diff options
Diffstat (limited to 'internal/markup/sanitizer_test.go')
| -rw-r--r-- | internal/markup/sanitizer_test.go | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/internal/markup/sanitizer_test.go b/internal/markup/sanitizer_test.go new file mode 100644 index 00000000..06b10822 --- /dev/null +++ b/internal/markup/sanitizer_test.go @@ -0,0 +1,38 @@ +// Copyright 2017 The Gogs Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package markup_test + +import ( + "testing" + + . "github.com/smartystreets/goconvey/convey" + + . "gogs.io/gogs/internal/markup" +) + +func Test_Sanitizer(t *testing.T) { + NewSanitizer() + Convey("Sanitize HTML string and bytes", t, func() { + testCases := []string{ + // Regular + `<a onblur="alert(secret)" href="http://www.google.com">Google</a>`, `<a href="http://www.google.com" rel="nofollow">Google</a>`, + + // Code highlighting class + `<code class="random string"></code>`, `<code></code>`, + `<code class="language-random ui tab active menu attached animating sidebar following bar center"></code>`, `<code></code>`, + `<code class="language-go"></code>`, `<code class="language-go"></code>`, + + // Input checkbox + `<input type="hidden">`, ``, + `<input type="checkbox">`, `<input type="checkbox">`, + `<input checked disabled autofocus>`, `<input checked="" disabled="">`, + } + + for i := 0; i < len(testCases); i += 2 { + So(Sanitize(testCases[i]), ShouldEqual, testCases[i+1]) + So(string(SanitizeBytes([]byte(testCases[i]))), ShouldEqual, testCases[i+1]) + } + }) +} |