diff options
Diffstat (limited to '')
| -rw-r--r-- | tests/misc_dangerous_html.rs | 28 | ||||
| -rw-r--r-- | tests/misc_dangerous_protocol.rs | 199 | 
2 files changed, 227 insertions, 0 deletions
| diff --git a/tests/misc_dangerous_html.rs b/tests/misc_dangerous_html.rs new file mode 100644 index 0000000..7a0b49a --- /dev/null +++ b/tests/misc_dangerous_html.rs @@ -0,0 +1,28 @@ +extern crate micromark; +use micromark::{micromark, micromark_with_options, CompileOptions}; + +const DANGER: &CompileOptions = &CompileOptions { +    allow_dangerous_html: true, +    allow_dangerous_protocol: true, +}; + +#[test] +fn dangerous_html() { +    assert_eq!( +        micromark("<x>"), +        "<x>", +        "should be safe by default for flow" +    ); + +    assert_eq!( +        micromark("a<b>"), +        "<p>a<b></p>", +        "should be safe by default for text" +    ); + +    assert_eq!( +        micromark_with_options("<x>", DANGER), +        "<x>", +        "should be unsafe w/ `allowDangerousHtml`" +    ); +} diff --git a/tests/misc_dangerous_protocol.rs b/tests/misc_dangerous_protocol.rs new file mode 100644 index 0000000..9069ecd --- /dev/null +++ b/tests/misc_dangerous_protocol.rs @@ -0,0 +1,199 @@ +extern crate micromark; +use micromark::{micromark}; + +#[test] +fn dangerous_protocol_autolink() { +    assert_eq!( +        micromark("<javascript:alert(1)>"), +        "<p><a href=\"\">javascript:alert(1)</a></p>", +        "should be safe by default" +    ); + +    assert_eq!( +        micromark("<http://a>"), +        "<p><a href=\"http://a\">http://a</a></p>", +        "should allow `http:`" +    ); + +    assert_eq!( +        micromark("<https://a>"), +        "<p><a href=\"https://a\">https://a</a></p>", +        "should allow `https:`" +    ); + +    assert_eq!( +        micromark("<irc:///help>"), +        "<p><a href=\"irc:///help\">irc:///help</a></p>", +        "should allow `irc:`" +    ); + +    assert_eq!( +        micromark("<mailto:a>"), +        "<p><a href=\"mailto:a\">mailto:a</a></p>", +        "should allow `mailto:`" +    ); +} + +// To do: image. +// #[test] +// fn dangerous_protocol_image() { +//     assert_eq!( +//         micromark(")"), +//         "<p><img src=\"\" alt=\"\" /></p>", +//         "should be safe by default" +//     ); + +//     assert_eq!( +//         micromark(""), +//         "<p><img src=\"http://a\" alt=\"\" /></p>", +//         "should allow `http:`" +//     ); + +//     assert_eq!( +//         micromark(""), +//         "<p><img src=\"https://a\" alt=\"\" /></p>", +//         "should allow `https:`" +//     ); + +//     assert_eq!( +//         micromark(""), +//         "<p><img src=\"\" alt=\"\" /></p>", +//         "should not allow `irc:`" +//     ); + +//     assert_eq!( +//         micromark(""), +//         "<p><img src=\"\" alt=\"\" /></p>", +//         "should not allow `mailto:`" +//     ); + +//     assert_eq!( +//         micromark(""), +//         "<p><img src=\"#a\" alt=\"\" /></p>", +//         "should allow a hash" +//     ); + +//     assert_eq!( +//         micromark(""), +//         "<p><img src=\"?a\" alt=\"\" /></p>", +//         "should allow a search" +//     ); + +//     assert_eq!( +//         micromark(""), +//         "<p><img src=\"/a\" alt=\"\" /></p>", +//         "should allow an absolute" +//     ); + +//     assert_eq!( +//         micromark(""), +//         "<p><img src=\"./a\" alt=\"\" /></p>", +//         "should allow an relative" +//     ); + +//     assert_eq!( +//         micromark(""), +//         "<p><img src=\"../a\" alt=\"\" /></p>", +//         "should allow an upwards relative" +//     ); + +//     assert_eq!( +//         micromark(""), +//         "<p><img src=\"a#b:c\" alt=\"\" /></p>", +//         "should allow a colon in a hash" +//     ); + +//     assert_eq!( +//         micromark(""), +//         "<p><img src=\"a?b:c\" alt=\"\" /></p>", +//         "should allow a colon in a search" +//     ); + +//     assert_eq!( +//         micromark(""), +//         "<p><img src=\"a/b:c\" alt=\"\" /></p>", +//         "should allow a colon in a path" +//     ); +// } + +// To do: link. +// #[test] +// fn dangerous_protocol_link() { +//     assert_eq!( +//         micromark("[](javascript:alert(1))"), +//         "<p><a href=\"\"></a></p>", +//         "should be safe by default" +//     ); + +//     assert_eq!( +//         micromark("[](http://a)"), +//         "<p><a href=\"http://a\"></a></p>", +//         "should allow `http:`" +//     ); + +//     assert_eq!( +//         micromark("[](https://a)"), +//         "<p><a href=\"https://a\"></a></p>", +//         "should allow `https:`" +//     ); + +//     assert_eq!( +//         micromark("[](irc:///help)"), +//         "<p><a href=\"irc:///help\"></a></p>", +//         "should allow `irc:`" +//     ); + +//     assert_eq!( +//         micromark("[](mailto:a)"), +//         "<p><a href=\"mailto:a\"></a></p>", +//         "should allow `mailto:`" +//     ); + +//     assert_eq!( +//         micromark("[](#a)"), +//         "<p><a href=\"#a\"></a></p>", +//         "should allow a hash" +//     ); + +//     assert_eq!( +//         micromark("[](?a)"), +//         "<p><a href=\"?a\"></a></p>", +//         "should allow a search" +//     ); + +//     assert_eq!( +//         micromark("[](/a)"), +//         "<p><a href=\"/a\"></a></p>", +//         "should allow an absolute" +//     ); + +//     assert_eq!( +//         micromark("[](./a)"), +//         "<p><a href=\"./a\"></a></p>", +//         "should allow an relative" +//     ); + +//     assert_eq!( +//         micromark("[](../a)"), +//         "<p><a href=\"../a\"></a></p>", +//         "should allow an upwards relative" +//     ); + +//     assert_eq!( +//         micromark("[](a#b:c)"), +//         "<p><a href=\"a#b:c\"></a></p>", +//         "should allow a colon in a hash" +//     ); + +//     assert_eq!( +//         micromark("[](a?b:c)"), +//         "<p><a href=\"a?b:c\"></a></p>", +//         "should allow a colon in a search" +//     ); + +//     assert_eq!( +//         micromark("[](a/b:c)"), +//         "<p><a href=\"a/b:c\"></a></p>", +//         "should allow a colon in a path" +//     ); +// } | 
