github.com/webx-top/com@v1.2.12/html_test.go

github.com/webx-top/com@v1.2.12/html_test.go (about)

     1  package com
     2  
     3  import (
     4  	"testing"
     5  
     6  	"github.com/stretchr/testify/assert"
     7  )
     8  
     9  func TestHTML2JS(t *testing.T) {
    10  	r := []byte("a\r\n\r\nb\r\n\"quoted\"")
    11  	r = HTML2JS(r)
    12  	assert.Equal(t, `a\n\nb\n\"quoted\"`, string(r))
    13  }
    14  
    15  func TestNl2br(t *testing.T) {
    16  	r := "a\r\n\r\nb\r\n"
    17  	r = Nl2br(r)
    18  	expected := `a<br /><br />b<br />`
    19  	assert.Equal(t, expected, r)
    20  	r = "a\n\nb\n"
    21  	r = Nl2br(r)
    22  	assert.Equal(t, expected, r)
    23  }
    24  
    25  func TestHTMLDecodeAll(t *testing.T) {
    26  	r := `&amp;#039;`
    27  	r = HTMLDecodeAll(r)
    28  	assert.Equal(t, `'`, r)
    29  }
    30  
    31  func TestStripTags(t *testing.T) {
    32  	sources := map[string]string{
    33  		`<script>` + "\r\n" + `alert('js');` + "\r\n" + `</script>`:     ``,
    34  		`<script>` + "\n" + `alert('js');` + "\n" + `</script no="no">`: ``,
    35  		`<script type="text/javascript">alert('js');</script >`:         ``,
    36  		`<style>` + "\r\n" + `.style{}` + "\r\n" + `</style>`:           ``,
    37  		`<style>` + "\n" + `.style{}` + "\n" + `</style no="no">`:       ``,
    38  		`<style type="text/css">.style{}</style >`:                      ``,
    39  		`<a>ha</a>`:                                       `ha`,
    40  		`<a href="#" >ha</a a="b">`:                       `ha`,
    41  		" github  com  / webx-top   /com ":                `github com / webx-top /com`,
    42  		"github\r\n\r\n\r\n[tab]		[/tab]\n\n\n\nwebx-top": "github\n[tab]\t[/tab]\nwebx-top",
    43  	}
    44  	for k, expected := range sources {
    45  		k = StripTags(k)
    46  		assert.Equal(t, expected, k)
    47  	}
    48  }
    49  
    50  func TestRemoveXSS(t *testing.T) {
    51  	sources := map[string]string{
    52  		`<sCript>` + "\r\n" + `alert('js');` + "\r\n" + `</script>`:     "<_sCript>\r\nalert('js');\r\n</_script>",
    53  		`<script>` + "\n" + `alert('js');` + "\n" + `</script no="no">`: "<_script>\nalert('js');\n</_script no=\"no\">",
    54  		`<script type="text/javascript">alert('js');</script >`:         "<_script type=\"text/javascript\">alert('js');</_script >",
    55  		`<style>` + "\r\n" + `.style{}` + "\r\n" + `</style>`:           "<_style>\r\n.style{}\r\n</_style>",
    56  		`<style>` + "\n" + `.style{}` + "\n" + `</style no="no">`:       "<_style>\n.style{}\n</_style no=\"no\">",
    57  		`<style type="text/css">.style{}</style >`:                      "<_style type=\"text/css\">.style{}</_style >",
    58  		`<a onload="alert('js')">ha</a>`:                                "<a _onload=\"alert('js')\">ha</a>",
    59  		`<a href="#" sTyle="express()">ha</a a="b">`:                    "<a href=\"#\" _sTyle=\"express()\">ha</a a=\"b\">",
    60  		`<a href="javascript:alert('js')">ha</a a="b">`:                 "<a _href=\"_javascript:alert('js')\">ha</a a=\"b\">",
    61  	}
    62  	for k, expected := range sources {
    63  		k = RemoveXSS(k)
    64  		assert.Equal(t, expected, k)
    65  	}
    66  }