discourse/test/javascripts/fixtures/watched-words-fixtures.js.es6
Guo Xiang Tan 477bacb3ae SECURITY: XSS when displaying watched words in admin panel.
The XSS here is only possible if CSP is disabled. Low impact since CSP
is enabled by default in SiteSettings.
2019-07-15 10:58:52 +08:00

14 lines
462 B
JavaScript

export default {
"/admin/logs/watched_words.json": {
actions: ["block", "censor", "require_approval", "flag"],
words: [
{ id: 1, word: "liquorice", action: "block" },
{ id: 2, word: "anise", action: "block" },
{ id: 3, word: "pyramid", action: "flag" },
{ id: 4, word: "scheme", action: "flag" },
{ id: 5, word: "coupon", action: "require_approval" },
{ id: 6, word: '<img src="x">', action: "block" },
]
}
};