mirror of
https://codeberg.org/Codeberg/pages-server.git
synced 2024-12-02 21:15:27 +00:00
9d769aeee7
Co-authored-by: crapStone <crapstone01@gmail.com> Reviewed-on: https://codeberg.org/Codeberg/pages-server/pulls/145 Reviewed-by: Gusted <gusted@noreply.codeberg.org> Reviewed-by: 6543 <6543@obermui.de> Co-authored-by: crapStone <crapstone@noreply.codeberg.org> Co-committed-by: crapStone <crapstone@noreply.codeberg.org>
39 lines
1002 B
Go
39 lines
1002 B
Go
package html
|
|
|
|
import (
|
|
"net/http"
|
|
"strings"
|
|
"testing"
|
|
)
|
|
|
|
func TestValidMessage(t *testing.T) {
|
|
testString := "requested blacklisted path"
|
|
statusCode := http.StatusForbidden
|
|
|
|
expected := strings.ReplaceAll(
|
|
strings.ReplaceAll(ErrorPage, "%message%", testString),
|
|
"%status%",
|
|
http.StatusText(statusCode))
|
|
actual := generateResponse(testString, statusCode)
|
|
|
|
if expected != actual {
|
|
t.Errorf("generated response did not match: expected: '%s', got: '%s'", expected, actual)
|
|
}
|
|
}
|
|
|
|
func TestMessageWithHtml(t *testing.T) {
|
|
testString := `abc<img src=1 onerror=alert("xss");`
|
|
escapedString := "abc<img src=1 onerror=alert("xss");"
|
|
statusCode := http.StatusNotFound
|
|
|
|
expected := strings.ReplaceAll(
|
|
strings.ReplaceAll(ErrorPage, "%message%", escapedString),
|
|
"%status%",
|
|
http.StatusText(statusCode))
|
|
actual := generateResponse(testString, statusCode)
|
|
|
|
if expected != actual {
|
|
t.Errorf("generated response did not match: expected: '%s', got: '%s'", expected, actual)
|
|
}
|
|
}
|