spec/hamlit/engine/new_attribute_spec.rb in hamlit-0.4.3 vs spec/hamlit/engine/new_attribute_spec.rb in hamlit-0.5.0
- old
+ new
@@ -13,7 +13,33 @@
%p(a=1 b=2) bar
HAML
<p a='1' b='2'>bar</p>
HTML
end
+
+ describe 'html escape' do
+ it 'escapes attribute values on static attributes' do
+ assert_render(<<-'HAML', <<-HTML)
+ %a(title="'")
+ %a(title = "'\"")
+ %a(href='/search?foo=bar&hoge=<fuga>')
+ HAML
+ <a title='''></a>
+ <a title=''"'></a>
+ <a href='/search?foo=bar&hoge=<fuga>'></a>
+ HTML
+ end
+
+ it 'escapes attribute values on dynamic attributes' do
+ assert_render(<<-'HAML', <<-HTML)
+ - title = "'\""
+ - href = '/search?foo=bar&hoge=<fuga>'
+ %a(title=title)
+ %a(href=href)
+ HAML
+ <a title=''"'></a>
+ <a href='/search?foo=bar&hoge=<fuga>'></a>
+ HTML
+ end
+ end
end
end