From 7c29bf765fd666e61b9bc7d0eb40909b8e9002da Mon Sep 17 00:00:00 2001 From: Dirkjan Ochtman Date: Thu, 7 Sep 2017 20:42:55 +0200 Subject: Extend escaping according to OWASP recommendations --- testing/tests/filters.rs | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'testing') diff --git a/testing/tests/filters.rs b/testing/tests/filters.rs index 8e558ba..fe218e3 100644 --- a/testing/tests/filters.rs +++ b/testing/tests/filters.rs @@ -16,15 +16,16 @@ struct TestTemplate { #[test] fn filter_escape() { let s = TestTemplate { - strvar: "my is unsafe & should be escaped".to_string(), + strvar: "// my is \"unsafe\" & should be 'escaped'".to_string(), }; assert_eq!(s.render().unwrap(), - "my <html> is unsafe & should be escaped"); + "// my <html> is "unsafe" & \ + should be 'escaped'"); } #[derive(Template)] -#[template(path = "format.html")] +#[template(path = "format.html", escape = "none")] struct FormatTemplate<'a> { var: &'a str, } -- cgit