honeymoose/OpenSearch
1
0
Fork 0
mirror of https://github.com/honeymoose/OpenSearch.git synced 2025-03-09 14:34:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

[TEST] Add html found during testing to cause problems for the sanitizer.

Browse Source 
This change adds a html string that was found to cause problems for the sanitizer during testing.

Original commit: elastic/x-pack-elasticsearch@275e728674
This commit is contained in:
Brian Murphy 2015-05-03 21:35:35 -04:00
parent bc78dd36c9
commit d95e068a77
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/test/java/org/elasticsearch/watcher/actions/email/service/HtmlSanitizeTests.java
View File

@ -66,5 +66,12 @@ public class HtmlSanitizeTests extends ElasticsearchTestCase {
assertThat(sanitizedHtml, equalTo("This was a dangerous script"));
}
@Test
public void test_HtmlSanitizer_FullHtmlWithMetaString() {
String needsSanitation = "<html><head></head><body><h1>Hello {{ctx.metadata.name}}</h1> meta <a href='https://www.google.com/search?q={{ctx.metadata.name}}'>Testlink</a>meta</body></html>";
byte[] bytes = new byte[0];
String sanitizedHtml = Profile.sanitizeHtml(ImmutableMap.of("foo", (Attachment) new Attachment.Bytes("foo", bytes, "")), needsSanitation);
assertThat(sanitizedHtml, equalTo("<head></head><body><h1>Hello {{ctx.metadata.name}}</h1> meta <a href=\"https://www.google.com/search?q&#61;{{ctx.metadata.name}}\" rel=\"nofollow\">Testlink</a>meta</body>"));
}
}