1
0

sanitizer_test.go 1.3 KB

12345678910111213141516171819202122232425262728293031323334353637383940
  1. // Copyright 2017 The Gogs Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package markup_test
  5. import (
  6. "testing"
  7. "github.com/stretchr/testify/assert"
  8. . "gogs.io/gogs/internal/markup"
  9. )
  10. func Test_Sanitizer(t *testing.T) {
  11. NewSanitizer()
  12. tests := []struct {
  13. input string
  14. expVal string
  15. }{
  16. // Regular
  17. {input: `<a onblur="alert(secret)" href="http://www.google.com">Google</a>`, expVal: `<a href="http://www.google.com" rel="nofollow">Google</a>`},
  18. // Code highlighting class
  19. {input: `<code class="random string"></code>`, expVal: `<code></code>`},
  20. {input: `<code class="language-random ui tab active menu attached animating sidebar following bar center"></code>`, expVal: `<code></code>`},
  21. {input: `<code class="language-go"></code>`, expVal: `<code class="language-go"></code>`},
  22. // Input checkbox
  23. {input: `<input type="hidden">`, expVal: ``},
  24. {input: `<input type="checkbox">`, expVal: `<input type="checkbox">`},
  25. {input: `<input checked disabled autofocus>`, expVal: `<input checked="" disabled="">`},
  26. }
  27. for _, test := range tests {
  28. t.Run(test.input, func(t *testing.T) {
  29. assert.Equal(t, test.expVal, Sanitize(test.input))
  30. assert.Equal(t, test.expVal, string(SanitizeBytes([]byte(test.input))))
  31. })
  32. }
  33. }