: 1290 time(s) in 1196 post(s)		Ouch! Thanks for the heads up. I'll get that fixed.
Back to top

User Profile View All Posts by User View Thanks

Users browsing this topic
Guest

NCrunch Forum » General Support » Build/Test Issues » Html report for console test runner is not escaping html in test case

Forum Jump

You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Take NCrunch for a spin

Do your fingers a favour and supercharge your testing workflow

Free Download