Sha256: 6953cd57909763d1c842ccaa7af3f669e7df117a6253e6991d785367f958693e
Contents?: true
Size: 1.44 KB
Versions: 33
Compression:
Stored size: 1.44 KB
Contents
require "helper"
class IntegrationTestHelpers < Loofah::TestCase
context ".strip_tags" do
context "on safe markup" do
it "strip out tags" do
assert_equal "omgwtfbbq!!1!", Loofah::Helpers.strip_tags("<div>omgwtfbbq</div><span>!!1!</span>")
end
end
context "on hack attack" do
it "strip escape html entities" do
bad_shit = "<script>alert('evil')</script>"
assert_equal bad_shit, Loofah::Helpers.strip_tags(bad_shit)
end
end
end
context ".sanitize" do
context "on safe markup" do
it "render the safe html" do
html = "<div>omgwtfbbq</div><span>!!1!</span>"
assert_equal html, Loofah::Helpers.sanitize(html)
end
end
context "on hack attack" do
it "strip the unsafe tags" do
assert_equal "alert('evil')<span>w00t</span>", Loofah::Helpers.sanitize("<script>alert('evil')</script><span>w00t</span>")
end
it "strips form tags" do
assert_equal "alert('evil')<span>w00t</span>", Loofah::Helpers.sanitize("<script>alert('evil')</script><form action=\"/foo/bar\" method=\"post\"><input></form><span>w00t</span>")
end
end
end
context ".sanitize_css" do
it "removes unsafe css properties" do
assert_match(/display:\s*block;\s*background-color:\s*blue;/, Loofah::Helpers.sanitize_css("display:block;background-image:url(http://www.ragingplatypus.com/i/cam-full.jpg);background-color:blue"))
end
end
end
Version data entries
33 entries across 25 versions & 6 rubygems