From 58763243727e1aef9b2a8f0535c6b46792243565 Mon Sep 17 00:00:00 2001 From: Toshi MARUYAMA Date: Thu, 5 Dec 2019 11:25:24 +0000 Subject: filter all possibly class values on code tags in Textile (#25742) Contributed by Holger Just from Planio. git-svn-id: http://svn.redmine.org/redmine/trunk@19333 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- test/unit/lib/redmine/wiki_formatting/textile_formatter_test.rb | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'test/unit') diff --git a/test/unit/lib/redmine/wiki_formatting/textile_formatter_test.rb b/test/unit/lib/redmine/wiki_formatting/textile_formatter_test.rb index 61c5cdfb7..19128524e 100644 --- a/test/unit/lib/redmine/wiki_formatting/textile_formatter_test.rb +++ b/test/unit/lib/redmine/wiki_formatting/textile_formatter_test.rb @@ -562,9 +562,17 @@ class Redmine::WikiFormatting::TextileFormatterTest < ActionView::TestCase def test_should_not_allow_arbitrary_class_attribute_on_offtags %w(code pre kbd).each do |tag| assert_html_output({"<#{tag} class=\"foo\">test" => "<#{tag}>test"}, false) + assert_html_output({"<#{tag} class='foo'>test" => "<#{tag}>test"}, false) + assert_html_output({"<#{tag} class=\"ruby foo\">test" => "<#{tag}>test"}, false) + assert_html_output({"<#{tag} class='ruby foo'>test" => "<#{tag}>test"}, false) + assert_html_output({"<#{tag} class=\"ruby \"foo\" bar\">test" => "<#{tag}>test"}, false) end assert_html_output({"test" => "test"}, false) + assert_html_output({"test" => "test"}, false) + assert_html_output({"test" => "test"}, false) + assert_html_output({"test" => "test"}, false) + assert_html_output({"test" => "test"}, false) end def test_should_allow_valid_language_class_attribute_on_code_tags -- cgit v1.2.3