mirror of https://github.com/calzoneman/sync.git
19 lines
670 B
JavaScript
19 lines
670 B
JavaScript
const assert = require('assert');
|
|
const XSS = require('../lib/xss');
|
|
|
|
describe('XSS', () => {
|
|
describe('sanitizeHTML', () => {
|
|
it('behaves consistently w.r.t. special chars used in emotes', () => {
|
|
const input = '`^~=| _-,;:!?/."()[]{}@$*\\&#%+á\t';
|
|
const expected = '`^~=| _-,;:!?/."()[]{}@$*\\&#%+á\t';
|
|
assert.strictEqual(XSS.sanitizeHTML(input), expected);
|
|
});
|
|
|
|
it('disallows iframes', () => {
|
|
const input = '<iframe src="https://example.com"></iframe>';
|
|
const expected = '';
|
|
assert.strictEqual(XSS.sanitizeHTML(input), expected);
|
|
});
|
|
});
|
|
});
|