Joplin
/
joplin
mirror of https://github.com/laurent22/joplin.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
joplin/packages/app-desktop/gui/NoteEditor/utils/resourceHandling.test.ts

21 lines
653 B
TypeScript
Raw Normal View History

Merge pull request from GHSA-m59c-9rrj-c399 * Sanitize HTML in processPastedHtml * Add test
2023-07-27 14:41:57 +00:00
import { processPastedHtml } from './resourceHandling';
describe('resourceHandling', () => {
it('should sanitize pasted HTML', async () => {
const testCases = [
['Test: <style onload="evil()"></style>', 'Test: <style></style>'],
['<a href="javascript: alert()">test</a>', '<a href="#">test</a>'],
['<script >evil()</script>', ''],
['<script>evil()</script>', ''],
[
'<img onload="document.body.innerHTML = evil;" src="data:image/svg+xml;base64,=="/>',
'<img src="data:image/svg+xml;base64,=="/>',
],
];
for (const [html, expected] of testCases) {
expect(await processPastedHtml(html)).toBe(expected);
}
});
});