oss/miniflux-v2
oss/miniflux-v2
1
0
Fork 0
mirror of https://github.com/miniflux/v2.git synced 2025-07-12 16:58:36 +00:00
Code Wiki Activity

Improve sanitizer to remove script and noscript contents

Browse source 
These tags where removed but the content was rendered as escaped HTML.

See #157
This commit is contained in:
Dave Z 2018-06-23 20:50:43 -04:00 committed by Frédéric Guillot
parent 7039df9af1
commit d847b10e32
2 changed files with 33 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

20
reader/sanitizer/sanitizer_test.go
View file

@ -212,3 +212,23 @@ func TestReplaceIframeURL(t *testing.T) {
t.Errorf(`Wrong output: "%s" != "%s"`, expected, output)
}
}
func TestReplaceNoScript(t *testing.T) {
input := `<p>Before paragraph.</p><noscript>Inside <code>noscript</code> tag with an image: <img src="http://example.org/" alt="Test"></noscript><p>After paragraph.</p>`
expected := `<p>Before paragraph.</p><p>After paragraph.</p>`
output := Sanitize("http://example.org/", input)
if expected != output {
t.Errorf(`Wrong output: "%s" != "%s"`, expected, output)
}
}
func TestReplaceScript(t *testing.T) {
input := `<p>Before paragraph.</p><script type="text/javascript">alert("1");</script><p>After paragraph.</p>`
expected := `<p>Before paragraph.</p><p>After paragraph.</p>`
output := Sanitize("http://example.org/", input)
if expected != output {
t.Errorf(`Wrong output: "%s" != "%s"`, expected, output)
}
}