rss.t: XSS in summaries was fixed

Thus it is revealed that the old version of the test was making sure that XSS was possible via the edit summary. Oh dear.
2015-08-15 21:22:05 +02:00
parent 9c90bba602
commit d32ebaddc8
1 changed files with 1 additions and 1 deletions
--- a/t/rss.t
+++ b/t/rss.t
@@ -93,7 +93,7 @@ test_page(get_page('action=rss'),

 # limiting the size of our RSS feed
 update_page('big', 'foo foo foo', '<mu>');
-test_page(get_page('action=rss'), '<description>&lt;mu&gt;</description>');
+test_page(get_page('action=rss'), '<description>&amp;lt;mu&amp;gt;</description>');
 test_page(get_page('action=rss full=1'), 'foo foo foo');
 test_page(get_page('action=rss full=1 diff=1'), '&lt;div class="diff"&gt;');
 update_page('big', 'x' x 49000);