From b91237f202ecb36ca9d95931b720edf257fd045d Mon Sep 17 00:00:00 2001
From: Timm Fitschen <t.fitschen@indiscale.com>
Date: Mon, 26 Oct 2020 14:18:11 +0100
Subject: [PATCH] Add more testfiles for server_error and xss_attack

---
 scripting/tests/data/server_error.csv | 1 +
 scripting/tests/data/xss_attack.csv   | 8 ++++++++
 2 files changed, 9 insertions(+)
 create mode 100644 scripting/tests/data/server_error.csv
 create mode 100644 scripting/tests/data/xss_attack.csv

diff --git a/scripting/tests/data/server_error.csv b/scripting/tests/data/server_error.csv
new file mode 100644
index 00000000..3e770df0
--- /dev/null
+++ b/scripting/tests/data/server_error.csv
@@ -0,0 +1 @@
+Hi,  this line contains a unicode backspace. This causes a server error, when pandas_table_preview.py's output is serialized into XML.
\ No newline at end of file
diff --git a/scripting/tests/data/xss_attack.csv b/scripting/tests/data/xss_attack.csv
new file mode 100644
index 00000000..e7d43505
--- /dev/null
+++ b/scripting/tests/data/xss_attack.csv
@@ -0,0 +1,8 @@
+# as it seems all these characters are escaped correctly.
+"![Alt text](url/to/image)","%3C","&lt","&lt;","&LT","&LT;","&#60","&#060","&#0060","&#00060"
+"&#000060","&#0000060","&#60;","&#060;","&#0060;","&#00060;","&#000060;","&#0000060;","&#x3c","&#x03c"
+"&#x003c","&#x0003c","&#x00003c","&#x000003c","&#x3c;","&#x03c;","&#x003c;","&#x0003c;","&#x00003c;","&#x000003c;"
+"&#X3c","&#X03c","&#X003c","&#X0003c","&#X00003c","&#X000003c","&#X3c;","&#X03c;","&#X003c;","&#X0003c;"
+"&#X00003c;","&#X000003c;","&#x3C","&#x03C","&#x003C","&#x0003C","&#x00003C","&#x000003C","&#x3C;","&#x03C;"
+"&#x003C;","&#x0003C;","&#x00003C;","&#x000003C;","&#X3C","&#X03C","&#X003C","&#X0003C","&#X00003C","&#X000003C"
+"&#X3C;","&#X03C;","&#X003C;","&#X0003C;","&#X00003C;","&#X000003C;","\x3c","\x3C","\u003c","\u003C"
-- 
GitLab