Changes the value of the innocuous url.

RELNOTES: Changes the value of the innocuous url. PiperOrigin-RevId: 450057013 Change-Id: Ia1bcc98dfecf42da43c57d327d5bb0b1c18f591b
google · May 20, 2022 · e69beb1 · e69beb1
1 parent 0ccbdd0
commit e69beb1
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/closure/goog/html/sanitizer/html_test_vectors.js b/closure/goog/html/sanitizer/html_test_vectors.js
@@ -77,6 +77,7 @@ goog.html.htmlTestVectors.HTML_TEST_VECTORS = [
          "<img />",
          "<img src=\"unsafe:javascript:alert('xss');\">",
          "<img src=\"about:invalid#zTSz\" />",
+         "<img src=\"about:invalid#zClosurez\" />",
      ],
      name: "img"},
     {input: "<!--<img src=\"--><img src=x onerror=alert('xss')//\">",
@@ -118,6 +119,7 @@ goog.html.htmlTestVectors.HTML_TEST_VECTORS = [
          "<img src=\"about:invalid#zCSafez\" />",
          "<img src=\"unsafe:javascript:alert(&#34;XSS&#34;)\">",
          "<img src=\"about:invalid#zTSz\" />",
+         "<img src=\"about:invalid#zClosurez\" />",
      ],
      name: "img_quot"},
     {input: "<style><img src=\"</style><img src=x onerror=alert('xss')//\">",
@@ -141,6 +143,7 @@ goog.html.htmlTestVectors.HTML_TEST_VECTORS = [
          "<img />",
          "<img src=\"unsafe:jav&#9;ascript:alert('xss');\">",
          "<img src=\"about:invalid#zTSz\" />",
+         "<img src=\"about:invalid#zClosurez\" />",
      ],
      name: "img_tab"},
     {input: "<input type=\"image\" src=\"javascript:alert('xss');\">",
@@ -285,6 +288,7 @@ goog.html.htmlTestVectors.HTML_TEST_VECTORS = [
          "<img src=\"about:invalid#zCSafez\" />",
          "<img src=\"unsafe:javascript:alert('XSS')\">",
          "<img src=\"about:invalid#zTSz\" />",
+         "<img src=\"about:invalid#zClosurez\" />",
      ],
      name: "unicode"},
     {input: "<html></html>",