diff options
author | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2012-08-05 21:21:14 -0300 |
---|---|---|
committer | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2012-08-05 21:21:14 -0300 |
commit | 5edfc463484827df364a1e589677d5c84dfac282 (patch) | |
tree | 1ea518ee224e033d2a4e28d1819bb0de6544f6e6 | |
parent | 39f4f289931ebe85b04624b4be8522d68e2c7620 (diff) | |
download | rails-5edfc463484827df364a1e589677d5c84dfac282.tar.gz rails-5edfc463484827df364a1e589677d5c84dfac282.tar.bz2 rails-5edfc463484827df364a1e589677d5c84dfac282.zip |
Don't use `html_escape` to test the escaping
-rw-r--r-- | actionpack/test/template/form_options_helper_test.rb | 2 | ||||
-rw-r--r-- | actionpack/test/template/form_tag_helper_test.rb | 2 | ||||
-rw-r--r-- | actionpack/test/template/text_helper_test.rb | 2 | ||||
-rw-r--r-- | actionpack/test/template/url_helper_test.rb | 2 |
4 files changed, 4 insertions, 4 deletions
diff --git a/actionpack/test/template/form_options_helper_test.rb b/actionpack/test/template/form_options_helper_test.rb index 682ffdcc18..d234e6633c 100644 --- a/actionpack/test/template/form_options_helper_test.rb +++ b/actionpack/test/template/form_options_helper_test.rb @@ -1124,7 +1124,7 @@ class FormOptionsHelperTest < ActionView::TestCase def test_options_for_select_with_element_attributes assert_dom_equal( - "<option value=\"<Denmark>\" class=\"bold\"><Denmark></option>\n<option value=\"USA\" onclick=\"" + ERB::Util.html_escape("alert('Hello World');") + "\">USA</option>\n<option value=\"Sweden\">Sweden</option>\n<option value=\"Germany\">Germany</option>", + "<option value=\"<Denmark>\" class=\"bold\"><Denmark></option>\n<option value=\"USA\" onclick=\"alert('Hello World');\">USA</option>\n<option value=\"Sweden\">Sweden</option>\n<option value=\"Germany\">Germany</option>", options_for_select([ [ "<Denmark>", { :class => 'bold' } ], [ "USA", { :onclick => "alert('Hello World');" } ], [ "Sweden" ], "Germany" ]) ) end diff --git a/actionpack/test/template/form_tag_helper_test.rb b/actionpack/test/template/form_tag_helper_test.rb index 9a85b1b553..81ba92f2e6 100644 --- a/actionpack/test/template/form_tag_helper_test.rb +++ b/actionpack/test/template/form_tag_helper_test.rb @@ -379,7 +379,7 @@ class FormTagHelperTest < ActionView::TestCase def test_submit_tag assert_dom_equal( - %(<input name='commit' data-disable-with="Saving..." onclick=") + ERB::Util.html_escape("alert('hello!')") + %(" type="submit" value="Save" />), + %(<input name='commit' data-disable-with="Saving..." onclick="alert('hello!')" type="submit" value="Save" />), submit_tag("Save", :onclick => "alert('hello!')", :data => { :disable_with => "Saving..." }) ) end diff --git a/actionpack/test/template/text_helper_test.rb b/actionpack/test/template/text_helper_test.rb index 75ec1d8f16..c0f694b2bf 100644 --- a/actionpack/test/template/text_helper_test.rb +++ b/actionpack/test/template/text_helper_test.rb @@ -149,7 +149,7 @@ class TextHelperTest < ActionView::TestCase end def test_truncate_with_block_should_escape_the_block - assert_equal "Here is a long test and ...<script>" + ERB::Util.html_escape("alert('foo');") + "</script>", + assert_equal "Here is a long test and ...<script>alert('foo');</script>", truncate("Here is a long test and I need a continue to read link", :length => 27) { "<script>alert('foo');</script>" } end diff --git a/actionpack/test/template/url_helper_test.rb b/actionpack/test/template/url_helper_test.rb index 2c67b2210b..f9f8c36fff 100644 --- a/actionpack/test/template/url_helper_test.rb +++ b/actionpack/test/template/url_helper_test.rb @@ -244,7 +244,7 @@ class UrlHelperTest < ActiveSupport::TestCase def test_link_tag_with_custom_onclick link = link_to("Hello", "http://www.example.com", :onclick => "alert('yay!')") - expected = %{<a href="http://www.example.com" onclick="} + ERB::Util.html_escape("alert('yay!')") + %{">Hello</a>} + expected = %{<a href="http://www.example.com" onclick="alert('yay!')">Hello</a>} assert_dom_equal expected, link end |