2019-11-07 16:34:28 +03:00
// Copyright 2019 The Gitea Authors. All rights reserved.
2022-11-27 21:20:29 +03:00
// SPDX-License-Identifier: MIT
2019-11-07 16:34:28 +03:00
package templates
import (
2024-02-25 13:45:56 +03:00
"html/template"
2019-11-07 16:34:28 +03:00
"testing"
"github.com/stretchr/testify/assert"
)
func TestSubjectBodySeparator ( t * testing . T ) {
test := func ( input , subject , body string ) {
loc := mailSubjectSplit . FindIndex ( [ ] byte ( input ) )
if loc == nil {
assert . Empty ( t , subject , "no subject found, but one expected" )
assert . Equal ( t , body , input )
} else {
2022-06-20 13:02:49 +03:00
assert . Equal ( t , subject , input [ 0 : loc [ 0 ] ] )
assert . Equal ( t , body , input [ loc [ 1 ] : ] )
2019-11-07 16:34:28 +03:00
}
}
test ( "Simple\n---------------\nCase" ,
"Simple\n" ,
"\nCase" )
test ( "Only\nBody" ,
"" ,
"Only\nBody" )
test ( "Minimal\n---\nseparator" ,
"Minimal\n" ,
"\nseparator" )
test ( "False --- separator" ,
"" ,
"False --- separator" )
test ( "False\n--- separator" ,
"" ,
"False\n--- separator" )
test ( "False ---\nseparator" ,
"" ,
"False ---\nseparator" )
test ( "With extra spaces\n----- \t \nBody" ,
"With extra spaces\n" ,
"\nBody" )
test ( "With leading spaces\n -------\nOnly body" ,
"" ,
"With leading spaces\n -------\nOnly body" )
test ( "Multiple\n---\n-------\n---\nSeparators" ,
"Multiple\n" ,
"\n-------\n---\nSeparators" )
test ( "Insuficient\n--\nSeparators" ,
"" ,
"Insuficient\n--\nSeparators" )
}
2024-02-18 12:52:02 +03:00
func TestJSEscapeSafe ( t * testing . T ) {
assert . EqualValues ( t , ` \u0026\u003C\u003E\'\" ` , JSEscapeSafe ( ` &<>'" ` ) )
}
2024-02-25 13:45:56 +03:00
func TestHTMLFormat ( t * testing . T ) {
assert . Equal ( t , template . HTML ( "<a>< < 1</a>" ) , HTMLFormat ( "<a>%s %s %d</a>" , "<" , template . HTML ( "<" ) , 1 ) )
}
2024-03-01 13:16:19 +03:00
func TestSanitizeHTML ( t * testing . T ) {
assert . Equal ( t , template . HTML ( ` <a href="/" rel="nofollow">link</a> xss <div>inline</div> ` ) , SanitizeHTML ( ` <a href="/">link</a> <a href="javascript:">xss</a> <div style="dangerous">inline</div> ` ) )
}