summaryrefslogtreecommitdiff
path: root/share/www/script/couch_test_runner.js
diff options
context:
space:
mode:
Diffstat (limited to 'share/www/script/couch_test_runner.js')
-rw-r--r--share/www/script/couch_test_runner.js7
1 files changed, 7 insertions, 0 deletions
diff --git a/share/www/script/couch_test_runner.js b/share/www/script/couch_test_runner.js
index 451a454a..fbffbbb6 100644
--- a/share/www/script/couch_test_runner.js
+++ b/share/www/script/couch_test_runner.js
@@ -14,6 +14,13 @@
function loadScript(url) {
+ // disallow loading remote URLs
+ if((url.substr(0, 7) == "http://")
+ || (url.substr(0, 2) == "//")
+ || (url.substr(0, 5) == "data:")
+ || (url.substr(0, 11) == "javsacript:")) {
+ throw "Not loading remote test scripts";
+ }
if (typeof document != "undefined") document.write('<script src="'+url+'"></script>');
};
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-25 10:58:09 +0000