-
Notifications
You must be signed in to change notification settings - Fork 1
/
strEscapeHtml.test.ts
43 lines (41 loc) · 2.43 KB
/
strEscapeHtml.test.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
import { describe, it, expect } from 'vitest';
import strEscapeHtml from '../../src/strEscapeHtml.js';
describe('str/strEscapeHtml', () => {
it('works', () => {
expect(strEscapeHtml('<div>Hey</div>')).toEqual('<div>Hey</div>');
expect(strEscapeHtml('<DIV>Hey</dIv>')).toEqual('<DIV>Hey</dIv>');
expect(strEscapeHtml('<img src="https://cdn.evil.net/abc/123.jpg>')).toEqual(
'<img src="https://cdn.evil.net/abc/123.jpg>'
);
expect(strEscapeHtml('<img src="https://cdn.evil.net/abc/123.jpg/>')).toEqual(
'<img src="https://cdn.evil.net/abc/123.jpg/>'
);
expect(strEscapeHtml('<img src="https://cdn.evil.net/abc/123.jpg />')).toEqual(
'<img src="https://cdn.evil.net/abc/123.jpg />'
);
expect(strEscapeHtml('<img src="https://cdn.evil.net/abc/123.jpg />')).toEqual(
'<img src="https://cdn.evil.net/abc/123.jpg />'
);
expect(strEscapeHtml('<script src="https://cdn.evil.net/abc/123.min.js?v=123abc"></script>')).toEqual(
'<script src="https://cdn.evil.net/abc/123.min.js?v=123abc"></script>'
);
expect(strEscapeHtml('<acceptedTag onLoad="javascript:malicious()" />')).toEqual(
'<acceptedTag onLoad="javascript:malicious()" />'
);
expect(strEscapeHtml("<script>evil.ready(function () { evil.hacking.start('now'); })</script>")).toEqual(
'<script>evil.ready(function () { evil.hacking.start('now'); })</script>'
);
expect(strEscapeHtml('<p><a>')).toEqual('<p><a>');
expect(strEscapeHtml('<b>sample</b> text with <div>tags</div>')).toEqual(
'<b>sample</b> text with <div>tags</div>'
);
expect(strEscapeHtml('<p>Test paragraph.</p><!-- Comment --> <a href="#fragment">Other text</a>')).toEqual(
'<p>Test paragraph.</p><!-- Comment --> <a href="#fragment">Other text</a>'
);
expect(strEscapeHtml('foo')).toEqual('foo');
expect(strEscapeHtml('a && b')).toEqual('a && b');
expect(strEscapeHtml('"foo"')).toEqual('"foo"');
expect(strEscapeHtml("'bar'")).toEqual(''bar'');
expect(strEscapeHtml('<div>')).toEqual('<div>');
});
});