From 729d445b6885f69dd2c6355f38707bd42851c791 Mon Sep 17 00:00:00 2001
From: Jarred Sumner <709451+Jarred-Sumner@users.noreply.github.com>
Date: Wed, 22 Jun 2022 23:21:48 -0700
Subject: change the directory structure
---
test/bun.js/escapeHTML.test.js | 105 +++++++++++++++++++++++++++++++++++++++++
1 file changed, 105 insertions(+)
create mode 100644 test/bun.js/escapeHTML.test.js
(limited to 'test/bun.js/escapeHTML.test.js')
diff --git a/test/bun.js/escapeHTML.test.js b/test/bun.js/escapeHTML.test.js
new file mode 100644
index 000000000..ecfcc5e7c
--- /dev/null
+++ b/test/bun.js/escapeHTML.test.js
@@ -0,0 +1,105 @@
+import { describe, it, expect } from "bun:test";
+import { gcTick } from "./gc";
+import { escapeHTML } from "bun";
+
+describe("escapeHTML", () => {
+ // The matrix of cases we need to test for:
+ // 1. Works with short strings
+ // 2. Works with long strings
+ // 3. Works with latin1 strings
+ // 4. Works with utf16 strings
+ // 5. Works when the text to escape is somewhere in the middle
+ // 6. Works when the text to escape is in the beginning
+ // 7. Works when the text to escape is in the end
+ // 8. Returns the same string when there's no need to escape
+ it("works", () => {
+ expect(escapeHTML("absolutely nothing to do here")).toBe(
+ "absolutely nothing to do here"
+ );
+ expect(escapeHTML("")).toBe(
+ "<script>alert(1)</script>"
+ );
+ expect(escapeHTML("<")).toBe("<");
+ expect(escapeHTML(">")).toBe(">");
+ expect(escapeHTML("&")).toBe("&");
+ expect(escapeHTML("'")).toBe("'");
+ expect(escapeHTML('"')).toBe(""");
+ expect(escapeHTML("\n")).toBe("\n");
+ expect(escapeHTML("\r")).toBe("\r");
+ expect(escapeHTML("\t")).toBe("\t");
+ expect(escapeHTML("\f")).toBe("\f");
+ expect(escapeHTML("\v")).toBe("\v");
+ expect(escapeHTML("\b")).toBe("\b");
+ expect(escapeHTML("\u00A0")).toBe("\u00A0");
+ expect(escapeHTML("" + "lalala")).toBe(
+ "lalala<script>alert(1)</script>lalala"
+ );
+
+ expect(escapeHTML("" + "lalala")).toBe(
+ "<script>alert(1)</script>lalala"
+ );
+ expect(escapeHTML("lalala" + "")).toBe(
+ "lalala" + "<script>alert(1)</script>"
+ );
+
+ expect(escapeHTML("What does ๐ mean?")).toBe("What does ๐ mean?");
+ const output = escapeHTML("What does ๐ mean in text?")).toBe(
+ "<div>What does ๐ mean in text?"
+ );
+
+ expect(
+ escapeHTML(
+ ("lalala" + "" + "lalala").repeat(900)
+ )
+ ).toBe("lalala<script>alert(1)</script>lalala".repeat(900));
+ expect(
+ escapeHTML(("" + "lalala").repeat(900))
+ ).toBe("<script>alert(1)</script>lalala".repeat(900));
+ expect(
+ escapeHTML(("lalala" + "").repeat(900))
+ ).toBe(("lalala" + "<script>alert(1)</script>").repeat(900));
+
+ // the positions of the unicode codepoint are important
+ // our simd code for U16 is at 8 bytes, so we need to especially check the boundaries
+ expect(
+ escapeHTML("๐lalala" + "" + "lalala")
+ ).toBe("๐lalala<script>alert(1)</script>lalala");
+ expect(escapeHTML("" + "lalala")).toBe(
+ "<script>๐alert(1)</script>lalala"
+ );
+ expect(escapeHTML("" + "lalala")).toBe(
+ "<script>alert(1)๐</script>lalala"
+ );
+ expect(escapeHTML("" + "๐lalala")).toBe(
+ "<script>alert(1)</script>๐lalala"
+ );
+ expect(escapeHTML("" + "lal๐ala")).toBe(
+ "<script>alert(1)</script>lal๐ala"
+ );
+ expect(
+ escapeHTML("" + "lal๐ala".repeat(10))
+ ).toBe("<script>alert(1)</script>" + "lal๐ala".repeat(10));
+
+ for (let i = 1; i < 10; i++)
+ expect(escapeHTML("" + "la๐".repeat(i))).toBe(
+ "<script>alert(1)</script>" + "la๐".repeat(i)
+ );
+
+ expect(escapeHTML("la๐" + "")).toBe(
+ "la๐" + "<script>alert(1)</script>"
+ );
+ expect(
+ escapeHTML(("lalala" + "๐").repeat(1))
+ ).toBe(("lalala" + "<script>alert(1)</script>๐").repeat(1));
+
+ expect(escapeHTML("๐".repeat(100))).toBe("๐".repeat(100));
+ expect(escapeHTML("๐<".repeat(100))).toBe("๐<".repeat(100));
+ expect(escapeHTML("<๐>".repeat(100))).toBe("<๐>".repeat(100));
+ });
+});
--
cgit v1.2.3