package blackfriday import ( "testing" ) func doTestsSanitize(t *testing.T, tests []string) { doTestsInlineParam(t, tests, 0, HTML_SKIP_STYLE|HTML_SANITIZE_OUTPUT, HtmlRendererParameters{}) } func TestSanitizeRawHtmlTag(t *testing.T) { tests := []string{ "zz \n", "
zz <style>p {}</style>
\n", "zz \n", "zz <style>p {}</style>
\n", "\n", "<script>alert()</script>
\n", "zz \n", "zz <script>alert()</script>
\n", "zz \n", "zz <script>alert()</script>
\n", " \n", "<script>alert()</script>
\n", "\n", "<script>alert()</script>\n", "\n", "<script src='foo'></script>\n", "\n", "<script src='a>b'></script>\n", "zz \n", "zz <script src='foo'></script>
\n", "zz \n", "zz <script src=foo></script>
\n", ``, "<script><script src="http://example.com/exploit.js"></script></script>\n", `'';!--"'';!--"<xss>=&{()}
\n", "", "<script SRC=http://ha.ckers.org/xss.js></script>
\n", "", "<script \nSRC=http://ha.ckers.org/xss.js></script>
\n", ``, "\n", "", "\n", "", "\n", "", "\n", `xss link`, "\n", "xss link", "\n", `">`, "<script>alert("XSS")</script>">
\n", "", "\n", ``, "\n", ``, "\n", ``, "\n", "", "\n", "", "\n", "", "\n", ``, "\n", ``, "\n", ``, "\n", ``, "\n", ``, "\n", ``, "<script/XSS SRC="http://ha.ckers.org/xss.js"></script>
\n", "", "<body onload!#$%&()*~+-_.,:;?@[/|\\]^`=alert("XSS")>
\n", ``, "<script/SRC="http://ha.ckers.org/xss.js"></script>
\n", `<`, "<<script>alert("XSS");//<</script>
\n", "