Adds tests for class attribute parsing on pre/code tags.

author Jean-Philippe Lang <jp_lang@yahoo.fr>

Sat, 18 Dec 2010 17:21:57 +0000 (17:21 +0000)

committer Jean-Philippe Lang <jp_lang@yahoo.fr>

Sat, 18 Dec 2010 17:21:57 +0000 (17:21 +0000)
author Jean-Philippe Lang <jp_lang@yahoo.fr>
Sat, 18 Dec 2010 17:21:57 +0000 (17:21 +0000)
committer Jean-Philippe Lang <jp_lang@yahoo.fr>
Sat, 18 Dec 2010 17:21:57 +0000 (17:21 +0000)
diff --git a/test/unit/helpers/application_helper_test.rb b/test/unit/helpers/application_helper_test.rb

index 4835b340ae2ffdd025ad7322b2a36cae7917288b..4610bee3c3a860a3fa234b84194f76c337eb5593 100644 (file)
--- a/test/unit/helpers/application_helper_test.rb
+++ b/test/unit/helpers/application_helper_test.rb
@@ -279,6 +279,9 @@ RAW
        "<pre class='foo bar'>some text</pre>" => "<pre class='foo bar'>some text</pre>",
        '<pre class="foo bar">some text</pre>' => '<pre class="foo bar">some text</pre>',
        "<pre onmouseover='alert(1)'>some text</pre>" => "<pre>some text</pre>",
+      # xss
+      '<pre><code class=""onmouseover="alert(1)">text</code></pre>' => '<pre><code>text</code></pre>',
+      '<pre class=""onmouseover="alert(1)">text</pre>' => '<pre>text</pre>',
      }
      to_test.each { |text, result| assert_equal result, textilizable(text) }
    end
author	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Sat, 18 Dec 2010 17:21:57 +0000 (17:21 +0000)
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Sat, 18 Dec 2010 17:21:57 +0000 (17:21 +0000)