Skip to content
This repository was archived by the owner on Apr 12, 2024. It is now read-only.

Commit c7b29e5

Browse files
gkalpakgkalpak
committed
test($sanitize): fix failing tests on MS Edge
1 parent e6b46a0 commit c7b29e5

File tree

1 file changed

+6
-2
lines changed

1 file changed

+6
-2
lines changed

test/ngSanitize/sanitizeSpec.js

+6-2
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,8 @@
11
'use strict';
22

33
describe('HTML', function() {
4+
var ua = window.navigator.userAgent;
5+
var isChrome = /Chrome/.test(ua) && !/Edge/.test(ua);
46

57
var expectHTML;
68

@@ -222,7 +224,7 @@ describe('HTML', function() {
222224
.toEqual('');
223225
});
224226

225-
if (/Chrome/.test(window.navigator.userAgent)) {
227+
if (isChrome) {
226228
it('should prevent mXSS attacks', function() {
227229
expectHTML('<a href="&#x3000;javascript:alert(1)">CLICKME</a>').toBe('<a>CLICKME</a>');
228230
});
@@ -245,7 +247,8 @@ describe('HTML', function() {
245247
expectHTML('<svg width="400px" height="150px" xmlns="http://www.w3.org/2000/svg"><circle cx="50" cy="50" r="40" stroke="black" stroke-width="3" fill="red"></svg>')
246248
.toBeOneOf('<svg width="400px" height="150px" xmlns="http://www.w3.org/2000/svg"><circle cx="50" cy="50" r="40" stroke="black" stroke-width="3" fill="red"></circle></svg>',
247249
'<svg xmlns="http://www.w3.org/2000/svg" height="150px" width="400px"><circle fill="red" stroke-width="3" stroke="black" r="40" cy="50" cx="50"></circle></svg>',
248-
'<svg width="400px" height="150px" xmlns="http://www.w3.org/2000/svg"><circle fill="red" stroke="black" stroke-width="3" cx="50" cy="50" r="40"></circle></svg>');
250+
'<svg width="400px" height="150px" xmlns="http://www.w3.org/2000/svg"><circle fill="red" stroke="black" stroke-width="3" cx="50" cy="50" r="40"></circle></svg>',
251+
'<svg width="400px" height="150px" xmlns="http://www.w3.org/2000/svg"><circle FILL="red" STROKE="black" STROKE-WIDTH="3" cx="50" cy="50" r="40"></circle></svg>');
249252
});
250253

251254
it('should not ignore white-listed svg camelCased attributes', function() {
@@ -283,6 +286,7 @@ describe('HTML', function() {
283286
it('should not accept SVG animation tags', function() {
284287
expectHTML('<svg xmlns:xlink="http://www.w3.org/1999/xlink"><a><text y="1em">Click me</text><animate attributeName="xlink:href" values="javascript:alert(1)"/></a></svg>')
285288
.toBeOneOf('<svg xmlns:xlink="http://www.w3.org/1999/xlink"><a><text y="1em">Click me</text></a></svg>',
289+
'<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><a><text y="1em">Click me</text></a></svg>',
286290
'<svg xmlns="http://www.w3.org/2000/svg"><a><text y="1em">Click me</text></a></svg>');
287291

288292
expectHTML('<svg><a xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="?"><circle r="400"></circle>' +

0 commit comments

Comments
 (0)