From b451de0d6de4df6bc66b274cec73b919f823d5ae Mon Sep 17 00:00:00 2001
From: Santiago Pastorino <santiago@wyeworks.com>
Date: Sat, 14 Aug 2010 02:13:00 -0300
Subject: Deletes trailing whitespaces (over text files only find * -type f
 -exec sed 's/[ \t]*$//' -i {} \;)

---
 .../test/template/html-scanner/sanitizer_test.rb   | 34 +++++++++++-----------
 1 file changed, 17 insertions(+), 17 deletions(-)

(limited to 'actionpack/test/template/html-scanner/sanitizer_test.rb')

diff --git a/actionpack/test/template/html-scanner/sanitizer_test.rb b/actionpack/test/template/html-scanner/sanitizer_test.rb
index c9edde8892..3e80317b30 100644
--- a/actionpack/test/template/html-scanner/sanitizer_test.rb
+++ b/actionpack/test/template/html-scanner/sanitizer_test.rb
@@ -24,11 +24,11 @@ class SanitizerTest < ActionController::TestCase
 
   def test_strip_links
     sanitizer = HTML::LinkSanitizer.new
-    assert_equal "Dont touch me", sanitizer.sanitize("Dont touch me")    
+    assert_equal "Dont touch me", sanitizer.sanitize("Dont touch me")
     assert_equal "on my mind\nall day long", sanitizer.sanitize("<a href='almost'>on my mind</a>\n<A href='almost'>all day long</A>")
-    assert_equal "0wn3d", sanitizer.sanitize("<a href='http://www.rubyonrails.com/'><a href='http://www.rubyonrails.com/' onlclick='steal()'>0wn3d</a></a>") 
-    assert_equal "Magic", sanitizer.sanitize("<a href='http://www.rubyonrails.com/'>Mag<a href='http://www.ruby-lang.org/'>ic") 
-    assert_equal "FrrFox", sanitizer.sanitize("<href onlclick='steal()'>FrrFox</a></href>") 
+    assert_equal "0wn3d", sanitizer.sanitize("<a href='http://www.rubyonrails.com/'><a href='http://www.rubyonrails.com/' onlclick='steal()'>0wn3d</a></a>")
+    assert_equal "Magic", sanitizer.sanitize("<a href='http://www.rubyonrails.com/'>Mag<a href='http://www.ruby-lang.org/'>ic")
+    assert_equal "FrrFox", sanitizer.sanitize("<href onlclick='steal()'>FrrFox</a></href>")
     assert_equal "My mind\nall <b>day</b> long", sanitizer.sanitize("<a href='almost'>My mind</a>\n<A href='almost'>all <b>day</b> long</A>")
     assert_equal "all <b>day</b> long", sanitizer.sanitize("<<a>a href='hello'>all <b>day</b> long<</A>/a>")
 
@@ -58,7 +58,7 @@ class SanitizerTest < ActionController::TestCase
     raw = %{href="javascript:bang" <a href="javascript:bang" name="hello">foo</a>, <span href="javascript:bang">bar</span>}
     assert_sanitized raw, %{href="javascript:bang" <a name="hello">foo</a>, <span>bar</span>}
   end
-  
+
   def test_sanitize_image_src
     raw = %{src="javascript:bang" <img src="javascript:bang" width="5">foo</img>, <span src="javascript:bang">bar</span>}
     assert_sanitized raw, %{src="javascript:bang" <img width="5">foo</img>, <span>bar</span>}
@@ -147,9 +147,9 @@ class SanitizerTest < ActionController::TestCase
     assert_sanitized %(<SCRIPT\nSRC=http://ha.ckers.org/xss.js></SCRIPT>), ""
   end
 
-  [%(<IMG SRC="javascript:alert('XSS');">), 
-   %(<IMG SRC=javascript:alert('XSS')>), 
-   %(<IMG SRC=JaVaScRiPt:alert('XSS')>), 
+  [%(<IMG SRC="javascript:alert('XSS');">),
+   %(<IMG SRC=javascript:alert('XSS')>),
+   %(<IMG SRC=JaVaScRiPt:alert('XSS')>),
    %(<IMG """><SCRIPT>alert("XSS")</SCRIPT>">),
    %(<IMG SRC=javascript:alert(&quot;XSS&quot;)>),
    %(<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>),
@@ -166,28 +166,28 @@ class SanitizerTest < ActionController::TestCase
       assert_sanitized img_hack, "<img>"
     end
   end
-  
+
   def test_should_sanitize_tag_broken_up_by_null
     assert_sanitized %(<SCR\0IPT>alert(\"XSS\")</SCR\0IPT>), "alert(\"XSS\")"
   end
-  
+
   def test_should_sanitize_invalid_script_tag
     assert_sanitized %(<SCRIPT/XSS SRC="http://ha.ckers.org/xss.js"></SCRIPT>), ""
   end
-  
+
   def test_should_sanitize_script_tag_with_multiple_open_brackets
     assert_sanitized %(<<SCRIPT>alert("XSS");//<</SCRIPT>), "&lt;"
     assert_sanitized %(<iframe src=http://ha.ckers.org/scriptlet.html\n<a), %(&lt;a)
   end
-  
+
   def test_should_sanitize_unclosed_script
     assert_sanitized %(<SCRIPT SRC=http://ha.ckers.org/xss.js?<B>), "<b>"
   end
-  
+
   def test_should_sanitize_half_open_scripts
     assert_sanitized %(<IMG SRC="javascript:alert('XSS')"), "<img>"
   end
-  
+
   def test_should_not_fall_for_ridiculous_hack
     img_hack = %(<IMG\nSRC\n=\n"\nj\na\nv\na\ns\nc\nr\ni\np\nt\n:\na\nl\ne\nr\nt\n(\n'\nX\nS\nS\n'\n)\n"\n>)
     assert_sanitized img_hack, "<img>"
@@ -214,15 +214,15 @@ class SanitizerTest < ActionController::TestCase
     raw = %(-moz-binding:url('http://ha.ckers.org/xssmoz.xml#xss'))
     assert_equal '', sanitize_css(raw)
   end
-  
+
   def test_should_sanitize_invalid_tag_names
     assert_sanitized(%(a b c<script/XSS src="http://ha.ckers.org/xss.js"></script>d e f), "a b cd e f")
   end
-  
+
   def test_should_sanitize_non_alpha_and_non_digit_characters_in_tags
     assert_sanitized('<a onclick!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>foo</a>', "<a>foo</a>")
   end
-  
+
   def test_should_sanitize_invalid_tag_names_in_single_tags
     assert_sanitized('<img/src="http://ha.ckers.org/xss.js"/>', "<img />")
   end
-- 
cgit v1.2.3