From 54b91bbc8f3b16ed98fbb7be4d3e6a934cde34c2 Mon Sep 17 00:00:00 2001
From: David Flatz
Date: Thu, 23 Jan 2020 14:30:18 +0100
Subject: remove scheme from path when we have empty hostpart and empty
 schemepart; this fixes 'a:javascript:alert(origin)'

---
 test/U_tests.json | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'test')

diff --git a/test/U_tests.json b/test/U_tests.json
index e35ff9d..0025565 100644
--- a/test/U_tests.json
+++ b/test/U_tests.json
@@ -207,5 +207,17 @@
 		"args": ["/foo.html", {"<spam>": {"<spam>": "ham"}}],
 		"exp": "/foo.html?%3Cspam%3E%5B%3Cspam%3E%5D=ham",
 		"name": "U() urlencode keys of nested structures"
+	},
+
+	{
+		"args": ["a:javascript:alert('fail');"],
+		"exp": "alert(%27fail%27)%3B",
+		"name": "U() remove schema from path"
+	},
+
+	{
+		"args": ["a:b:c:d:javascript:alert('fail');"],
+		"exp": "alert(%27fail%27)%3B",
+		"name": "U() remove multiple schemes from path"
 	}
 ]
-- 
cgit v1.2.3