Review failing sanitizer bugs
Closed, ResolvedPublic

Description

[subbu@earth tests] grep wt2html ../tests/parserTests-blacklist.js | egrep -i "sanitizer|css" | cut -f1-2 -d","

add("wt2html", "CSS safety test (all browsers): vertical tab (bug 55332 / CVE-2013-4567)"
add("wt2html", "MSIE 6 CSS safety test: Fullwidth (bug 55332)"
add("wt2html", "MSIE 6 CSS safety test: IPA extensions (bug 55332)"
add("wt2html", "MSIE 6 CSS safety test: sup/sub script (bug 55332)"
add("wt2html", "Opera -o-link CSS"
add("wt2html", "MSIE 6 CSS safety test: Repetition markers (bug 55332)"
add("wt2html", "CSS line continuation 2"
add("wt2html", "Sanitizer: Closing of closed but not open table tags"
add("wt2html", "Sanitizer: Escaping of spaces
add("wt2html", "Sanitizer: Validating that <meta> and <link> work
add("wt2html", "Empty <p> tag in TOC

Details

Reference
bz56846
bzimport raised the priority of this task from to High.
bzimport set Reference to bz56846.
GWicke created this task.Nov 9 2013, 8:14 PM
cscott added a comment.Mar 5 2014, 8:38 PM
  • Bug 62267 has been marked as a duplicate of this bug. ***
cscott added a comment.Mar 5 2014, 8:39 PM

There's another failing sanitizer test, see https://gerrit.wikimedia.org/r/117033 -- it has to do with Opera's "-o-link" CSS property.

Arlolra set Security to None.
Arlolra removed GWicke as the assignee of this task.Nov 25 2014, 8:03 PM
ssastry moved this task from Backlog to VE Q3 on the Parsoid board.Mar 11 2015, 11:47 PM
ssastry moved this task from VE Q3 to In Progress on the Parsoid board.Mar 11 2015, 11:52 PM
ssastry updated the task description. (Show Details)Oct 16 2015, 3:03 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 16 2015, 3:03 PM
ssastry updated the task description. (Show Details)Oct 16 2015, 3:03 PM

Change 246847 had a related patch set uploaded (by Cscott):
WIP: T58846

https://gerrit.wikimedia.org/r/246847

ssastry moved this task from In Progress to Backlog on the Parsoid board.Dec 17 2015, 5:36 PM

Change 332711 had a related patch set uploaded (by Arlolra):
T58846: Review failing sanitizer bugs

https://gerrit.wikimedia.org/r/332711

Arlolra claimed this task.Jan 18 2017, 1:55 AM

Change 332711 merged by jenkins-bot:
T58846: Port sanitizer changes from core commit feb23b46

https://gerrit.wikimedia.org/r/332711

Arlolra closed this task as Resolved.Jan 18 2017, 11:52 PM

Mentioned in SAL (#wikimedia-operations) [2017-01-24T18:58:07Z] <arlolra> Updated Parsoid to version d000fdb4 (T58846, T154804, T152633)