Item11322: sandbox untaint seems to have no tests, and I just found something that i recon is broken

Tasks.Item11321 made me look at inputting bad values

<SvenDowideit>       Foswiki::Sandbox::untaint( $web, \&Foswiki::Sandbox::validateWebName );
<FoswikiBot> http://trunk.foswiki.org/System/PerlDoc?module=Foswiki::Sandbox [ (Foswiki login) PerlDoc ]
<SvenDowideit> also has no unit tests
<SvenDowideit> and validateTopicName passes '/.Something'
<SvenDowideit> returning '/Something'


    # Set the requestedWebName before applying defaults - used by statistics
    # generation.   Note:  This is validated using Topic name rules to permit
    # names beginning with lower case.
    $this->{requestedWebName} =
      Foswiki::Sandbox::untaint( $web, \&Foswiki::Sandbox::validateTopicName );

    # Validate web name from path info
    $this->{webName} =
      Foswiki::Sandbox::untaint( $web, \&Foswiki::Sandbox::validateWebName );

with 

    # - Invalid web name - Tasks.Item11321
    $this->urltest( '/.Main/WebPreferences',
        '', 'WebPreferences' );

$this->{requestedWebName} becomes '/Main';
$this->{webName} = undef

-- SvenDowideit - 02 Dec 2011

which made me want to read the unit tests for untaint - and i didn't find them

-- SvenDowideit - 02 Dec 2011

The behaviour described is correct for web name validation - /. is equivalent to // which is equivalent to / in web names.

While some unit tests would be nice, that's all they'd be IMHO. No action, for pollution control.

-- CrawfordCurrie - 15 Jun 2015

Commenting is disabled while not logged in