diff options
| author | Frederic Hemberger <mail@frederic-hemberger.de> | 2014-12-09 15:13:46 -0500 |
|---|---|---|
| committer | Timmy Willison <timmywillisn@gmail.com> | 2014-12-09 15:19:01 -0500 |
| commit | 58c24608210c9a9a264a38746628ebc26823f59b (patch) | |
| tree | f62d826814db8afba51396f02b46d16b32a48fed /test | |
| parent | 43faf6d1f922ba44a84c93f4ff2461d208b2bf48 (diff) | |
| download | jquery-58c24608210c9a9a264a38746628ebc26823f59b.tar.gz jquery-58c24608210c9a9a264a38746628ebc26823f59b.zip | |
Core: use document.implemenation.createHTMLDocument in jQuery.parseHTML
Close gh-1505
Diffstat (limited to 'test')
| -rw-r--r-- | test/unit/core.js | 18 | ||||
| -rw-r--r-- | test/unit/support.js | 8 |
2 files changed, 26 insertions, 0 deletions
diff --git a/test/unit/core.js b/test/unit/core.js index 66c02ac57..783a7462e 100644 --- a/test/unit/core.js +++ b/test/unit/core.js @@ -1367,6 +1367,24 @@ test("jQuery.parseHTML", function() { ok( jQuery.parseHTML("<#if><tr><p>This is a test.</p></tr><#/if>") || true, "Garbage input should not cause error" ); }); +// This XSS test is optional, as it will only pass when `document.implementation.createHTMLDocument` +// is implemented. This might not be the case for older Android browsers (<= 2.x). +if ( document.implementation.createHTMLDocument ) { + asyncTest("jQuery.parseHTML", function() { + expect ( 1 ); + + Globals.register("parseHTMLError"); + + jQuery.globalEval("parseHTMLError = false;"); + jQuery.parseHTML( "<img src=x onerror='parseHTMLError = true'>" ); + + window.setTimeout(function() { + start(); + equal( window.parseHTMLError, false, "onerror eventhandler has not been called." ); + }, 2000); + }); +} + test("jQuery.parseJSON", function() { expect( 20 ); diff --git a/test/unit/support.js b/test/unit/support.js index 11f15a33b..bed2c0414 100644 --- a/test/unit/support.js +++ b/test/unit/support.js @@ -61,6 +61,7 @@ testIframeWithCallback( "Check CSP (https://developer.mozilla.org/en-US/docs/Sec "checkOn": true, "clearCloneStyle": true, "cors": true, + "createHTMLDocument": true, "focusinBubbles": false, "noCloneChecked": true, "optDisabled": true, @@ -77,6 +78,7 @@ testIframeWithCallback( "Check CSP (https://developer.mozilla.org/en-US/docs/Sec "checkOn": true, "clearCloneStyle": false, "cors": true, + "createHTMLDocument": true, "focusinBubbles": true, "noCloneChecked": false, "optDisabled": true, @@ -93,6 +95,7 @@ testIframeWithCallback( "Check CSP (https://developer.mozilla.org/en-US/docs/Sec "checkOn": true, "clearCloneStyle": false, "cors": false, + "createHTMLDocument": true, "focusinBubbles": true, "noCloneChecked": false, "optDisabled": true, @@ -109,6 +112,7 @@ testIframeWithCallback( "Check CSP (https://developer.mozilla.org/en-US/docs/Sec "checkOn": true, "clearCloneStyle": true, "cors": true, + "createHTMLDocument": true, "focusinBubbles": false, "noCloneChecked": true, "optDisabled": true, @@ -125,6 +129,7 @@ testIframeWithCallback( "Check CSP (https://developer.mozilla.org/en-US/docs/Sec "checkOn": true, "clearCloneStyle": true, "cors": true, + "createHTMLDocument": true, "focusinBubbles": false, "noCloneChecked": true, "optDisabled": true, @@ -141,6 +146,7 @@ testIframeWithCallback( "Check CSP (https://developer.mozilla.org/en-US/docs/Sec "checkOn": true, "clearCloneStyle": true, "cors": true, + "createHTMLDocument": true, "focusinBubbles": false, "noCloneChecked": true, "optDisabled": true, @@ -157,6 +163,7 @@ testIframeWithCallback( "Check CSP (https://developer.mozilla.org/en-US/docs/Sec "checkOn": false, "clearCloneStyle": true, "cors": true, + "createHTMLDocument": true, "focusinBubbles": false, "noCloneChecked": true, "optDisabled": true, @@ -173,6 +180,7 @@ testIframeWithCallback( "Check CSP (https://developer.mozilla.org/en-US/docs/Sec "checkOn": false, "clearCloneStyle": false, "cors": true, + "createHTMLDocument": true, "focusinBubbles": false, "noCloneChecked": true, "optDisabled": false, |