mirror of
https://github.com/docsifyjs/docsify.git
synced 2025-12-08 19:55:52 +00:00
c49c39a4a2
* Update test environments and lint configuration Update Jest (unit + integration) and Playwright (e2e) test environments. Includes stability improvements for e2e tests using newer, more stable methods per the Playwright docs. - Update Jest 26 => 27 - Update Jest-related libs (babel parser) - Update Playwright 1.8 => Playwright Test 1.18 - Update GitHub CI (action versions, job parallelization, and matrices) - Update ESLint 5 => 8 - Update ESLint-related libs (parser, prettier, Jest, Playwright) - Fix test failures on M1-based Macs - Fix e2e stability issues by replacing PW $ method calls - Fix ESLint errors - Fix incorrect CI flag on Jest runs (-ci => --ci) - Refactor e2e test runner from Jest to Playwright Test - Refactor e2e test files for Playwright Test - Refactor fix-lint script name to lint:fix for consistency - Refactor npm scripts order for readability - Remove unnecessary configs and libs - Remove example image snapshots
35 lines
1.0 KiB
JavaScript
35 lines
1.0 KiB
JavaScript
const docsifyInit = require('../helpers/docsify-init');
|
|
const { test, expect } = require('./fixtures/docsify-init-fixture');
|
|
|
|
test.describe('Security - Cross Site Scripting (XSS)', () => {
|
|
const sharedOptions = {
|
|
markdown: {
|
|
homepage: '# Hello World',
|
|
},
|
|
routes: {
|
|
'test.md': '# Test Page',
|
|
},
|
|
};
|
|
const slashStrings = ['//', '///'];
|
|
|
|
for (let slashString of slashStrings) {
|
|
const hash = `#${slashString}domain.com/file.md`;
|
|
|
|
test(`should not load remote content from hash (${hash})`, async ({
|
|
page,
|
|
}) => {
|
|
const mainElm = page.locator('#main');
|
|
|
|
await docsifyInit(sharedOptions);
|
|
await expect(mainElm).toContainText('Hello World');
|
|
await page.evaluate(() => (location.hash = '#/test'));
|
|
await expect(mainElm).toContainText('Test Page');
|
|
await page.evaluate(newHash => {
|
|
location.hash = newHash;
|
|
}, hash);
|
|
await expect(mainElm).toContainText('Hello World');
|
|
expect(page.url()).toMatch(/#\/$/);
|
|
});
|
|
}
|
|
});
|