Skip to content
Browse files

Add an addition XSS test

  • Loading branch information...
1 parent 2048424 commit c5ef0227134eaca79400f1d92d955d10654e1945 Matt Sanford committed
Showing with 6 additions and 1 deletion.
  1. +6 −1 autolink.yml
7 autolink.yml
@@ -339,6 +339,11 @@ tests:
- description: "Autolink URL should link urls with very long paths"
text: "Check out"
expected: "Check out <a href=\"\"></a>"
+ - description: "Autolink URL should HTML escape the URL"
+ text: "example:\"onmousedown=\"alert('foo')\" style=background-color:yellow;color:yellow;\"/"
+ expected: "example: <a href=\"\"></a>@\"onmousedown=\"alert('foo')\" style=background-color:yellow;color:yellow;\"/"
- description: "Autolink all does not break on URL with @"
text: " if you know what's good for you."
@@ -348,6 +353,6 @@ tests:
text: "Check out:"
expected: "Check out: <a href=\"\"></a>&@<a class=\"tweet-url username\" href=\"\">chasesechrist</a>"
- - description: "Currently handles URL follower directly by @user"
+ - description: "Correctly handles URL follower directly by @user"
text: "See:"
expected: "See: <a href=\"\"></a>@<a class=\"tweet-url username\" href=\"\">user</a>"

0 comments on commit c5ef022

Please sign in to comment.
Something went wrong with that request. Please try again.