1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
// Copyright 2019 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package templates
import (
"html/template"
"testing"
"github.com/stretchr/testify/assert"
)
func TestSubjectBodySeparator(t *testing.T) {
test := func(input, subject, body string) {
loc := mailSubjectSplit.FindIndex([]byte(input))
if loc == nil {
assert.Empty(t, subject, "no subject found, but one expected")
assert.Equal(t, body, input)
} else {
assert.Equal(t, subject, input[0:loc[0]])
assert.Equal(t, body, input[loc[1]:])
}
}
test("Simple\n---------------\nCase",
"Simple\n",
"\nCase")
test("Only\nBody",
"",
"Only\nBody")
test("Minimal\n---\nseparator",
"Minimal\n",
"\nseparator")
test("False --- separator",
"",
"False --- separator")
test("False\n--- separator",
"",
"False\n--- separator")
test("False ---\nseparator",
"",
"False ---\nseparator")
test("With extra spaces\n----- \t \nBody",
"With extra spaces\n",
"\nBody")
test("With leading spaces\n -------\nOnly body",
"",
"With leading spaces\n -------\nOnly body")
test("Multiple\n---\n-------\n---\nSeparators",
"Multiple\n",
"\n-------\n---\nSeparators")
test("Insufficient\n--\nSeparators",
"",
"Insufficient\n--\nSeparators")
}
func TestJSEscapeSafe(t *testing.T) {
assert.EqualValues(t, `\u0026\u003C\u003E\'\"`, JSEscapeSafe(`&<>'"`))
}
func TestHTMLFormat(t *testing.T) {
assert.Equal(t, template.HTML("<a>< < 1</a>"), HTMLFormat("<a>%s %s %d</a>", "<", template.HTML("<"), 1))
}
func TestSanitizeHTML(t *testing.T) {
assert.Equal(t, template.HTML(`<a href="/" rel="nofollow">link</a> xss <div>inline</div>`), SanitizeHTML(`<a href="/">link</a> <a href="javascript:">xss</a> <div style="dangerous">inline</div>`))
}
|
