jro_apps/redmine Commit - r4423:a7595ec19154

Adds tests for class attribute parsing on pre/code tags....

Jean-Philippe Lang -

r4423:a7595ec19154

parent child

Context file:

r4423:a7595ec19154

test/unit/helpers/application_helper_test.rb +3 0

                   "<pre class='foo bar'>some text</pre>" => "<pre class='foo bar'>some text</pre>",
                   '<pre class="foo bar">some text</pre>' => '<pre class="foo bar">some text</pre>',
                   "<pre onmouseover='alert(1)'>some text</pre>" => "<pre>some text</pre>",
+                  # xss
+                  '<pre><code class=""onmouseover="alert(1)">text</code></pre>' => '<pre><code>text</code></pre>',
+                  '<pre class=""onmouseover="alert(1)">text</pre>' => '<pre>text</pre>',
                 }
                 to_test.each { |text, result| assert_equal result, textilizable(text) }
               end

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages