Sha256: c6240d1d4a0cb8cd9514de7469c9cdd8486db2b0ef5361e7ddaa62b77e5be546
Contents?: true
Size: 1.54 KB
Versions: 12
Compression:
Stored size: 1.54 KB
Contents
require 'test_helper'
module SecurityFilter
def add_one(input)
"#{input} + 1"
end
end
class SecurityTest < Test::Unit::TestCase
include Liquid
def test_no_instance_eval
text = %( {{ '1+1' | instance_eval }} )
expected = %| 1+1 |
assert_equal expected, Template.parse(text).render(@assigns)
end
def test_no_existing_instance_eval
text = %( {{ '1+1' | __instance_eval__ }} )
expected = %| 1+1 |
assert_equal expected, Template.parse(text).render(@assigns)
end
def test_no_instance_eval_after_mixing_in_new_filter
text = %( {{ '1+1' | instance_eval }} )
expected = %| 1+1 |
assert_equal expected, Template.parse(text).render(@assigns)
end
def test_no_instance_eval_later_in_chain
text = %( {{ '1+1' | add_one | instance_eval }} )
expected = %| 1+1 + 1 |
assert_equal expected, Template.parse(text).render(@assigns, :filters => SecurityFilter)
end
def test_does_not_add_filters_to_symbol_table
current_symbols = Symbol.all_symbols
test = %( {{ "some_string" | a_bad_filter }} )
template = Template.parse(test)
assert_equal [], (Symbol.all_symbols - current_symbols)
template.render
assert_equal [], (Symbol.all_symbols - current_symbols)
end
def test_does_not_add_drop_methods_to_symbol_table
current_symbols = Symbol.all_symbols
drop = Drop.new
drop.invoke_drop("custom_method_1")
drop.invoke_drop("custom_method_2")
drop.invoke_drop("custom_method_3")
assert_equal [], (Symbol.all_symbols - current_symbols)
end
end # SecurityTest
Version data entries
12 entries across 12 versions & 3 rubygems