test "Escapes special HTML/XML characters" do ...

author: Philipp Kempgen <lists@kempgen.net> 2011-04-26 01:04:05 +0200
committer: root <root@debian.localdomain> 2011-04-26 01:05:41 +0200
commit: 474e313d02f0c8f9d821efe720bd5242e700233f (patch)
tree: bd3669c628853db157969ae485a6b22cd1430e22 /activesupport/test/core_ext/string_ext_test.rb
parent: 328a16b31ef6d8970a1d8fe4243c2973e4fd8b94 (diff)
download: rails-474e313d02f0c8f9d821efe720bd5242e700233f.tar.gz
rails-474e313d02f0c8f9d821efe720bd5242e700233f.tar.bz2
rails-474e313d02f0c8f9d821efe720bd5242e700233f.zip
1 files changed, 12 insertions, 0 deletions
diff --git a/activesupport/test/core_ext/string_ext_test.rb b/activesupport/test/core_ext/string_ext_test.rb
index bb865cae91..38b344b885 100644
--- a/activesupport/test/core_ext/string_ext_test.rb
+++ b/activesupport/test/core_ext/string_ext_test.rb
@@ -381,6 +381,18 @@ class OutputSafetyTest < ActiveSupport::TestCase
     assert !@other_combination.html_safe?
   end
 
+  test "Escapes special HTML/XML characters" do
+    @other_string = "other".html_safe
+    @combination = @other_string + "<foo>&\"'"
+    @other_combination = @string + "<foo>&\"'"
+
+    assert_equal "other&lt;foo&gt;&amp;&quot;&apos;", @combination
+    assert_equal "hello<foo>&\"'", @other_combination
+
+    assert @combination.html_safe?
+    assert !@other_combination.html_safe?
+  end
+
   test "Concatting safe onto unsafe yields unsafe" do
     @other_string = "other"
author	Philipp Kempgen <lists@kempgen.net>	2011-04-26 01:04:05 +0200
committer	root <root@debian.localdomain>	2011-04-26 01:05:41 +0200
commit	474e313d02f0c8f9d821efe720bd5242e700233f (patch)
tree	bd3669c628853db157969ae485a6b22cd1430e22 /activesupport/test/core_ext/string_ext_test.rb
parent	328a16b31ef6d8970a1d8fe4243c2973e4fd8b94 (diff)
download	rails-474e313d02f0c8f9d821efe720bd5242e700233f.tar.gz rails-474e313d02f0c8f9d821efe720bd5242e700233f.tar.bz2 rails-474e313d02f0c8f9d821efe720bd5242e700233f.zip