/
test_scrub_css.rb
61 lines (49 loc) · 2.32 KB
/
test_scrub_css.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
# frozen_string_literal: true
require "helper"
class UnitHTML5Scrub < Loofah::TestCase
include Loofah
describe "hex values" do
it "handles upper case" do
assert_equal "background:#ABC012;", Loofah::HTML5::Scrub.scrub_css("background: #ABC012")
end
it "handles lower case" do
assert_equal "background:#abc012;", Loofah::HTML5::Scrub.scrub_css("background: #abc012")
end
end
describe "css functions" do
it "allows safe functions" do
assert_equal "background-color:linear-gradient(transparent 50%, #ffff66 50%);",
Loofah::HTML5::Scrub.scrub_css("background-color: linear-gradient(transparent 50%, #ffff66 50%);")
end
it "disallows unsafe functions" do
assert_equal "", Loofah::HTML5::Scrub.scrub_css("background-color: haxxor-fun(transparent 50%, #ffff66 50%);")
end
# see #199 for the bug we're testing here
it "allows safe functions in shorthand css properties" do
assert_equal "background:linear-gradient(transparent 50%, #ffff66 50%);",
Loofah::HTML5::Scrub.scrub_css("background: linear-gradient(transparent 50%, #ffff66 50%);")
end
end
describe "property string values" do
it "allows hypenated values" do
text = %q(font-family:'AvenirNext-Regular';)
assert_equal(text, Loofah::HTML5::Scrub.scrub_css(text))
text = %q(font-family:"AvenirNext-Regular";)
assert_equal(text, Loofah::HTML5::Scrub.scrub_css(text))
end
it "allows embedded spaces in values" do
text = %q(font-family:'Avenir Next';)
assert_equal(text, Loofah::HTML5::Scrub.scrub_css(text))
text = %q(font-family:"Avenir Next";)
assert_equal(text, Loofah::HTML5::Scrub.scrub_css(text))
end
it "does not allow values with embedded or irregular quotes" do
assert_empty(Loofah::HTML5::Scrub.scrub_css(%q(font-family:'AvenirNext"-Regular';)))
assert_empty(Loofah::HTML5::Scrub.scrub_css(%q(font-family:"AvenirNext'-Regular";)))
assert_empty(Loofah::HTML5::Scrub.scrub_css(%q(font-family:'AvenirNext-Regular;)))
assert_empty(Loofah::HTML5::Scrub.scrub_css(%q(font-family:'AvenirNext-Regular";)))
assert_empty(Loofah::HTML5::Scrub.scrub_css(%q(font-family:"AvenirNext-Regular;)))
assert_empty(Loofah::HTML5::Scrub.scrub_css(%q(font-family:"AvenirNext-Regular';)))
end
end
end