1
0
Fork 0
mirror of https://github.com/terribleplan/next.js.git synced 2024-01-19 02:48:18 +00:00
next.js/test/unit/htmlescape.test.js
Tim Neutkens b3045cc7a9
Implement circular JSON err.sh link (#6149)
* Implement circular JSON err.sh link

* Add test for getInitialProps returning circular json

* Make test warn less

* Fix tests

* Add reference to original tests
2019-01-27 16:12:17 +01:00

44 lines
1.8 KiB
JavaScript

/* eslint-env jest */
// These tests are based on https://github.com/zertosh/htmlescape/blob/3e6cf0614dd0f778fd0131e69070b77282150c15/test/htmlescape-test.js
// License: https://github.com/zertosh/htmlescape/blob/0527ca7156a524d256101bb310a9f970f63078ad/LICENSE
import {htmlEscapeJsonString} from 'next/dist/server/htmlescape'
import vm from 'vm'
describe('htmlescape', () => {
test('with angle brackets should escape', () => {
const evilObj = {evil: '<script></script>'}
expect(htmlEscapeJsonString(JSON.stringify(evilObj))).toBe('{"evil":"\\u003cscript\\u003e\\u003c/script\\u003e"}')
})
test('with angle brackets should parse back', () => {
const evilObj = {evil: '<script></script>'}
expect(JSON.parse(htmlEscapeJsonString(JSON.stringify(evilObj)))).toMatchObject(evilObj)
})
test('with ampersands should escape', () => {
const evilObj = {evil: '&'}
expect(htmlEscapeJsonString(JSON.stringify(evilObj))).toBe('{"evil":"\\u0026"}')
})
test('with ampersands should parse back', () => {
const evilObj = {evil: '&'}
expect(JSON.parse(htmlEscapeJsonString(JSON.stringify(evilObj)))).toMatchObject(evilObj)
})
test('with "LINE SEPARATOR" and "PARAGRAPH SEPARATOR" should escape', () => {
const evilObj = {evil: '\u2028\u2029'}
expect(htmlEscapeJsonString(JSON.stringify(evilObj))).toBe('{"evil":"\\u2028\\u2029"}')
})
test('with "LINE SEPARATOR" and "PARAGRAPH SEPARATOR" should parse back', () => {
const evilObj = {evil: '\u2028\u2029'}
expect(JSON.parse(htmlEscapeJsonString(JSON.stringify(evilObj)))).toMatchObject(evilObj)
})
test('escaped line terminators should work', () => {
expect(() => {
vm.runInNewContext('(' + htmlEscapeJsonString(JSON.stringify({evil: '\u2028\u2029'})) + ')')
}).not.toThrow()
})
})