diff options
| author | Michael Koziarski <michael@koziarski.com> | 2009-10-15 09:58:35 +1300 |
|---|---|---|
| committer | Michael Koziarski <michael@koziarski.com> | 2009-10-15 09:58:35 +1300 |
| commit | 1d01bad3cedfd690c6d125cac6d4504baa9409e5 (patch) | |
| tree | 0a5850a54e6587a9e24fb9b45323191052aeee42 /actionpack/test | |
| parent | 5d5e34fa52183566968cb22f7c49544a7361a130 (diff) | |
| download | rails-1d01bad3cedfd690c6d125cac6d4504baa9409e5.tar.gz rails-1d01bad3cedfd690c6d125cac6d4504baa9409e5.tar.bz2 rails-1d01bad3cedfd690c6d125cac6d4504baa9409e5.zip | |
Make sure non-escaped urls aren't considered safe
Diffstat (limited to 'actionpack/test')
| -rw-r--r-- | actionpack/test/template/url_helper_test.rb | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/actionpack/test/template/url_helper_test.rb b/actionpack/test/template/url_helper_test.rb index cc3b2455d7..cec53e479c 100644 --- a/actionpack/test/template/url_helper_test.rb +++ b/actionpack/test/template/url_helper_test.rb @@ -26,6 +26,11 @@ class UrlHelperTest < ActionView::TestCase assert_equal "http://www.example.com?a=b&c=d", url_for(:a => 'b', :c => 'd', :escape => true) assert_equal "http://www.example.com?a=b&c=d", url_for(:a => 'b', :c => 'd', :escape => false) end + + def test_url_for_escaping_is_safety_aware + assert url_for(:a => 'b', :c => 'd', :escape => true).html_safe?, "escaped urls should be html_safe?" + assert !url_for(:a => 'b', :c => 'd', :escape => false).html_safe?, "non-escaped urls shouldn't be safe" + end def test_url_for_escapes_url_once @controller.url = "http://www.example.com?a=b&c=d" |