9e909d5be3
Update Bundler to 1.0.15. Update Rails to 2.3.12. Update rails_xss plugin. The latter two were the source of a considerable amount of grief, as rails_xss is now MUCH stricter about what string methods can be used. Also made it possible to use rake 0.9.x with Instiki. But you probably REALLY want to use ruby bundle exec rake ... instead of just saying rake ....
51 lines
1.2 KiB
Ruby
51 lines
1.2 KiB
Ruby
require 'test_helper'
|
|
|
|
class SafeBufferTest < ActiveSupport::TestCase
|
|
def setup
|
|
@buffer = ActiveSupport::SafeBuffer.new
|
|
end
|
|
|
|
test "Should look like a string" do
|
|
assert @buffer.is_a?(String)
|
|
assert_equal "", @buffer
|
|
end
|
|
|
|
test "Should escape a raw string which is passed to them" do
|
|
@buffer << "<script>"
|
|
assert_equal "<script>", @buffer
|
|
end
|
|
|
|
test "Should NOT escape a safe value passed to it" do
|
|
@buffer << "<script>".html_safe
|
|
assert_equal "<script>", @buffer
|
|
end
|
|
|
|
test "Should not mess with an innocuous string" do
|
|
@buffer << "Hello"
|
|
assert_equal "Hello", @buffer
|
|
end
|
|
|
|
test "Should not mess with a previously escape test" do
|
|
@buffer << ERB::Util.html_escape("<script>")
|
|
assert_equal "<script>", @buffer
|
|
end
|
|
|
|
test "Should be considered safe" do
|
|
assert @buffer.html_safe?
|
|
end
|
|
|
|
test "Should return a safe buffer when calling to_s" do
|
|
new_buffer = @buffer.to_s
|
|
assert_equal ActiveSupport::SafeBuffer, new_buffer.class
|
|
end
|
|
|
|
test "Should not return a safe buffer when using sub" do
|
|
assert !@buffer.sub('', "asdf").html_safe?
|
|
end
|
|
|
|
test "Should raise argument error when using sub!" do
|
|
assert_raise TypeError do
|
|
@buffer.sub!('', "asdf")
|
|
end
|
|
end
|
|
end
|