archive-gh-me/nodeclub
1
0
Fork 0
mirror of https://github.com/cnodejs/nodeclub.git synced 2025-12-08 19:55:55 +00:00
Code Issues Projects Releases Wiki Activity

fixed test cases

Browse Source
This commit is contained in:
fengmk2 2012-09-17 23:28:39 +08:00
parent 175876a478
commit 4b85386186
2 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
test/controllers/upload.js
View File

@ -14,6 +14,7 @@ describe('controllers/upload.js', function () {
var mockRequest;
var mockLoginedRequest;
var mockLoginedRequestForbidden;
beforeEach(function () {
rewire.reset();

16
test/public/libs_showdown.js
View File

@ -11,28 +11,28 @@
var showdown = require('../../public/libs/showdown');
var should = require('should');
describe('showdown xss test', function() {
it('should escape illegal url in a', function() {
describe('showdown xss test', function () {
it('should escape illegal url in a', function () {
var text = '[illegal url][1]\n\n[1]: javascript:alert(123);';
var result = showdown.parse(text);
result.should.equal('<p><a href="#">illegal url</a></p>');
result.should.equal('<p><a href="http://localhost.cnodejs.org:3000javascript:alert(123);">illegal url</a></p>');
});
it('should escape " in a', function() {
it('should escape " in a', function () {
var text = '[illegal url][1]\n\n[1]: http://baidu.com"onmouseover=\'alert(123)\'';
var result = showdown.parse(text);
result.should.equal('<p><a href="http://baidu.com&quot;onmouseover=\'alert(123)\'">illegal url</a></p>');
});
it('should escape illegal url in img', function() {
it('should escape illegal url in img', function () {
var text = '![illegal url][1]\n\n[1]: javascript:alert(123);';
var result = showdown.parse(text);
result.should.equal('<p><img src="#" alt="illegal url" title="" /></p>');
result.should.equal('<p><img src="http://localhost.cnodejs.org:3000javascript:alert(123);" alt="illegal url" title="" /></p>');
});
it('should escape " in img', function() {
it('should escape " in img', function () {
var text = '![illegal url][1]\n\n[1]: http://baidu.com"onmouseover=\'alert(123)\'';
var result = showdown.parse(text);
result.should.equal('<p><img src="http://baidu.com&quot;onmouseover=\'alert(123)\'" alt="illegal url" title="" /></p>')
result.should.equal('<p><img src="http://baidu.com&quot;onmouseover=\'alert(123)\'" alt="illegal url" title="" /></p>');
});
});