Skip to content
Browse files

Ruby 2 compat. CGI.escapeHTML has changed the way it escapes apostrop…

…hes a few times, so fix up the test to work with however it chooses to escape.
  • Loading branch information...
1 parent b9999c5 commit 3f97ee8014bbadede64f7ea3147b1833fc34e536 @jeremy jeremy committed Oct 6, 2012
Showing with 1 addition and 1 deletion.
  1. +1 −1 actionpack/test/template/html-scanner/sanitizer_test.rb
View
2 actionpack/test/template/html-scanner/sanitizer_test.rb
@@ -233,7 +233,7 @@ def test_should_not_fall_for_ridiculous_hack
end
def test_should_sanitize_attributes
- assert_sanitized %(<SPAN title="'><script>alert()</script>">blah</SPAN>), %(<span title="'&gt;&lt;script&gt;alert()&lt;/script&gt;">blah</span>)
+ assert_sanitized %(<SPAN title="'><script>alert()</script>">blah</SPAN>), %(<span title="#{CGI.escapeHTML "'><script>alert()</script>"}">blah</span>)
end
def test_should_sanitize_illegal_style_properties

0 comments on commit 3f97ee8

Please sign in to comment.
Something went wrong with that request. Please try again.