MCPcopy
hub / github.com/larksuite/cli / TestRun_JavaScriptURLBlocked

Function TestRun_JavaScriptURLBlocked

shortcuts/mail/lint/linter_test.go:257–271  ·  view source on GitHub ↗

===================================================================== URL scheme allow-list. ===================================================================== TestRun_JavaScriptURLBlocked verifies javascript: hrefs are stripped.

(t *testing.T)

Source from the content-addressed store, hash-verified

255
256// TestRun_JavaScriptURLBlocked verifies javascript: hrefs are stripped.
257func TestRun_JavaScriptURLBlocked(t *testing.T) {
258 rep := Run(`<a href="javascript:alert(1)">click</a>`, Options{})
259 hasErr := false
260 for _, f := range rep.Blocked {
261 if f.RuleID == RuleAttrJSURLBlocked {
262 hasErr = true
263 }
264 }
265 if !hasErr {
266 t.Errorf("javascript: URL should fire ATTR_JS_URL_BLOCKED, got %+v", rep.Blocked)
267 }
268 if strings.Contains(rep.CleanedHTML, "javascript:") {
269 t.Errorf("javascript: should be stripped, cleaned=%q", rep.CleanedHTML)
270 }
271}
272
273// TestRun_VBScriptURLBlocked verifies vbscript: is rejected.
274func TestRun_VBScriptURLBlocked(t *testing.T) {

Callers

nothing calls this directly

Calls 2

RunFunction · 0.70
ContainsMethod · 0.45

Tested by

no test coverage detected