1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
require 'abstract_unit'
begin
require 'psych'
rescue LoadError
end
require 'active_support/core_ext/string/inflections'
require 'yaml'
class SafeBufferTest < ActiveSupport::TestCase
def setup
@buffer = ActiveSupport::SafeBuffer.new
end
test "Should look like a string" do
assert @buffer.is_a?(String)
assert_equal "", @buffer
end
test "Should escape a raw string which is passed to them" do
@buffer << "<script>"
assert_equal "<script>", @buffer
end
test "Should NOT escape a safe value passed to it" do
@buffer << "<script>".html_safe
assert_equal "<script>", @buffer
end
test "Should not mess with an innocuous string" do
@buffer << "Hello"
assert_equal "Hello", @buffer
end
test "Should not mess with a previously escape test" do
@buffer << ERB::Util.html_escape("<script>")
assert_equal "<script>", @buffer
end
test "Should be considered safe" do
assert @buffer.html_safe?
end
test "Should return a safe buffer when calling to_s" do
new_buffer = @buffer.to_s
assert_equal ActiveSupport::SafeBuffer, new_buffer.class
end
test "Should be converted to_yaml" do
str = 'hello!'
buf = ActiveSupport::SafeBuffer.new str
yaml = buf.to_yaml
assert_match(/^--- #{str}/, yaml)
assert_equal 'hello!', YAML.load(yaml)
end
test "Should work in nested to_yaml conversion" do
str = 'hello!'
data = { 'str' => ActiveSupport::SafeBuffer.new(str) }
yaml = YAML.dump data
assert_equal({'str' => str}, YAML.load(yaml))
end
test "Should work with underscore" do
str = "MyTest".html_safe.underscore
assert_equal "my_test", str
end
test "Should not return safe buffer from capitalize" do
altered_buffer = "asdf".html_safe.capitalize
assert_equal 'Asdf', altered_buffer
assert !altered_buffer.html_safe?
end
test "Should not return safe buffer from gsub!" do
string = "asdf"
string.capitalize!
assert_equal 'Asdf', string
assert !string.html_safe?
end
test "Should escape dirty buffers on add" do
clean = "hello".html_safe
assert_equal "hello<>", clean + '<>'
end
test "Should concat as a normal string when dirty" do
clean = "hello".html_safe
assert_equal "<>hello", '<>' + clean
end
test "Should preserve dirty? status on copy" do
dirty = "<>"
assert !dirty.dup.html_safe?
end
test "Should raise an error when safe_concat is called on dirty buffers" do
@buffer.capitalize!
assert_raise ActiveSupport::SafeBuffer::SafeConcatError do
@buffer.safe_concat "BUSTED"
end
end
test "should not fail if the returned object is not a string" do
assert_kind_of NilClass, @buffer.slice("chipchop")
end
test "Should initialize @dirty to false for new instance when sliced" do
dirty = @buffer[0,0].send(:dirty?)
assert_not_nil dirty
assert !dirty
end
["gsub", "sub"].each do |unavailable_method|
test "should raise on #{unavailable_method}" do
assert_raise NoMethodError, "#{unavailable_method} cannot be used with a safe string. You should use object.to_str.#{unavailable_method}" do
@buffer.send(unavailable_method, '', '<>')
end
end
test "should raise on #{unavailable_method}!" do
assert_raise NoMethodError, "#{unavailable_method}! cannot be used with a safe string. You should use object.to_str.#{unavailable_method}!" do
@buffer.send("#{unavailable_method}!", '', '<>')
end
end
end
end
|
