Add characterization test for sanitize-html

At various times in the past, upgrades in the sanitize-html library that
changed behavior of HTML filtering have caused things like emotes to
break unexpectedly.  This commit adds a basic test to sanitize
non-alphanumeric characters found in channels' emote codes so that if
the library changes, the test will break and give a heads up that
something changed.
This commit is contained in:
Calvin Montgomery 2017-06-17 09:39:58 -07:00
parent 53cee986c6
commit 6633e23aa3
2 changed files with 13 additions and 1 deletions

View File

@ -2,7 +2,7 @@
"author": "Calvin Montgomery",
"name": "CyTube",
"description": "Online media synchronizer and chat",
"version": "3.38.1",
"version": "3.38.2",
"repository": {
"url": "http://github.com/calzoneman/sync"
},

12
test/xss.js Normal file
View File

@ -0,0 +1,12 @@
const assert = require('assert');
const XSS = require('../lib/xss');
describe('XSS', () => {
describe('sanitizeHTML', () => {
it('behaves consistently w.r.t. special chars used in emotes', () => {
const input = '`^~=| _-,;:!?/."()[]{}@$*\\&#%+á\t';
const expected = '`^~=| _-,;:!?/."()[]{}@$*\\\\&#%+á\t';
assert.strictEqual(XSS.sanitizeHTML(input), expected);
});
});
});