test: Add test cases for various Svelte components handling unsafe HTML #2
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request adds a comprehensive set of new test fixtures for Svelte files, focusing on scenarios involving unsafe raw HTML insertion, comment handling, control flow blocks, and malformed HTML. The changes improve coverage for edge cases in HTML sanitization warnings and the handling of ignore comments in Svelte templates.
Test coverage for unsafe HTML insertion and ignore comments
{@html ...}with and without ignore comments, ensuring warnings are correctly emitted or suppressed. (ComplexExpression.svelte,ComplexExpression.expected.json,ComplexExpressionWithComment.svelte, `ComplexExpressionWithComment.expected.jThis pull request adds several new Svelte test fixtures and their expected JSON outputs to improve coverage of unsafe raw HTML insertion detection and comment-based ignore logic. The changes focus on verifying that warnings are correctly generated for unsafe HTML insertions, and that the presence of ignore comments suppresses these warnings as intended. Additionally, tests are included for edge cases such as empty files, comments, malformed HTML, and expressions inside control flow blocks.
Unsafe HTML detection and ignore comment handling:
ComplexExpression.svelte,ComplexExpressionWithComment.svelte,InsideEach.svelte,InsideEachWithComment.svelte,InsideIf.svelte,InsideIfWithComment.svelte) to verify that warnings are raised for unsafe raw HTML insertions, and that these warnings are suppressed when thesvelte-ignore unsafe_htmlcomment is present.Edge case and miscellaneous test coverage:
Empty.svelte,EmptyWithComment.svelte,EmptyWithComment.svelte,OneUnsafeWithIgnoreComment.expected.jsonrenamed).InComments.svelte,InComments.expected.json).MalformedHTML.svelte,MalformedHTML.expected.json).{#each}and{#if}blocks, including versions with ignore comments to verify warning suppression. (InsideEach.svelte,InsideEach.expected.json,InsideEachWithComment.svelte,InsideEachWithComment.expected.json,InsideIf.svelte,InsideIf.expected.json,InsideIfWithComment.svelte,InsideIfWithComment.expected.json)Edge case handling and miscellaneous scenarios
{@html ...}usages to confirm no false positives in warning generation. (EmptyWithComment.svelte,EmptyWithComment.expected.json,InComments.svelte,InComments.expected.json,Empty.svelte,Empty.expected.json)File renaming for clarity
OneUnsafeWithIgnoreComment.expected.jsontoOneUnsafeWithComment.expected.jsonto better reflect the fixture's content.These additions ensure the test suite robustly covers various Svelte template scenarios, improving reliability and accuracy of HTML sanitization checks.