Skip to content

Commit

Permalink
add failing test case for allowParseErrors
Browse files Browse the repository at this point in the history
  • Loading branch information
@cheapsteak
cheapsteak committed Apr 24, 2024
1 parent 9e14697 commit 1458190
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions test/security.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,18 @@ test('security', async function (t) {
}
)

await t.test(
'should make sure href attributes render (unsafe)',
async function () {
assert.equal(
toHtml(h('a', {href: 'https://a?b&c'}), {
allowParseErrors: true,
}),
'<a href="https://a?b&c">',
)
}
)

await t.test('should make sure texts are encoded (safe)', async function () {
assert.equal(
toHtml(u('root', u('text', '<script>alert(1)</script>'))),
Expand Down

0 comments on commit 1458190

Please sign in to comment.