UNPKG

coffeecup/test/escaping.coffee

Version:

1.76 kBtext/coffeescriptView Raw

1cc = require '../lib/coffeecup'
2
3describe 'Escaping', ->
4  describe "h1 h(\"<script>alert('\"owned\" by c&a &copy;')</script>)", ->
5    it "should render <h1>&lt;script&gt;alert('&quot;owned&quot; by c&amp;a &amp;copy;')&lt;/script&gt;</h1>", ->
6      t = -> h1 h("<script>alert('\"owned\" by c&a &copy;')</script>")
7      cc.render(t).should.equal "<h1>&lt;script&gt;alert('&quot;owned&quot; by c&amp;a &amp;copy;')&lt;/script&gt;</h1>"
8
9describe 'AutoEscaping', ->
10  describe "h1 <script>alert('\"owned\" by c&a &copy;')</script>", ->
11    it "should render <h1>&lt;script&gt;alert('&quot;owned&quot; by c&amp;a &amp;copy;')&lt;/script&gt;</h1>", ->
12      t = -> h1 "<script>alert('\"owned\" by c&a &copy;')</script>"
13      cc.render(t, autoescape: yes).should.equal "<h1>&lt;script&gt;alert('&quot;owned&quot; by c&amp;a &amp;copy;')&lt;/script&gt;</h1>"
14
15describe 'Escaping optimized', ->
16  describe "h1 h(\"<script>alert('\"owned\" by c&a &copy;')</script>)", ->
17    it "should render <h1>&lt;script&gt;alert('&quot;owned&quot; by c&amp;a &amp;copy;')&lt;/script&gt;</h1>", ->
18      t = -> h1 h("<script>alert('\"owned\" by c&a &copy;')</script>")
19      cc.render(t, optimized: true, cache: on).should.equal "<h1>&lt;script&gt;alert('&quot;owned&quot; by c&amp;a &amp;copy;')&lt;/script&gt;</h1>"
20
21describe 'AutoEscaping optimized', ->
22  describe "h1 <script>alert('\"owned\" by c&a &copy;')</script>", ->
23    it "should render <h1>&lt;script&gt;alert('&quot;owned&quot; by c&amp;a &amp;copy;')&lt;/script&gt;</h1>", ->
24      t = -> h1 "<script>alert('\"owned\" by c&a &copy;')</script>"
25      cc.render(t, autoescape: yes, optimized: true, cache: on).should.equal "<h1>&lt;script&gt;alert('&quot;owned&quot; by c&amp;a &amp;copy;')&lt;/script&gt;</h1>"
26

1	`cc = require '../lib/coffeecup'`
2
3	`describe 'Escaping', ->`
4	`describe "h1 h(\"<script>alert('\"owned\" by c&a ©')</script>)", ->`
5	`it "should render <h1><script>alert('"owned" by c&a &copy;')</script></h1>", ->`
6	`t = -> h1 h("<script>alert('\"owned\" by c&a ©')</script>")`
7	`cc.render(t).should.equal "<h1><script>alert('"owned" by c&a &copy;')</script></h1>"`
8
9	`describe 'AutoEscaping', ->`
10	`describe "h1 <script>alert('\"owned\" by c&a ©')</script>", ->`
11	`it "should render <h1><script>alert('"owned" by c&a &copy;')</script></h1>", ->`
12	`t = -> h1 "<script>alert('\"owned\" by c&a ©')</script>"`
13	`cc.render(t, autoescape: yes).should.equal "<h1><script>alert('"owned" by c&a &copy;')</script></h1>"`
14
15	`describe 'Escaping optimized', ->`
16	`describe "h1 h(\"<script>alert('\"owned\" by c&a ©')</script>)", ->`
17	`it "should render <h1><script>alert('"owned" by c&a &copy;')</script></h1>", ->`
18	`t = -> h1 h("<script>alert('\"owned\" by c&a ©')</script>")`
19	`cc.render(t, optimized: true, cache: on).should.equal "<h1><script>alert('"owned" by c&a &copy;')</script></h1>"`
20
21	`describe 'AutoEscaping optimized', ->`
22	`describe "h1 <script>alert('\"owned\" by c&a ©')</script>", ->`
23	`it "should render <h1><script>alert('"owned" by c&a &copy;')</script></h1>", ->`
24	`t = -> h1 "<script>alert('\"owned\" by c&a ©')</script>"`
25	`cc.render(t, autoescape: yes, optimized: true, cache: on).should.equal "<h1><script>alert('"owned" by c&a &copy;')</script></h1>"`
26