Add characterization test for sanitize-html
At various times in the past, upgrades in the sanitize-html library that changed behavior of HTML filtering have caused things like emotes to break unexpectedly. This commit adds a basic test to sanitize non-alphanumeric characters found in channels' emote codes so that if the library changes, the test will break and give a heads up that something changed.
This commit is contained in:
Calvin Montgomery
parent
53cee986c6
commit
6633e23aa3
2 changed files with 13 additions and 1 deletions
12
test/xss.js
Normal file
12
test/xss.js
Normal file
|
|
@ -0,0 +1,12 @@
|
|||
const assert = require('assert');
|
||||
const XSS = require('../lib/xss');
|
||||
|
||||
describe('XSS', () => {
|
||||
describe('sanitizeHTML', () => {
|
||||
it('behaves consistently w.r.t. special chars used in emotes', () => {
|
||||
const input = '`^~=| _-,;:!?/."()[]{}@$*\\&#%+á\t';
|
||||
const expected = '`^~=| _-,;:!?/."()[]{}@$*\\\\&#%+á\t';
|
||||
assert.strictEqual(XSS.sanitizeHTML(input), expected);
|
||||
});
|
||||
});
|
||||
});
|
||||
Loading…
Add table
Add a link
Reference in a new issue