From c732cd2ccbe0f52567fe98309aea519c8ceda6a4 Mon Sep 17 00:00:00 2001
From: Hannah Wolfe <erisds@gmail.com>
Date: Thu, 10 Oct 2013 16:43:25 +0100
Subject: [PATCH] Adding xss unit test

issue #938
---
 core/test/unit/model_posts_spec.js | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/core/test/unit/model_posts_spec.js b/core/test/unit/model_posts_spec.js
index 7e16d0694a..5652fe0bcb 100644
--- a/core/test/unit/model_posts_spec.js
+++ b/core/test/unit/model_posts_spec.js
@@ -361,4 +361,13 @@ describe('Post Model', function () {
             done();
         }).then(null, done);
     });
+
+    it('should santize the title', function (done) {
+        new PostModel().fetch().then(function (model) {
+            return model.set({'title': "</title></head><body><script>alert('blogtitle');</script>"}).save();
+        }).then(function (saved) {
+                saved.get('title').should.eql("&lt;/title&gt;&lt;/head>&lt;body&gt;[removed]alert&#40;'blogtitle'&#41;;[removed]");
+                done();
+            }).otherwise(done);
+    });
 });