fixup! fix: escape error.message on login failure
This commit is contained in:
parent
22a22a8f7a
commit
2092f82270
@ -520,5 +520,5 @@ export function escapeHtml(unsafe: string): string {
|
|||||||
.replace(/</g, "<")
|
.replace(/</g, "<")
|
||||||
.replace(/>/g, ">")
|
.replace(/>/g, ">")
|
||||||
.replace(/"/g, """)
|
.replace(/"/g, """)
|
||||||
.replace(/'/g, "'")
|
.replace(/'/g, "'")
|
||||||
}
|
}
|
||||||
|
@ -448,8 +448,8 @@ describe("onLine", () => {
|
|||||||
|
|
||||||
describe("escapeHtml", () => {
|
describe("escapeHtml", () => {
|
||||||
it("should escape HTML", () => {
|
it("should escape HTML", () => {
|
||||||
expect(util.escapeHtml(`<div class="error">"Hello & world"</div>`)).toBe(
|
expect(util.escapeHtml(`<div class="error">"'ello & world"</div>`)).toBe(
|
||||||
"<div class="error">"Hello & world"</div>",
|
"<div class="error">"'ello & world"</div>",
|
||||||
)
|
)
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
@ -60,18 +60,14 @@ describe("login", () => {
|
|||||||
process.env.PASSWORD = previousEnvPassword
|
process.env.PASSWORD = previousEnvPassword
|
||||||
})
|
})
|
||||||
|
|
||||||
it("should return escaped HTML with 'Missing password' message", async () => {
|
it("should return HTML with 'Missing password' message", async () => {
|
||||||
const resp = await codeServer().fetch("/login", { method: "POST" })
|
const resp = await codeServer().fetch("/login", { method: "POST" })
|
||||||
|
|
||||||
expect(resp.status).toBe(200)
|
expect(resp.status).toBe(200)
|
||||||
|
|
||||||
const htmlContent = await resp.text()
|
const htmlContent = await resp.text()
|
||||||
|
|
||||||
expect(htmlContent).not.toContain(">")
|
expect(htmlContent).toContain("Missing password")
|
||||||
expect(htmlContent).not.toContain("<")
|
|
||||||
expect(htmlContent).not.toContain('"')
|
|
||||||
expect(htmlContent).not.toContain("'")
|
|
||||||
expect(htmlContent).toContain("<div class="error">Missing password</div>")
|
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
Reference in New Issue
Block a user