/
normalize.test.js
110 lines (90 loc) · 3.57 KB
/
normalize.test.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
'use strict'
const { getTestParser } = require('../get-test-parser')
describe('html normalizer', () => {
it.each([
'<div>&<123&456<789;&&</div>',
'<div><123e>&<a<br/></div>',
'<div> © ©</div>',
'<html xmlns:x="1"><body/></html>',
'<html test="a<b && a>b && \'&&&\'"/>',
'<div test="alert(\'<br/>\')"/>',
'<div test="a<b&&a< c && a>d"></div>',
'<div a=& bb c d=123&&456/>',
'<div a=& a="&\'\'" b/>',
'<html test="123"/>',
'<r><Label onClick="doClick..>Hello, World</Label></r>',
'<Label onClick=doClick..">Hello, World</Label>',
])('%s', (xml) => {
const { errors, parser } = getTestParser()
const actual = parser.parseFromString(xml, 'text/html').toString()
expect({ actual, ...errors }).toMatchSnapshot()
})
it.each([
'<html><meta><link><img><br><hr><input></html>',
'<html title =1/2></html>',
'<html title= 1/>',
'<html title = 1/>',
'<html title/>',
])('unclosed html %s', (xml) => {
const { errors, parser } = getTestParser()
const actual = parser.parseFromString(xml, 'text/html').toString()
expect({ actual, ...errors }).toMatchSnapshot()
})
Array.from(['text/xml', 'text/html']).forEach((mimeType) => {
it.each([
'<script>alert(a<b&&c?"<br>":">>");</script>',
'<script>alert(a<b&&c?"<br/>":">>");</script>',
'<script src="./test.js"/>',
'<textarea>alert(a<b&&c?"<br>":">>");</textarea>',
])(`${mimeType}: script %s`, (xml) => {
const { errors, parser } = getTestParser()
const actual = parser.parseFromString(xml, mimeType).toString()
expect({ actual, ...errors }).toMatchSnapshot()
})
})
it.each([
`<html xmlns="http://www.w3.org/1999/xhtml"><script>let message = " & ETH";</script></html>`,
`<html><script>let message = " & ETH";</script></html>`,
])(`should map entity in %s`, (xml) => {
const { parser } = getTestParser()
const actual = parser.parseFromString(xml, 'application/xml')
expect(actual.documentElement.firstChild.textContent).toBe('let message = " & ETH";');
})
it.each([
`<html xmlns="http://www.w3.org/1999/xhtml"><script>let message = " & ETH";</script></html>`,
`<html><script>let message = " & ETH";</script></html>`,
])(`should not map entity in %s`, (xml) => {
const { parser } = getTestParser()
const actual = parser.parseFromString(xml, 'text/html')
expect(actual.documentElement.firstChild.textContent).toBe('let message = " & ETH";');
})
it('European entities', () => {
const { errors, parser } = getTestParser()
const actual = parser
.parseFromString(
'<div>ÄäÅåÆæÖöØøßÜü€</div>',
'text/html'
)
.toString()
expect({ actual, ...errors }).toMatchObject({
// For the future, it may be nicer to use \uxxxx in the assert strings
// rather than pasting in multi-byte UTF-8 Unicode characters
actual: '<div xmlns="http://www.w3.org/1999/xhtml">ÄäÅåÆæÖöØøßÜü€</div>',
})
})
it('European entities xml', () => {
const { errors, parser } = getTestParser()
const actual = parser
.parseFromString(
'<div>ÄäÅåÆæÖöØøßÜü€</div>',
'text/xml'
)
.toString()
expect({ actual, ...errors }).toMatchObject({
// For the future, it may be nicer to use \uxxxx in the assert strings
// rather than pasting in multi-byte UTF-8 Unicode characters
actual:
'<div>&Auml;&auml;&Aring;&aring;&AElig;&aelig;&Ouml;&ouml;&Oslash;&oslash;&szlig;&Uuml;&uuml;&euro;</div>',
})
})
})