add test to check class is being escaped in form_class
This commit is contained in:
parent
15ad707852
commit
86dc5987b2
@ -54,6 +54,10 @@ def test_button_to_with_form_class
|
||||
assert_dom_equal "<form method=\"post\" action=\"http://www.example.com\" class=\"custom-class\"><div><input type=\"submit\" value=\"Hello\" /></div></form>", button_to("Hello", "http://www.example.com", :form_class => 'custom-class')
|
||||
end
|
||||
|
||||
def test_button_to_with_form_class_escapes
|
||||
assert_dom_equal "<form method=\"post\" action=\"http://www.example.com\" class=\"<script>evil_js</script>\"><div><input type=\"submit\" value=\"Hello\" /></div></form>", button_to("Hello", "http://www.example.com", :form_class => '<script>evil_js</script>')
|
||||
end
|
||||
|
||||
def test_button_to_with_query
|
||||
assert_dom_equal "<form method=\"post\" action=\"http://www.example.com/q1=v1&q2=v2\" class=\"button_to\"><div><input type=\"submit\" value=\"Hello\" /></div></form>", button_to("Hello", "http://www.example.com/q1=v1&q2=v2")
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user