require 'rails_helper' RSpec.describe 'Faml with Rails', type: :request do it 'renders views' do get '/books/hello' expect(response).to be_ok expect(response).to render_template('books/hello') expect(response).to render_template('layouts/application') expect(response.body).to include('Hello, World') end it 'renders views with variables' do get '/books/with_variables?title=nanika' expect(response).to be_ok expect(response).to render_template('books/with_variables') expect(response).to render_template('layouts/application') expect(response.body).to include('

nanika

') end it 'escapes non-html_safe string' do uri = URI.parse('/books/with_variables') uri.query = URI.encode_www_form(title: '') get uri.to_s expect(response).to be_ok expect(response).to render_template('books/with_variables') expect(response).to render_template('layouts/application') expect(response.body).to include('hello') expect(response.body).to include('

<script>alert(1)</script>

') end it 'does not escape object which returns html_safe string by to_s' do get '/books/with_variables?title=nanika' expect(response.body).to include('nanika') end it 'works with capture method' do get '/books/with_capture' expect(response).to be_ok expect(response.body).to include("
\n

Hello

\n
\n
\n") end end