diff options
Diffstat (limited to 'rt/t/security/CVE-2011-2083-scrub.t')
| -rw-r--r-- | rt/t/security/CVE-2011-2083-scrub.t | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/rt/t/security/CVE-2011-2083-scrub.t b/rt/t/security/CVE-2011-2083-scrub.t new file mode 100644 index 000000000..f05378398 --- /dev/null +++ b/rt/t/security/CVE-2011-2083-scrub.t @@ -0,0 +1,18 @@ +use strict; +use warnings; + +use RT::Test nodb => 1, tests => undef; +use RT::Interface::Web; # This gets us HTML::Mason::Commands +use Test::LongString; + +{ + my $html = '<div id="metadata"><span class="actions"><a>OH HAI</a></span></div><p>Moose</p>'; + my $expected = '<div><span><a>OH HAI</a></span></div><p>Moose</p>'; + is_string(scrub_html($html), $expected, "class and id are stripped"); +} + +sub scrub_html { + return HTML::Mason::Commands::ScrubHTML(shift); +} + +done_testing; |