43 lines
1.4 KiB
Ruby
43 lines
1.4 KiB
Ruby
Rspec.describe 'Escape helper' do
|
|
before do
|
|
@user = LinkTo.new
|
|
@actual = LinkTo::Index.render(format: :html)
|
|
end
|
|
|
|
it 'renders the title' do
|
|
expect(@actual).to match(%(<a href="/">Home</a>))
|
|
end
|
|
|
|
it 'renders relative link' do
|
|
expect(@actual).to match(%(<a href="relative">Relative</a>))
|
|
end
|
|
|
|
it 'renders link using html content' do
|
|
expect(@actual).to match(%(<a href="/">\n<p>Home with html content</p>\n</a>))
|
|
end
|
|
|
|
it 'renders link using html content, id and class' do
|
|
expect(@actual).to match(%(<a id="home__link" class="first" href="/">\n<p>Home with html content, id and class</p>\n</a>))
|
|
end
|
|
|
|
it 'renders link using content' do
|
|
expect(@actual).to match(%(<a href="http://external.com">External</a>))
|
|
end
|
|
|
|
it 'renders link using html content' do
|
|
expect(@actual).to match(%(<a href="http://external.com">\n<strong>External with html content</strong>\n</a>))
|
|
end
|
|
|
|
it 'escapes content' do
|
|
expect(@actual).to match(%(<a href="/"><script>alert('xss')</script></a>))
|
|
end
|
|
|
|
it 'escapes raw block content' do
|
|
expect(@actual).to match(%(<a href="/">\n<script>alert('xss2')</script>\n</a>))
|
|
end
|
|
|
|
it 'escapes html builder block content' do
|
|
expect(@actual).to match(%(<a href="/">\n<p><script>alert('xss3')</script></p>\n</a>))
|
|
end
|
|
end
|