rainbownapkin/fore.st
1
0
Fork 0
Code Issues 13 Pull requests Projects Releases Packages Wiki Activity Actions

deps: bump sanitize-html

Browse source
This commit is contained in:
Calvin Montgomery 2021-03-21 21:31:20 -07:00
parent 99559d8fda
commit 0b57f528bf
2 changed files with 8 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

8
test/xss.js
View file

@ -5,7 +5,13 @@ describe('XSS', () => {
describe('sanitizeHTML', () => {
it('behaves consistently w.r.t. special chars used in emotes', () => {
const input = '`^~=| _-,;:!?/."()[]{}@$*\\&#%+á\t';
const expected = '`^~=| _-,;:!?/."()[]{}@$*\\\\&#%+á\t';
const expected = '`^~=| _-,;:!?/."()[]{}@$*\\&#%+á\t';
assert.strictEqual(XSS.sanitizeHTML(input), expected);
});
it('disallows iframes', () => {
const input = '<iframe src="https://example.com"></iframe>';
const expected = '';
assert.strictEqual(XSS.sanitizeHTML(input), expected);
});
});