Add characterization test for sanitize-html
At various times in the past, upgrades in the sanitize-html library that changed behavior of HTML filtering have caused things like emotes to break unexpectedly. This commit adds a basic test to sanitize non-alphanumeric characters found in channels' emote codes so that if the library changes, the test will break and give a heads up that something changed.
This commit is contained in:
Calvin Montgomery
parent
53cee986c6
commit
6633e23aa3
|
|
@ -2,7 +2,7 @@
|
||||||
"author": "Calvin Montgomery",
|
"author": "Calvin Montgomery",
|
||||||
"name": "CyTube",
|
"name": "CyTube",
|
||||||
"description": "Online media synchronizer and chat",
|
"description": "Online media synchronizer and chat",
|
||||||
"version": "3.38.1",
|
"version": "3.38.2",
|
||||||
"repository": {
|
"repository": {
|
||||||
"url": "http://github.com/calzoneman/sync"
|
"url": "http://github.com/calzoneman/sync"
|
||||||
},
|
},
|
||||||
|
|
|
||||||
12
test/xss.js
Normal file
12
test/xss.js
Normal file
|
|
@ -0,0 +1,12 @@
|
||||||
|
const assert = require('assert');
|
||||||
|
const XSS = require('../lib/xss');
|
||||||
|
|
||||||
|
describe('XSS', () => {
|
||||||
|
describe('sanitizeHTML', () => {
|
||||||
|
it('behaves consistently w.r.t. special chars used in emotes', () => {
|
||||||
|
const input = '`^~=| _-,;:!?/."()[]{}@$*\\&#%+á\t';
|
||||||
|
const expected = '`^~=| _-,;:!?/."()[]{}@$*\\\\&#%+á\t';
|
||||||
|
assert.strictEqual(XSS.sanitizeHTML(input), expected);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
Loading…
Reference in a new issue