mirror of
https://github.com/zhigang1992/angular.js.git
synced 2026-04-23 03:30:02 +08:00
ab80cd9066
Applies similar sanitization as is applie to img[src] to img[srcset], while adapting to the different semantics and syntax of srcset.
33 lines
1.2 KiB
JavaScript
33 lines
1.2 KiB
JavaScript
/*jshint scripturl:true*/
|
|
'use strict';
|
|
|
|
describe('ngSrcset', function() {
|
|
var element;
|
|
|
|
afterEach(function() {
|
|
dealoc(element);
|
|
});
|
|
|
|
it('should not result empty string in img srcset', inject(function($rootScope, $compile) {
|
|
$rootScope.image = {};
|
|
element = $compile('<img ng-srcset="{{image.url}} 2x">')($rootScope);
|
|
$rootScope.$digest();
|
|
expect(element.attr('srcset')).toBeUndefined();
|
|
}));
|
|
|
|
it('should sanitize good urls', inject(function($rootScope, $compile) {
|
|
$rootScope.imageUrl = 'http://example.com/image1.png 1x, http://example.com/image2.png 2x';
|
|
element = $compile('<img ng-srcset="{{imageUrl}}">')($rootScope);
|
|
$rootScope.$digest();
|
|
expect(element.attr('srcset')).toBe('http://example.com/image1.png 1x,http://example.com/image2.png 2x');
|
|
}));
|
|
|
|
it('should sanitize evil url', inject(function($rootScope, $compile) {
|
|
$rootScope.imageUrl = 'http://example.com/image1.png 1x, javascript:doEvilStuff() 2x';
|
|
element = $compile('<img ng-srcset="{{imageUrl}}">')($rootScope);
|
|
$rootScope.$digest();
|
|
expect(element.attr('srcset')).toBe('http://example.com/image1.png 1x,unsafe:javascript:doEvilStuff() 2x');
|
|
}));
|
|
});
|
|
|