CyTube/test/xss.js
Calvin Montgomery 6633e23aa3 Add characterization test for sanitize-html
At various times in the past, upgrades in the sanitize-html library that
changed behavior of HTML filtering have caused things like emotes to
break unexpectedly.  This commit adds a basic test to sanitize
non-alphanumeric characters found in channels' emote codes so that if
the library changes, the test will break and give a heads up that
something changed.
2017-06-17 09:47:22 -07:00

13 lines
448 B
JavaScript

const assert = require('assert');
const XSS = require('../lib/xss');
describe('XSS', () => {
describe('sanitizeHTML', () => {
it('behaves consistently w.r.t. special chars used in emotes', () => {
const input = '`^~=| _-,;:!?/."()[]{}@$*\\&#%+á\t';
const expected = '`^~=| _-,;:!?/."()[]{}@$*\\\\&#%+á\t';
assert.strictEqual(XSS.sanitizeHTML(input), expected);
});
});
});