Ruby 2 compat. CGI.escapeHTML has changed the way it escapes apostrop…

…hes a few times, so fix up the test to work with however it chooses to escape.
rails · Oct 7, 2012 · 3f97ee8 · 3f97ee8
1 parent b9999c5
commit 3f97ee8
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/actionpack/test/template/html-scanner/sanitizer_test.rb b/actionpack/test/template/html-scanner/sanitizer_test.rb
@@ -233,7 +233,7 @@ def test_should_not_fall_for_ridiculous_hack
   end
 
   def test_should_sanitize_attributes
-    assert_sanitized %(<SPAN title="'><script>alert()</script>">blah</SPAN>), %(<span title="'&gt;&lt;script&gt;alert()&lt;/script&gt;">blah</span>)
+    assert_sanitized %(<SPAN title="'><script>alert()</script>">blah</SPAN>), %(<span title="#{CGI.escapeHTML "'><script>alert()</script>"}">blah</span>)
   end
 
   def test_should_sanitize_illegal_style_properties