From d0e8e49aeb7e3110d25e5f7f38158ff5370b03ad Mon Sep 17 00:00:00 2001 From: Juliana Rodrigueiro Date: Wed, 8 Aug 2018 14:11:27 +0200 Subject: [PATCH] Add tests for restricted_html --- test/test_restricted_html.cpp | 105 +++++++++++++++++++++++++++++++++++++++++ 1 files changed, 105 insertions(+), 0 deletions(-) diff --git a/test/test_restricted_html.cpp b/test/test_restricted_html.cpp index d744ed2..c209b63 100644 --- a/test/test_restricted_html.cpp +++ b/test/test_restricted_html.cpp @@ -32,7 +32,112 @@ using namespace std; using namespace I2n; BOOST_AUTO_TEST_SUITE(test_restricted_html) +/** + * TODO Create more tests for: + * html comments removed + * Test the transformation from non asccii to html_entities + */ +BOOST_AUTO_TEST_CASE(BasicTest) +{ + string output = restrict_html("

Table

Month Savings
January $100

Paragraph with a Acceptable Link.

"); + BOOST_CHECK_EQUAL(string("

Table

Month Savings
January $100

Paragraph with a Acceptable Link.

"), output); +} + +BOOST_AUTO_TEST_CASE(ScriptInjection) +{ + string output = restrict_html("

test

"); + BOOST_CHECK_EQUAL(string("

test

"), output); +} + +BOOST_AUTO_TEST_CASE(NestedScript) +{ + string output = restrict_html("</script>"); + BOOST_CHECK_EQUAL(string("<script>evil()</script>"), output); +} + +BOOST_AUTO_TEST_CASE(NestedScript2) +{ + string output = restrict_html("<script>evil2()</script>"); + BOOST_CHECK_EQUAL(string("<script>evil2()</script>"), output); +} + +BOOST_AUTO_TEST_CASE(NestedScript3) +{ + string output = restrict_html("<evil3()</script>"); + BOOST_CHECK_EQUAL(string("<evil3()</script>"), output); +} + +BOOST_AUTO_TEST_CASE(NestedScript4) +{ + string output = restrict_html("pt>pt>alert(1)"); + BOOST_CHECK_EQUAL(string("<scri<script>pt>alert(1)"), output); +} + +BOOST_AUTO_TEST_CASE(AhrefLink) +{ + string output = restrict_html("test"); + BOOST_CHECK_EQUAL(string("test"), output); +} + +BOOST_AUTO_TEST_CASE(AhrefLink2) +{ + string output = restrict_html("test"); + BOOST_CHECK_EQUAL(string("test"), output); +} + +BOOST_AUTO_TEST_CASE(AhrefLink3) +{ + string output = restrict_html("test"); + BOOST_CHECK_EQUAL(string("test"), output); +} +BOOST_AUTO_TEST_CASE(AhrefLink4) +{ + string output = restrict_html("test"); + BOOST_CHECK_EQUAL(string("test"), output); +} + +BOOST_AUTO_TEST_CASE(AhrefLink5) +{ + string output = restrict_html("\" Test Me"); + BOOST_CHECK_EQUAL(string("" Test Me"), output); +} + +BOOST_AUTO_TEST_CASE(AhrefProtocol) +{ + string output = restrict_html("foo"); + BOOST_CHECK_EQUAL(string("foo"), output); +} + +BOOST_AUTO_TEST_CASE(AhrefWrongProtocol) +{ + string output = restrict_html("foo"); + BOOST_CHECK_EQUAL(string("foo"), output); +} + +BOOST_AUTO_TEST_CASE(UnclosedTags) +{ + string output = restrict_html("

Test

"); + BOOST_CHECK_EQUAL(string("

Test

"), output); +} + +BOOST_AUTO_TEST_CASE(UnopenedTags) +{ + string output = restrict_html("

Test

"); + BOOST_CHECK_EQUAL(string("

Test

"), output); +} + +BOOST_AUTO_TEST_CASE(UnsafeURLChars) +{ + string output = restrict_html("maçã"); + BOOST_CHECK_EQUAL(string("maçã"), output); +} + +BOOST_AUTO_TEST_CASE(UnsafeURLChars2) +{ + string output = restrict_html(" Test Me!!"); + BOOST_CHECK_EQUAL(string(" Test Me!!"), output); +} BOOST_AUTO_TEST_CASE(DecodeStringURL) { -- 1.7.1