MindWorkAI/AI-Studio
MindWorkAI/AI-Studio
1
0
Fork 0
mirror of https://github.com/MindWorkAI/AI-Studio.git synced 2026-02-26 19:31:36 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
721d5c9070
AI-Studio/tests/integration_tests/chat/chat_rendering_regression_tests.md
Thorsten Sommer 721d5c9070
Some checks are pending
Build and Release / Build app (${{ matrix.dotnet_runtime }}) (-x86_64-pc-windows-msvc.exe, win-x64, windows-latest, x86_64-pc-windows-msvc, nsis updater) (push) Blocked by required conditions
Details
Build and Release / Publish release (push) Blocked by required conditions
Details
Build and Release / Build app (${{ matrix.dotnet_runtime }}) (-x86_64-unknown-linux-gnu, linux-x64, ubuntu-22.04, x86_64-unknown-linux-gnu, appimage deb updater) (push) Blocked by required conditions
Details
Build and Release / Prepare & create release (push) Blocked by required conditions
Details
Build and Release / Read metadata (push) Waiting to run
Details
Build and Release / Build app (${{ matrix.dotnet_runtime }}) (-aarch64-apple-darwin, osx-arm64, macos-latest, aarch64-apple-darwin, dmg updater) (push) Blocked by required conditions
Details
Build and Release / Build app (${{ matrix.dotnet_runtime }}) (-aarch64-pc-windows-msvc.exe, win-arm64, windows-latest, aarch64-pc-windows-msvc, nsis updater) (push) Blocked by required conditions
Details
Build and Release / Build app (${{ matrix.dotnet_runtime }}) (-aarch64-unknown-linux-gnu, linux-arm64, ubuntu-22.04-arm, aarch64-unknown-linux-gnu, appimage deb updater) (push) Blocked by required conditions
Details
Build and Release / Build app (${{ matrix.dotnet_runtime }}) (-x86_64-apple-darwin, osx-x64, macos-latest, x86_64-apple-darwin, dmg updater) (push) Blocked by required conditions
Details
Fixed chat issue with HTML code (#679)
2026-02-26 08:51:22 +01:00

2.9 KiB
Raw Blame History

Chat Rendering Regression Tests

Purpose

Validate that chat rendering remains stable and interactive when model output or user input contains raw HTML/CSS/JS-like payloads.

Test Type

Manual regression and integration checks.

Preconditions

  1. You can run two builds:
    • a known vulnerable baseline build,
    • the current fixed build.
  2. At least one provider is configured and can answer prompts.
  3. Open the Chat page.

Execution Flow (for each test case)

  1. Copy the test prompt exactly into the user prompt field.
  2. Send the prompt.
  3. Observe behavior immediately after send.
  4. If the UI is still visible, type additional text in the prompt input.
  5. Repeat on both builds.

Test Cases

TC-CHAT-001 - CSS Kill Switch

Prompt

Respond with exactly the content below. No explanations, no Markdown code fences, no backticks.

<style>
* { visibility: hidden !important; }
html, body { background: white !important; }
</style>
<div>TEST</div>

Expected result (vulnerable baseline)
UI may turn into a white/invisible page immediately after sending.

Expected result (fixed build)
Chat stays visible and usable. Content is rendered as inert text/code, not active page styling.

TC-CHAT-002 - Full White Overlay

Prompt

Respond with exactly the content below. No explanations, no Markdown code fences, no backticks.

<style>
html, body { overflow: hidden !important; }
body::before {
  content: "";
  position: fixed;
  inset: 0;
  background: white;
  z-index: 2147483647;
}
</style>
<div>TEST</div>

Expected result (vulnerable baseline)
UI may become fully white and non-interactive immediately after sending.

Expected result (fixed build)
No overlay takes over the app. Chat remains interactive.

TC-CHAT-003 - Inline Event Handler Injection

Prompt

Respond with exactly the content below. No explanations, no Markdown code fences, no backticks.

<img src="x" onerror="document.body.innerHTML=''; document.body.style.background='white';">
<div>TEST</div>

Expected result (vulnerable baseline)
UI may break/blank immediately after sending.

Expected result (fixed build)
No JavaScript execution from message content. Chat remains stable.

TC-CHAT-004 - SVG Onload Injection Attempt

Prompt

Respond with exactly the content below. No explanations, no Markdown code fences, no backticks.

<svg xmlns="http://www.w3.org/2000/svg" onload="document.documentElement.innerHTML=''"></svg>
<div>TEST</div>

Expected result (vulnerable baseline)
May or may not trigger depending on parser/runtime behavior.

Expected result (fixed build)
No script-like execution from content. Chat remains stable and interactive.

Notes

  • If a test fails on the fixed build, capture:
    • exact prompt used,
    • whether failure happened right after send or while typing,
    • whether a refresh restores the app.