tobi / liquid
watch download tarball
public
Forks39Right
Watchers401Right
Description: Liquid markup language. Save, customer facing template language for flexible web apps.
Homepage: http://www.liquidmarkup.org
Clone URL: git://github.com/tobi/liquid.git
Click here to lend your support to: liquid and make a donation at www.pledgie.com !
liquid / test / security_test.rb
100644 41 lines (29 sloc) 1.344 kb
raw blame history 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

require File.dirname(__FILE__) + '/helper'
 
module SecurityFilter
  def add_one(input)
    "#{input} + 1"
  end
end
 
class SecurityTest < Test::Unit::TestCase
  include Liquid
 
  def test_no_instance_eval
    text = %( {{ '1+1' | instance_eval }} )
    expected = %! Liquid error: Error - filter 'instance_eval' in ''1+1' | instance_eval' could not be found. !
        
    assert_equal expected, Template.parse(text).render(@assigns)
  end
  
  def test_no_existing_instance_eval
    text = %( {{ '1+1' | __instance_eval__ }} )
    expected = %! Liquid error: Error - filter '__instance_eval__' in ''1+1' | __instance_eval__' could not be found. !
        
    assert_equal expected, Template.parse(text).render(@assigns)
  end
  
 
  def test_no_instance_eval_after_mixing_in_new_filter
    text = %( {{ '1+1' | instance_eval }} )
    expected = %! Liquid error: Error - filter 'instance_eval' in ''1+1' | instance_eval' could not be found. !
  
    assert_equal expected, Template.parse(text).render(@assigns)
  end
 
 
  def test_no_instance_eval_later_in_chain
    text = %( {{ '1+1' | add_one | instance_eval }} )
    expected = %! Liquid error: Error - filter 'instance_eval' in ''1+1' | add_one | instance_eval' could not be found. !
  
    assert_equal expected, Template.parse(text).render(@assigns, :filters => SecurityFilter)
  end
end