From 516759b1ff97c55dbf73cf50ee06a359b403aa67 Mon Sep 17 00:00:00 2001
From: Marc Laval <mlaval@amadeus.com>
Date: Wed, 23 Aug 2017 12:48:21 +0200
Subject: [PATCH] test(platform-browser): fix mXSS attack test in Canary
 (#18809)

PR Close #18809
---
 packages/platform-browser/test/security/html_sanitizer_spec.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/packages/platform-browser/test/security/html_sanitizer_spec.ts b/packages/platform-browser/test/security/html_sanitizer_spec.ts
index 51afd6d159..a46e139b6f 100644
--- a/packages/platform-browser/test/security/html_sanitizer_spec.ts
+++ b/packages/platform-browser/test/security/html_sanitizer_spec.ts
@@ -136,8 +136,9 @@ export function main() {
 
     if (browserDetection.isWebkit) {
       it('should prevent mXSS attacks', function() {
+        // In Chrome Canary 62, the ideographic space character is kept as a stringified HTML entity
         expect(sanitizeHtml(defaultDoc, '<a href="&#x3000;javascript:alert(1)">CLICKME</a>'))
-            .toEqual('<a href="unsafe:javascript:alert(1)">CLICKME</a>');
+            .toMatch(/<a href="unsafe:(&#12288;)?javascript:alert\(1\)">CLICKME<\/a>/);
       });
     }
   });