Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
Code Issues Activity

Adding xss unit test

Browse source 
issue #938
This commit is contained in:
Hannah Wolfe 2013-10-10 16:43:25 +01:00
parent 9466a9753b
commit c732cd2ccb
1 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
core/test/unit/model_posts_spec.js
View file

@ -361,4 +361,13 @@ describe('Post Model', function () {
done();
}).then(null, done);
});
it('should santize the title', function (done) {
new PostModel().fetch().then(function (model) {
return model.set({'title': "</title></head><body><script>alert('blogtitle');</script>"}).save();
}).then(function (saved) {
saved.get('title').should.eql("&lt;/title&gt;&lt;/head>&lt;body&gt;[removed]alert&#40;'blogtitle'&#41;;[removed]");
done();
}).otherwise(done);
});
});