--- in: Just a little harmless xss . sanitized_html:

Just a little harmless xss stuff.

--- in: Here's a bad image

sanitized_html:

Here’s a bad image

--- in: Just some random > and < characters, but also a
tag. sanitized_html:

Just some random > and < characters, but also a
tag.

--- name: processes text beginning with space in: ' This began with a space and ends with some XSS: ' sanitized_html: 'This began with a space and ends with some XSS: alert(“Hai. I`m in ya PC. Makin ya XSS viruzz! KThxBye”);' --- name: processes text in notextile tags in: |- The bad tags should be missing: sanitized_html: |- The bad tags should be missing: alert("Hai. I`m in ya PC. Makin ya XSS viruzz! KThxBye"); --- name: processes text in inline notextile tags in: |- The bad tags should be missing: sanitized_html: |-

The bad tags should be missing: alert("Hai. I`m in ya PC. Makin ya XSS viruzz! KThxBye");

--- name: removes script tags in: |- sanitized_html: "alert(“Hai. I`m in ya PC. Makin ya XSS viruzz! KThxBye”);" --- name: removes nested script tags in: |- sanitized_html: |- alert(“Hai. I`m in ya PC. Makin ya XSS viruzz! KThxBye”);