diff options
Diffstat (limited to 'actionpack/test/template')
-rw-r--r-- | actionpack/test/template/erb_util_test.rb | 2 | ||||
-rw-r--r-- | actionpack/test/template/form_helper_test.rb | 21 | ||||
-rw-r--r-- | actionpack/test/template/form_tag_helper_test.rb | 12 | ||||
-rw-r--r-- | actionpack/test/template/html-scanner/sanitizer_test.rb | 4 | ||||
-rw-r--r-- | actionpack/test/template/safe_buffer_test.rb | 41 | ||||
-rw-r--r-- | actionpack/test/template/subscriber_test.rb | 4 | ||||
-rw-r--r-- | actionpack/test/template/test_case_test.rb | 2 | ||||
-rw-r--r-- | actionpack/test/template/url_helper_test.rb | 7 |
8 files changed, 42 insertions, 51 deletions
diff --git a/actionpack/test/template/erb_util_test.rb b/actionpack/test/template/erb_util_test.rb index fa6b263965..06155b1f30 100644 --- a/actionpack/test/template/erb_util_test.rb +++ b/actionpack/test/template/erb_util_test.rb @@ -22,7 +22,7 @@ class ErbUtilTest < Test::Unit::TestCase end def test_html_escape_passes_html_escpe_unmodified - escaped = h("<p>".html_safe!) + escaped = h("<p>".html_safe) assert_equal "<p>", escaped assert escaped.html_safe? end diff --git a/actionpack/test/template/form_helper_test.rb b/actionpack/test/template/form_helper_test.rb index c97343fbe5..aafc318b76 100644 --- a/actionpack/test/template/form_helper_test.rb +++ b/actionpack/test/template/form_helper_test.rb @@ -451,6 +451,25 @@ class FormHelperTest < ActionView::TestCase assert_dom_equal expected, output_buffer end + def test_form_for_with_remote + form_for(:post, @post, :remote => true, :html => { :id => 'create-post', :method => :put }) do |f| + concat f.text_field(:title) + concat f.text_area(:body) + concat f.check_box(:secret) + end + + expected = + "<form action='http://www.example.com' id='create-post' method='post' data-remote='true'>" + + "<div style='margin:0;padding:0;display:inline'><input name='_method' type='hidden' value='put' /></div>" + + "<input name='post[title]' size='30' type='text' id='post_title' value='Hello World' />" + + "<textarea name='post[body]' id='post_body' rows='20' cols='40'>Back to the hill and over it again!</textarea>" + + "<input name='post[secret]' type='hidden' value='0' />" + + "<input name='post[secret]' checked='checked' type='checkbox' id='post_secret' value='1' />" + + "</form>" + + assert_dom_equal expected, output_buffer + end + def test_form_for_without_object form_for(:post, :html => { :id => 'create-post' }) do |f| concat f.text_field(:title) @@ -1151,7 +1170,7 @@ class FormHelperTest < ActionView::TestCase (field_helpers - %w(hidden_field)).each do |selector| src = <<-END_SRC def #{selector}(field, *args, &proc) - ("<label for='\#{field}'>\#{field.to_s.humanize}:</label> " + super + "<br/>").html_safe! + ("<label for='\#{field}'>\#{field.to_s.humanize}:</label> " + super + "<br/>").html_safe end END_SRC class_eval src, __FILE__, __LINE__ diff --git a/actionpack/test/template/form_tag_helper_test.rb b/actionpack/test/template/form_tag_helper_test.rb index 01bde8ea04..3635c7548e 100644 --- a/actionpack/test/template/form_tag_helper_test.rb +++ b/actionpack/test/template/form_tag_helper_test.rb @@ -53,6 +53,12 @@ class FormTagHelperTest < ActionView::TestCase assert_dom_equal expected, actual end + def test_form_tag_with_remote + actual = form_tag({}, :remote => true) + expected = %(<form action="http://www.example.com" method="post" data-remote="true">) + assert_dom_equal expected, actual + end + def test_form_tag_with_block_in_erb __in_erb_template = '' form_tag("http://example.com") { concat "Hello world!" } @@ -329,19 +335,19 @@ class FormTagHelperTest < ActionView::TestCase expected = %(<fieldset><legend>Your details</legend>Hello world!</fieldset>) assert_dom_equal expected, output_buffer - self.output_buffer = '' + self.output_buffer = ''.html_safe field_set_tag { concat "Hello world!" } expected = %(<fieldset>Hello world!</fieldset>) assert_dom_equal expected, output_buffer - self.output_buffer = '' + self.output_buffer = ''.html_safe field_set_tag('') { concat "Hello world!" } expected = %(<fieldset>Hello world!</fieldset>) assert_dom_equal expected, output_buffer - self.output_buffer = '' + self.output_buffer = ''.html_safe field_set_tag('', :class => 'format') { concat "Hello world!" } expected = %(<fieldset class="format">Hello world!</fieldset>) diff --git a/actionpack/test/template/html-scanner/sanitizer_test.rb b/actionpack/test/template/html-scanner/sanitizer_test.rb index e85a5c7abf..a6e760b0b6 100644 --- a/actionpack/test/template/html-scanner/sanitizer_test.rb +++ b/actionpack/test/template/html-scanner/sanitizer_test.rb @@ -48,7 +48,7 @@ class SanitizerTest < ActionController::TestCase assert_sanitized "a b c<script language=\"Javascript\">blah blah blah</script>d e f", "a b cd e f" end - # fucked + # TODO: Clean up def test_sanitize_js_handlers raw = %{onthis="do that" <a href="#" onclick="hello" name="foo" onbogus="remove me">hello</a>} assert_sanitized raw, %{onthis="do that" <a name="foo" href="#">hello</a>} @@ -193,7 +193,7 @@ class SanitizerTest < ActionController::TestCase assert_sanitized img_hack, "<img>" end - # fucked + # TODO: Clean up def test_should_sanitize_attributes assert_sanitized %(<SPAN title="'><script>alert()</script>">blah</SPAN>), %(<span title="'><script>alert()</script>">blah</span>) end diff --git a/actionpack/test/template/safe_buffer_test.rb b/actionpack/test/template/safe_buffer_test.rb deleted file mode 100644 index 6a18201d16..0000000000 --- a/actionpack/test/template/safe_buffer_test.rb +++ /dev/null @@ -1,41 +0,0 @@ -require 'abstract_unit' - -class SafeBufferTest < ActionView::TestCase - def setup - @buffer = ActionView::SafeBuffer.new - end - - test "Should look like a string" do - assert @buffer.is_a?(String) - assert_equal "", @buffer - end - - test "Should escape a raw string which is passed to them" do - @buffer << "<script>" - assert_equal "<script>", @buffer - end - - test "Should NOT escape a safe value passed to it" do - @buffer << "<script>".html_safe! - assert_equal "<script>", @buffer - end - - test "Should not mess with an innocuous string" do - @buffer << "Hello" - assert_equal "Hello", @buffer - end - - test "Should not mess with a previously escape test" do - @buffer << ERB::Util.html_escape("<script>") - assert_equal "<script>", @buffer - end - - test "Should be considered safe" do - assert @buffer.html_safe? - end - - test "Should return a safe buffer when calling to_s" do - new_buffer = @buffer.to_s - assert_equal ActionView::SafeBuffer, new_buffer.class - end -end diff --git a/actionpack/test/template/subscriber_test.rb b/actionpack/test/template/subscriber_test.rb index 5db2b16ac1..8bacab7088 100644 --- a/actionpack/test/template/subscriber_test.rb +++ b/actionpack/test/template/subscriber_test.rb @@ -33,7 +33,7 @@ class AVSubscriberTest < ActiveSupport::TestCase end def test_render_text_template - @view.render(:text => "OMG") + @view.render(:text => "TEXT") wait assert_equal 1, @logger.logged(:info).size @@ -41,7 +41,7 @@ class AVSubscriberTest < ActiveSupport::TestCase end def test_render_inline_template - @view.render(:inline => "<%= 'OMG' %>") + @view.render(:inline => "<%= 'TEXT' %>") wait assert_equal 1, @logger.logged(:info).size diff --git a/actionpack/test/template/test_case_test.rb b/actionpack/test/template/test_case_test.rb index 9a448ce328..be2c6b3108 100644 --- a/actionpack/test/template/test_case_test.rb +++ b/actionpack/test/template/test_case_test.rb @@ -160,7 +160,7 @@ module ActionView class AssertionsTest < ActionView::TestCase def render_from_helper form_tag('/foo') do - concat render(:text => '<ul><li>foo</li></ul>').html_safe! + safe_concat render(:text => '<ul><li>foo</li></ul>') end end helper_method :render_from_helper diff --git a/actionpack/test/template/url_helper_test.rb b/actionpack/test/template/url_helper_test.rb index b498ec8429..e904e88f49 100644 --- a/actionpack/test/template/url_helper_test.rb +++ b/actionpack/test/template/url_helper_test.rb @@ -81,6 +81,13 @@ class UrlHelperTest < ActionView::TestCase ) end + def test_button_to_with_remote_and_javascript_confirm + assert_dom_equal( + "<form method=\"post\" action=\"http://www.example.com\" class=\"button-to\" data-remote=\"true\"><div><input data-confirm=\"Are you sure?\" type=\"submit\" value=\"Hello\" /></div></form>", + button_to("Hello", "http://www.example.com", :remote => true, :confirm => "Are you sure?") + ) + end + def test_button_to_enabled_disabled assert_dom_equal( "<form method=\"post\" action=\"http://www.example.com\" class=\"button-to\"><div><input type=\"submit\" value=\"Hello\" /></div></form>", |