Skip to content

Commit

Permalink
test: clean up tests by using the helpers
Browse files Browse the repository at this point in the history
  • Loading branch information
@flavorjones
flavorjones committed Jun 9, 2022
1 parent fe109c9 commit 045774a
Showing 1 changed file with 2 additions and 4 deletions.
6 changes: 2 additions & 4 deletions test/sanitizer_test.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,11 @@ def test_sanitizer_sanitize_raises_not_implemented_error
end

def test_sanitize_nested_script
sanitizer = Rails::Html::SafeListSanitizer.new
assert_equal '&lt;script&gt;alert("XSS");&lt;/script&gt;', sanitizer.sanitize('<script><script></script>alert("XSS");<script><</script>/</script><script>script></script>', tags: %w(em))
assert_equal '&lt;script&gt;alert("XSS");&lt;/script&gt;', safe_list_sanitize('<script><script></script>alert("XSS");<script><</script>/</script><script>script></script>', tags: %w(em))
end

def test_sanitize_nested_script_in_style
sanitizer = Rails::Html::SafeListSanitizer.new
assert_equal '&lt;script&gt;alert("XSS");&lt;/script&gt;', sanitizer.sanitize('<style><script></style>alert("XSS");<style><</style>/</style><style>script></style>', tags: %w(em))
assert_equal '&lt;script&gt;alert("XSS");&lt;/script&gt;', safe_list_sanitize('<style><script></style>alert("XSS");<style><</style>/</style><style>script></style>', tags: %w(em))
end

class XpathRemovalTestSanitizer < Rails::Html::Sanitizer
Expand Down

0 comments on commit 045774a

Please sign in to comment.