2017-04-20 19:17:05 -04:00
|
|
|
const test = require('tap').test;
|
|
|
|
|
const xml = require('../../src/util/xml-escape');
|
2016-10-03 16:34:57 -04:00
|
|
|
|
2017-04-20 19:17:05 -04:00
|
|
|
test('escape', t => {
|
|
|
|
|
const input = '<foo bar="he & llo \'"></foo>';
|
|
|
|
|
const output = '<foo bar="he & llo '"></foo>';
|
2016-10-03 18:23:43 -04:00
|
|
|
t.strictEqual(xml(input), output);
|
2016-10-03 16:34:57 -04:00
|
|
|
t.end();
|
|
|
|
|
});
|
2019-02-07 11:58:10 -05:00
|
|
|
|
|
|
|
|
test('xmlEscape (more)', t => {
|
|
|
|
|
const empty = '';
|
|
|
|
|
t.equal(xml(empty), empty);
|
|
|
|
|
|
|
|
|
|
const safe = 'hello';
|
|
|
|
|
t.equal(xml(safe), safe);
|
|
|
|
|
|
|
|
|
|
const unsafe = '< > & \' "';
|
|
|
|
|
t.equal(xml(unsafe), '< > & ' "');
|
|
|
|
|
|
|
|
|
|
const single = '&';
|
|
|
|
|
t.equal(xml(single), '&');
|
|
|
|
|
|
|
|
|
|
const mix = '<a>b& c\'def_-"';
|
|
|
|
|
t.equal(xml(mix), '<a>b& c'def_-"');
|
|
|
|
|
|
|
|
|
|
const dupes = '<<&_"_"_&>>';
|
|
|
|
|
t.equal(xml(dupes), '<<&_"_"_&>>');
|
|
|
|
|
|
|
|
|
|
const emoji = '(>^_^)>';
|
|
|
|
|
t.equal(xml(emoji), '(>^_^)>');
|
|
|
|
|
|
|
|
|
|
t.end();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
test('xmlEscape should handle non strings', t => {
|
|
|
|
|
const array = ['hello', 'world'];
|
|
|
|
|
t.equal(xml(array), String(array));
|
|
|
|
|
|
|
|
|
|
const arrayWithSpecialChar = ['hello', '<world>'];
|
|
|
|
|
t.equal(xml(arrayWithSpecialChar), 'hello,<world>');
|
|
|
|
|
|
|
|
|
|
const arrayWithNumbers = [1, 2, 3];
|
|
|
|
|
t.equal(xml(arrayWithNumbers), '1,2,3');
|
|
|
|
|
|
|
|
|
|
// Objects shouldn't get provided to replaceUnsafeChars, but in the event
|
|
|
|
|
// they do, it should just return the object (and log an error)
|
|
|
|
|
const object = {hello: 'world'};
|
|
|
|
|
t.equal(xml(object), object);
|
|
|
|
|
|
|
|
|
|
t.end();
|
|
|
|
|
});
|
