diff options
Diffstat (limited to 't')
-rwxr-xr-x | t/htmlize.t | 6 | ||||
-rw-r--r-- | t/javascript.mdwn | 2 |
2 files changed, 7 insertions, 1 deletions
diff --git a/t/htmlize.t b/t/htmlize.t index a9ccfedcb..670500a67 100755 --- a/t/htmlize.t +++ b/t/htmlize.t @@ -1,7 +1,7 @@ #!/usr/bin/perl use warnings; use strict; -use Test::More tests => 4; +use Test::More tests => 5; use Encode; BEGIN { use_ok("IkiWiki"); } @@ -19,3 +19,7 @@ is(IkiWiki::htmlize("foo", "mdwn", readfile("t/test1.mdwn")), "utf8; bug #373203"); ok(IkiWiki::htmlize("foo", "mdwn", readfile("t/test2.mdwn")), "this file crashes markdown if it's fed in as decoded utf-8"); +my $ret=IkiWiki::htmlize("foo", "mdwn", readfile("t/javascript.mdwn")); +ok($ret !~ /GOTCHA/, + "javascript.mdwn contains a number of attempts at getting + javascript that contains GOTCHA past the html sanitiser."); diff --git a/t/javascript.mdwn b/t/javascript.mdwn new file mode 100644 index 000000000..6a5805a70 --- /dev/null +++ b/t/javascript.mdwn @@ -0,0 +1,2 @@ +<a href="javascript:alert('GOTCHA')">click me</a> +<a href="javascript:alert('GOTCHA')">click me</a> |