From 14581902661975753cf977e6647da36c612fe6a0 Mon Sep 17 00:00:00 2001 From: Chang Wang <743976+cheapsteak@users.noreply.github.com> Date: Wed, 24 Apr 2024 19:06:09 -0400 Subject: [PATCH] add failing test case for allowParseErrors --- test/security.js | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/test/security.js b/test/security.js index 0c8ee59..d435956 100644 --- a/test/security.js +++ b/test/security.js @@ -32,6 +32,18 @@ test('security', async function (t) { } ) + await t.test( + 'should make sure href attributes render (unsafe)', + async function () { + assert.equal( + toHtml(h('a', {href: 'https://a?b&c'}), { + allowParseErrors: true, + }), + '', + ) + } + ) + await t.test('should make sure texts are encoded (safe)', async function () { assert.equal( toHtml(u('root', u('text', ''))),