From 8383b52e919f32187208aa4db758a5c1549b7769 Mon Sep 17 00:00:00 2001
From: Rodrigo Souto <rodrigo@colivre.coop.br>
Date: Thu, 14 Jan 2010 11:03:21 -0300
Subject: [PATCH] Filtering xss attack in comment field name

---
 app/models/comment.rb     | 2 +-
 test/unit/comment_test.rb | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/app/models/comment.rb b/app/models/comment.rb
index 7fdf56c..2ef2928 100644
--- a/app/models/comment.rb
+++ b/app/models/comment.rb
@@ -17,7 +17,7 @@ class Comment < ActiveRecord::Base
     end
   end
 
-  xss_terminate :only => [ :body, :title ]
+  xss_terminate :only => [ :body, :title, :name ]
 
   def author_name
     if author
diff --git a/test/unit/comment_test.rb b/test/unit/comment_test.rb
index 2e9ef58..ac2b238 100644
--- a/test/unit/comment_test.rb
+++ b/test/unit/comment_test.rb
@@ -179,4 +179,12 @@ class CommentTest < Test::Unit::TestCase
     assert comment.url[:view]
   end
 
+  should 'not fill fields with javascript' do
+    owner = create_user('testuser').person
+    article = owner.articles.create!(:name => 'test', :body => '...')
+    javascript = "<script>alert('XSS')</script>"
+    comment = article.comments.create!(:article => article, :name => javascript, :title => javascript, :body => javascript, :email => 'cracker@test.org')
+    assert_no_match(/<script>/, comment.name)
+  end
+
 end
--
libgit2 0.21.2