mirror of
https://github.com/discourse/discourse.git
synced 2024-12-16 04:53:58 +08:00
16 lines
465 B
Ruby
16 lines
465 B
Ruby
|
require 'rails_helper'
|
||
|
require 'category_badge'
|
||
|
|
||
|
describe CategoryBadge do
|
||
|
it "escapes HTML in category names / descriptions" do
|
||
|
c = Fabricate(:category, name: '<b>name</b>', description: '<b>title</b>')
|
||
|
|
||
|
html = CategoryBadge.html_for(c)
|
||
|
|
||
|
expect(html).not_to include("<b>title</b>")
|
||
|
expect(html).not_to include("<b>name</b>")
|
||
|
expect(html).to include(ERB::Util.html_escape("<b>name</b>"))
|
||
|
expect(html).to include("title='title'")
|
||
|
end
|
||
|
end
|