diff options
| author | Joey Hess <joey@kodama.kitenet.net> | 2008-02-10 03:38:30 -0500 |
|---|---|---|
| committer | Joey Hess <joey@kodama.kitenet.net> | 2008-02-10 03:38:30 -0500 |
| commit | e9a215982b6e522f21653d2d164abcb7246b0f77 (patch) | |
| tree | d8dfbcaa18a40202cf2a997f5853d5719ea4ac98 | |
| parent | 973ea501907113ea750ea77d54890a75c71fcf68 (diff) | |
| download | ikiwiki-e9a215982b6e522f21653d2d164abcb7246b0f77.tar ikiwiki-e9a215982b6e522f21653d2d164abcb7246b0f77.tar.gz | |
new test case
| -rwxr-xr-x | t/htmlize.t | 6 | ||||
| -rw-r--r-- | t/javascript.mdwn | 2 |
2 files changed, 7 insertions, 1 deletions
diff --git a/t/htmlize.t b/t/htmlize.t index a9ccfedcb..670500a67 100755 --- a/t/htmlize.t +++ b/t/htmlize.t @@ -1,7 +1,7 @@ #!/usr/bin/perl use warnings; use strict; -use Test::More tests => 4; +use Test::More tests => 5; use Encode; BEGIN { use_ok("IkiWiki"); } @@ -19,3 +19,7 @@ is(IkiWiki::htmlize("foo", "mdwn", readfile("t/test1.mdwn")), "utf8; bug #373203"); ok(IkiWiki::htmlize("foo", "mdwn", readfile("t/test2.mdwn")), "this file crashes markdown if it's fed in as decoded utf-8"); +my $ret=IkiWiki::htmlize("foo", "mdwn", readfile("t/javascript.mdwn")); +ok($ret !~ /GOTCHA/, + "javascript.mdwn contains a number of attempts at getting + javascript that contains GOTCHA past the html sanitiser."); diff --git a/t/javascript.mdwn b/t/javascript.mdwn new file mode 100644 index 000000000..6a5805a70 --- /dev/null +++ b/t/javascript.mdwn @@ -0,0 +1,2 @@ +<a href="javascript:alert('GOTCHA')">click me</a> +<a href="javascript:alert('GOTCHA')">click me</a> |