public/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-10-29 10:57:44 +09:00
Code Issues Packages Projects Releases Wiki Activity

Update to bluemonday-1.0.6 (#15294)

Browse Source 
Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
zeripath
2021-04-05 22:38:31 +01:00
committed by GitHub
parent e10d028b03
commit 04196b7658
14 changed files with 155 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
modules/markup/sanitizer_test.go
View File

@@ -6,6 +6,8 @@
package markup
import (
"html/template"
"strings"
"testing"
"github.com/stretchr/testify/assert"
@@ -50,3 +52,13 @@ func Test_Sanitizer(t *testing.T) {
assert.Equal(t, testCases[i+1], string(SanitizeBytes([]byte(testCases[i]))))
}
}
func TestSanitizeNonEscape(t *testing.T) {
descStr := "<scrİpt>&lt;script&gt;alert(document.domain)&lt;/script&gt;</scrİpt>"
output := template.HTML(Sanitize(string(descStr)))
if strings.Contains(string(output), "<script>") {
t.Errorf("un-escaped <script> in output: %q", output)
}
}