angular-docs-cn/modules/@angular/platform-browser/test/security/url_sanitizer_spec.ts

import * as t from '@angular/core/testing/testing_internal';
import {sanitizeUrl} from '../../src/security/url_sanitizer';

export function main() {
  t.describe('URL sanitizer', () => {
    t.describe('valid URLs', () => {
      const validUrls = [
        '',
        'http://abc',
        'HTTP://abc',
        'https://abc',
        'HTTPS://abc',
        'ftp://abc',
        'FTP://abc',
        'mailto:me@example.com',
        'MAILTO:me@example.com',
        'tel:123-123-1234',
        'TEL:123-123-1234',
        '#anchor',
        '/page1.md',
        'http://JavaScript/my.js'
      ];
      for (let url of validUrls) {
        t.it(`valid ${url}`, () => t.expect(sanitizeUrl(url)).toEqual(url));
      }
    });

    t.describe('invalid URLs', () => {
      const invalidUrls = [
        'javascript:evil()',
        'JavaScript:abc',
        'evilNewProtocol:abc',
        ' \n Java\n Script:abc',
        '&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;',
        '&#106&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;',
        '&#106 &#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;',
        '&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058',
        '&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A;',
        'jav&#x09;ascript:alert();',
        'jav\u0000ascript:alert();',
      ];
      for (let url of invalidUrls) {
        t.it(`valid ${url}`, () => t.expect(sanitizeUrl(url)).toMatch(/^unsafe:/));
      }
    });
  });
}
feat(security): add tests for URL sanitization. 2016-05-03 21:41:31 -04:00			`import * as t from '@angular/core/testing/testing_internal';`
			`import {sanitizeUrl} from '../../src/security/url_sanitizer';`

			`export function main() {`
			`t.describe('URL sanitizer', () => {`
			`t.describe('valid URLs', () => {`
			`const validUrls = [`
			`'',`
			`'http://abc',`
			`'HTTP://abc',`
			`'https://abc',`
			`'HTTPS://abc',`
			`'ftp://abc',`
			`'FTP://abc',`
			`'mailto:me@example.com',`
			`'MAILTO:me@example.com',`
			`'tel:123-123-1234',`
			`'TEL:123-123-1234',`
			`'#anchor',`
			`'/page1.md',`
			`'http://JavaScript/my.js'`
			`];`
			`for (let url of validUrls) {`
			t.it(`valid ${url}`, () => t.expect(sanitizeUrl(url)).toEqual(url));
			`}`
			`});`

			`t.describe('invalid URLs', () => {`
			`const invalidUrls = [`
			`'javascript:evil()',`
			`'JavaScript:abc',`
			`'evilNewProtocol:abc',`
			`' \n Java\n Script:abc',`
			`'javascript:',`
			`'&#106avascript:',`
			`'&#106 avascript:',`
			`'&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058',`
			`'&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74:',`
			`'jav ascript:alert();',`
			`'jav\u0000ascript:alert();',`
			`];`
			`for (let url of invalidUrls) {`
			t.it(`valid ${url}`, () => t.expect(sanitizeUrl(url)).toMatch(/^unsafe:/));
			`}`
			`});`
			`});`
			`}`