diff options
Diffstat (limited to '')
-rw-r--r-- | testing/templates/json.html | 2 | ||||
-rw-r--r-- | testing/tests/filters.rs | 60 | ||||
-rw-r--r-- | testing/tests/whitespace.rs | 4 |
3 files changed, 64 insertions, 2 deletions
diff --git a/testing/templates/json.html b/testing/templates/json.html index 250b7be..a1855ca 100644 --- a/testing/templates/json.html +++ b/testing/templates/json.html @@ -1,4 +1,4 @@ { "foo": "{{ foo }}", - "bar": {{ bar|json }} + "bar": {{ bar|json|safe }} } diff --git a/testing/tests/filters.rs b/testing/tests/filters.rs index be3e0ab..7973f45 100644 --- a/testing/tests/filters.rs +++ b/testing/tests/filters.rs @@ -250,3 +250,63 @@ fn test_filter_truncate() { }; assert_eq!(t.render().unwrap(), "alpha baralpha..."); } + +#[cfg(feature = "serde-json")] +#[derive(Template)] +#[template(source = r#"<li data-name="{{name|json}}"></li>"#, ext = "html")] +struct JsonAttributeTemplate<'a> { + name: &'a str, +} + +#[cfg(feature = "serde-json")] +#[test] +fn test_json_attribute() { + let t = JsonAttributeTemplate { + name: r#""><button>Hacked!</button>"#, + }; + assert_eq!( + t.render().unwrap(), + r#"<li data-name=""\"\u003e\u003cbutton\u003eHacked!\u003c/button\u003e""></li>"# + ); +} + +#[cfg(feature = "serde-json")] +#[derive(Template)] +#[template(source = r#"<li data-name='{{name|json|safe}}'></li>"#, ext = "html")] +struct JsonAttribute2Template<'a> { + name: &'a str, +} + +#[cfg(feature = "serde-json")] +#[test] +fn test_json_attribute2() { + let t = JsonAttribute2Template { + name: r#"'><button>Hacked!</button>"#, + }; + assert_eq!( + t.render().unwrap(), + r#"<li data-name='"\u0027\u003e\u003cbutton\u003eHacked!\u003c/button\u003e"'></li>"# + ); +} + +#[cfg(feature = "serde-json")] +#[derive(Template)] +#[template( + source = r#"<script>var user = {{name|json|safe}}</script>"#, + ext = "html" +)] +struct JsonScriptTemplate<'a> { + name: &'a str, +} + +#[cfg(feature = "serde-json")] +#[test] +fn test_json_script() { + let t = JsonScriptTemplate { + name: r#"</script><button>Hacked!</button>"#, + }; + assert_eq!( + t.render().unwrap(), + r#"<script>var user = "\u003c/script\u003e\u003cbutton\u003eHacked!\u003c/button\u003e"</script>"# + ); +} diff --git a/testing/tests/whitespace.rs b/testing/tests/whitespace.rs index ca72b23..cbcddd7 100644 --- a/testing/tests/whitespace.rs +++ b/testing/tests/whitespace.rs @@ -1,3 +1,5 @@ +#![cfg(feature = "serde-json")] + use askama::Template; #[derive(askama::Template, Default)] @@ -37,5 +39,5 @@ fn test_extra_whitespace() { let mut template = AllowWhitespaces::default(); template.nested_1.nested_2.array = &["a0", "a1", "a2", "a3"]; template.nested_1.nested_2.hash.insert("key", "value"); - assert_eq!(template.render().unwrap(), "\n0\n0\n0\n0\n\n\n\n0\n0\n0\n0\n0\n\na0\na1\nvalue\n\n\n\n\n\n[\n \"a0\",\n \"a1\",\n \"a2\",\n \"a3\"\n]\n[\n \"a0\",\n \"a1\",\n \"a2\",\n \"a3\"\n][\n \"a0\",\n \"a1\",\n \"a2\",\n \"a3\"\n]\n[\n \"a1\"\n][\n \"a1\"\n]\n[\n \"a1\",\n \"a2\"\n][\n \"a1\",\n \"a2\"\n]\n[\n \"a1\"\n][\n \"a1\"\n]1-1-1\n3333 3\n2222 2\n0000 0\n3333 3\n\ntruefalse\nfalsefalsefalse\n\n\n\n\n\n\n\n\n\n\n\n\n\n"); + assert_eq!(template.render().unwrap(), "\n0\n0\n0\n0\n\n\n\n0\n0\n0\n0\n0\n\na0\na1\nvalue\n\n\n\n\n\n[\n "a0",\n "a1",\n "a2",\n "a3"\n]\n[\n "a0",\n "a1",\n "a2",\n "a3"\n][\n "a0",\n "a1",\n "a2",\n "a3"\n]\n[\n "a1"\n][\n "a1"\n]\n[\n "a1",\n "a2"\n][\n "a1",\n "a2"\n]\n[\n "a1"\n][\n "a1"\n]1-1-1\n3333 3\n2222 2\n0000 0\n3333 3\n\ntruefalse\nfalsefalsefalse\n\n\n\n\n\n\n\n\n\n\n\n\n\n"); } |