From 47bf19c8485ecead7280019c4815a2ed4f2161d5 Mon Sep 17 00:00:00 2001
From: rohit <rohit.arondekar@gmail.com>
Date: Tue, 8 Jun 2010 16:52:48 +0530
Subject: Made markdown honor :safe option and handle safe input. Also added
 tests for markdown.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[#4794 state:resolved]

Signed-off-by: José Valim <jose.valim@gmail.com>
---
 actionpack/test/template/text_helper_test.rb | 36 ++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

(limited to 'actionpack/test')

diff --git a/actionpack/test/template/text_helper_test.rb b/actionpack/test/template/text_helper_test.rb
index 8c4711451e..64f1d46413 100644
--- a/actionpack/test/template/text_helper_test.rb
+++ b/actionpack/test/template/text_helper_test.rb
@@ -7,6 +7,12 @@ rescue LoadError
   $stderr.puts "Skipping textilize tests. `gem install RedCloth` to enable."
 end
 
+begin
+  require 'bluecloth'
+rescue LoadError
+  $stderr.puts "Skipping markdown tests. 'gem install bluecloth' to enable."
+end
+
 class TextHelperTest < ActionView::TestCase
   tests ActionView::Helpers::TextHelper
   include TestingSandbox
@@ -726,4 +732,34 @@ class TextHelperTest < ActionView::TestCase
       assert_equal("This is one scary world.<br />\n True.", textilize_without_paragraph("This is one scary world.\n True."))
     end
   end
+
+  if defined? BlueCloth
+    def test_markdown_should_be_html_safe
+      assert markdown("We are using __Markdown__ now!").html_safe?
+    end
+
+    def test_markdown
+      assert_equal("<p>We are using <strong>Markdown</strong> now!</p>", markdown("We are using __Markdown__ now!"))
+    end
+
+    def test_markdown_with_blank
+      assert_equal("", markdown(""))
+    end
+
+    def test_markdown_should_sanitize_unsafe_input
+      assert_equal("<p>This is worded <strong>strongly</strong></p>", markdown("This is worded <strong>strongly</strong><script>code!</script>"))
+    end
+
+    def test_markdown_should_not_sanitize_input_if_safe_option
+      assert_equal("<p>This is worded <strong>strongly</strong><script>code!</script></p>", markdown("This is worded <strong>strongly</strong><script>code!</script>", :safe))
+    end
+
+    def test_markdown_should_not_sanitize_safe_input
+      assert_equal("<p>This is worded <strong>strongly</strong><script>code!</script></p>", markdown("This is worded <strong>strongly</strong><script>code!</script>".html_safe))
+    end
+
+    def test_markdown_with_hard_breaks
+      assert_equal("<p>This is one scary world.</p>\n\n<p>True.</p>", markdown("This is one scary world.\n\nTrue."))
+    end
+  end
 end
-- 
cgit v1.2.3