diff options
Diffstat (limited to 'test/unit/core.js')
| -rw-r--r-- | test/unit/core.js | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/test/unit/core.js b/test/unit/core.js index 66c02ac57..783a7462e 100644 --- a/test/unit/core.js +++ b/test/unit/core.js @@ -1367,6 +1367,24 @@ test("jQuery.parseHTML", function() { ok( jQuery.parseHTML("<#if><tr><p>This is a test.</p></tr><#/if>") || true, "Garbage input should not cause error" ); }); +// This XSS test is optional, as it will only pass when `document.implementation.createHTMLDocument` +// is implemented. This might not be the case for older Android browsers (<= 2.x). +if ( document.implementation.createHTMLDocument ) { + asyncTest("jQuery.parseHTML", function() { + expect ( 1 ); + + Globals.register("parseHTMLError"); + + jQuery.globalEval("parseHTMLError = false;"); + jQuery.parseHTML( "<img src=x onerror='parseHTMLError = true'>" ); + + window.setTimeout(function() { + start(); + equal( window.parseHTMLError, false, "onerror eventhandler has not been called." ); + }, 2000); + }); +} + test("jQuery.parseJSON", function() { expect( 20 ); |