Kharec/m2h
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
da24af38e32dc0fb2d2875bb38fc4fdf706fe72d
m2h/t/04-links-images.t

51 lines
1.5 KiB
Perl
Executable File
Raw Blame History

#!/usr/bin/env perl
use strict;
use warnings;
use Test::More tests => 10;
use MarkdownParser;
my $parser = MarkdownParser->new();
is(
$parser->parse("[link text](http://example.com)"),
"<p><a href=\"http://example.com\">link text</a></p>\n",
"Simple link"
);
is(
$parser->parse("[link with spaces](https://example.com/path)"),
"<p><a href=\"https://example.com/path\">link with spaces</a></p>\n",
"Link with path"
);
is(
$parser->parse("![alt text](image.png)"),
"<p><img src=\"image.png\" alt=\"alt text\"></p>\n",
"Simple image"
);
is(
$parser->parse("![alt with spaces](http://example.com/image.jpg)"),
"<p><img src=\"http://example.com/image.jpg\" alt=\"alt with spaces\"></p>\n",
"Image with URL"
);
is(
$parser->parse("[Click me](javascript:alert('XSS'))"),
"<p>Click me</p>\n",
"JavaScript protocol blocked in links"
);
is(
$parser->parse("[Click me](data:text/html,<script>alert('XSS')</script>)"),
"<p>Click me</p>\n",
"Data protocol blocked in links"
);
is(
$parser->parse("[Click me](javascript&#x3A;alert('XSS'))"),
"<p>Click me</p>\n",
"Encoded JavaScript protocol blocked in links"
);
is( $parser->parse("![Image](javascript:alert('XSS'))"),
"<p>Image</p>\n", "JavaScript protocol blocked in images" );
is( $parser->parse("![Image](file:///etc/passwd)"),
"<p>Image</p>\n", "File protocol blocked in images" );
is( $parser->parse("![Image](javascript:%2f%2falert('XSS'))"),
"<p>Image</p>\n", "Encoded JavaScript protocol blocked in images" );
Reference in New Issue View Git Blame Copy Permalink