require 'abstract_unit'
require 'testing_sandbox'
# The exhaustive tests are in test/controller/html/sanitizer_test.rb.
# This tests the that the helpers hook up correctly to the sanitizer classes.
class SanitizeHelperTest < Test::Unit::TestCase
include ActionView::Helpers::SanitizeHelper
include ActionView::Helpers::TagHelper
include TestingSandbox
def test_strip_links
assert_equal "Dont touch me", strip_links("Dont touch me")
assert_equal "on my mind\nall day long")
assert_equal "0wn3d", strip_links("0wn3d")
assert_equal "Magic", strip_links("Magic")
assert_equal "FrrFox", strip_links("FrrFox")
assert_equal "My mind\nall day long", strip_links("My mind\nall day long")
assert_equal "all day long", strip_links("<a href='hello'>all day long</a>")
end
def test_sanitize_form
assert_sanitized "
", ''
end
def test_should_sanitize_illegal_style_properties
raw = %(display:block; position:absolute; left:0; top:0; width:100%; height:100%; z-index:1; background-color:black; background-image:url(http://www.ragingplatypus.com/i/cam-full.jpg); background-x:center; background-y:center; background-repeat:repeat;)
expected = %(display: block; width: 100%; height: 100%; background-color: black; background-image: ; background-x: center; background-y: center;)
assert_equal expected, sanitize_css(raw)
end
def test_strip_tags
assert_equal("<<"))
assert_equal("Dont touch me", strip_tags("Dont touch me"))
assert_equal("This is a test.", strip_tags("This is a test.
"))
assert_equal("Weirdos", strip_tags("Wei<a onclick='alert(document.cookie);'/>rdos"))
assert_equal("This is a test.", strip_tags("This is a test."))
assert_equal(
%{This is a test.\n\n\nIt no longer contains any HTML.\n}, strip_tags(
%{This is a test.\n\n\n\nIt no longer contains any HTML.
\n}))
assert_equal "This has a here.", strip_tags("This has a here.")
[nil, '', ' '].each { |blank| assert_equal blank, strip_tags(blank) }
end
def assert_sanitized(text, expected = nil)
assert_equal((expected || text), sanitize(text))
end
end