...

Source file src/html/template/css_test.go

Documentation: html/template

     1  // Copyright 2011 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  package template
     6  
     7  import (
     8  	"strconv"
     9  	"strings"
    10  	"testing"
    11  )
    12  
    13  func TestEndsWithCSSKeyword(t *testing.T) {
    14  	tests := []struct {
    15  		css, kw string
    16  		want    bool
    17  	}{
    18  		{"", "url", false},
    19  		{"url", "url", true},
    20  		{"URL", "url", true},
    21  		{"Url", "url", true},
    22  		{"url", "important", false},
    23  		{"important", "important", true},
    24  		{"image-url", "url", false},
    25  		{"imageurl", "url", false},
    26  		{"image url", "url", true},
    27  	}
    28  	for _, test := range tests {
    29  		got := endsWithCSSKeyword([]byte(test.css), test.kw)
    30  		if got != test.want {
    31  			t.Errorf("want %t but got %t for css=%v, kw=%v", test.want, got, test.css, test.kw)
    32  		}
    33  	}
    34  }
    35  
    36  func TestIsCSSNmchar(t *testing.T) {
    37  	tests := []struct {
    38  		rune rune
    39  		want bool
    40  	}{
    41  		{0, false},
    42  		{'0', true},
    43  		{'9', true},
    44  		{'A', true},
    45  		{'Z', true},
    46  		{'a', true},
    47  		{'z', true},
    48  		{'_', true},
    49  		{'-', true},
    50  		{':', false},
    51  		{';', false},
    52  		{' ', false},
    53  		{0x7f, false},
    54  		{0x80, true},
    55  		{0x1234, true},
    56  		{0xd800, false},
    57  		{0xdc00, false},
    58  		{0xfffe, false},
    59  		{0x10000, true},
    60  		{0x110000, false},
    61  	}
    62  	for _, test := range tests {
    63  		got := isCSSNmchar(test.rune)
    64  		if got != test.want {
    65  			t.Errorf("%q: want %t but got %t", string(test.rune), test.want, got)
    66  		}
    67  	}
    68  }
    69  
    70  func TestDecodeCSS(t *testing.T) {
    71  	tests := []struct {
    72  		css, want string
    73  	}{
    74  		{``, ``},
    75  		{`foo`, `foo`},
    76  		{`foo\`, `foo`},
    77  		{`foo\\`, `foo\`},
    78  		{`\`, ``},
    79  		{`\A`, "\n"},
    80  		{`\a`, "\n"},
    81  		{`\0a`, "\n"},
    82  		{`\00000a`, "\n"},
    83  		{`\000000a`, "\u0000a"},
    84  		{`\1234 5`, "\u1234" + "5"},
    85  		{`\1234\20 5`, "\u1234" + " 5"},
    86  		{`\1234\A 5`, "\u1234" + "\n5"},
    87  		{"\\1234\t5", "\u1234" + "5"},
    88  		{"\\1234\n5", "\u1234" + "5"},
    89  		{"\\1234\r\n5", "\u1234" + "5"},
    90  		{`\12345`, "\U00012345"},
    91  		{`\\`, `\`},
    92  		{`\\ `, `\ `},
    93  		{`\"`, `"`},
    94  		{`\'`, `'`},
    95  		{`\.`, `.`},
    96  		{`\. .`, `. .`},
    97  		{
    98  			`The \3c i\3equick\3c/i\3e,\d\A\3cspan style=\27 color:brown\27\3e brown\3c/span\3e  fox jumps\2028over the \3c canine class=\22lazy\22 \3e dog\3c/canine\3e`,
    99  			"The <i>quick</i>,\r\n<span style='color:brown'>brown</span> fox jumps\u2028over the <canine class=\"lazy\">dog</canine>",
   100  		},
   101  	}
   102  	for _, test := range tests {
   103  		got1 := string(decodeCSS([]byte(test.css)))
   104  		if got1 != test.want {
   105  			t.Errorf("%q: want\n\t%q\nbut got\n\t%q", test.css, test.want, got1)
   106  		}
   107  		recoded := cssEscaper(got1)
   108  		if got2 := string(decodeCSS([]byte(recoded))); got2 != test.want {
   109  			t.Errorf("%q: escape & decode not dual for %q", test.css, recoded)
   110  		}
   111  	}
   112  }
   113  
   114  func TestHexDecode(t *testing.T) {
   115  	for i := 0; i < 0x200000; i += 101 /* coprime with 16 */ {
   116  		s := strconv.FormatInt(int64(i), 16)
   117  		if got := int(hexDecode([]byte(s))); got != i {
   118  			t.Errorf("%s: want %d but got %d", s, i, got)
   119  		}
   120  		s = strings.ToUpper(s)
   121  		if got := int(hexDecode([]byte(s))); got != i {
   122  			t.Errorf("%s: want %d but got %d", s, i, got)
   123  		}
   124  	}
   125  }
   126  
   127  func TestSkipCSSSpace(t *testing.T) {
   128  	tests := []struct {
   129  		css, want string
   130  	}{
   131  		{"", ""},
   132  		{"foo", "foo"},
   133  		{"\n", ""},
   134  		{"\r\n", ""},
   135  		{"\r", ""},
   136  		{"\t", ""},
   137  		{" ", ""},
   138  		{"\f", ""},
   139  		{" foo", "foo"},
   140  		{"  foo", " foo"},
   141  		{`\20`, `\20`},
   142  	}
   143  	for _, test := range tests {
   144  		got := string(skipCSSSpace([]byte(test.css)))
   145  		if got != test.want {
   146  			t.Errorf("%q: want %q but got %q", test.css, test.want, got)
   147  		}
   148  	}
   149  }
   150  
   151  func TestCSSEscaper(t *testing.T) {
   152  	input := ("\x00\x01\x02\x03\x04\x05\x06\x07\x08\t\n\x0b\x0c\r\x0e\x0f" +
   153  		"\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f" +
   154  		` !"#$%&'()*+,-./` +
   155  		`0123456789:;<=>?` +
   156  		`@ABCDEFGHIJKLMNO` +
   157  		`PQRSTUVWXYZ[\]^_` +
   158  		"`abcdefghijklmno" +
   159  		"pqrstuvwxyz{|}~\x7f" +
   160  		"\u00A0\u0100\u2028\u2029\ufeff\U0001D11E")
   161  
   162  	want := ("\\0\x01\x02\x03\x04\x05\x06\x07" +
   163  		"\x08\\9 \\a\x0b\\c \\d\x0E\x0F" +
   164  		"\x10\x11\x12\x13\x14\x15\x16\x17" +
   165  		"\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f" +
   166  		` !\22#$%\26\27\28\29*\2b,-.\2f ` +
   167  		`0123456789\3a\3b\3c=\3e?` +
   168  		`@ABCDEFGHIJKLMNO` +
   169  		`PQRSTUVWXYZ[\\]^_` +
   170  		"`abcdefghijklmno" +
   171  		`pqrstuvwxyz\7b|\7d~` + "\u007f" +
   172  		"\u00A0\u0100\u2028\u2029\ufeff\U0001D11E")
   173  
   174  	got := cssEscaper(input)
   175  	if got != want {
   176  		t.Errorf("encode: want\n\t%q\nbut got\n\t%q", want, got)
   177  	}
   178  
   179  	got = string(decodeCSS([]byte(got)))
   180  	if input != got {
   181  		t.Errorf("decode: want\n\t%q\nbut got\n\t%q", input, got)
   182  	}
   183  }
   184  
   185  func TestCSSValueFilter(t *testing.T) {
   186  	tests := []struct {
   187  		css, want string
   188  	}{
   189  		{"", ""},
   190  		{"foo", "foo"},
   191  		{"0", "0"},
   192  		{"0px", "0px"},
   193  		{"-5px", "-5px"},
   194  		{"1.25in", "1.25in"},
   195  		{"+.33em", "+.33em"},
   196  		{"100%", "100%"},
   197  		{"12.5%", "12.5%"},
   198  		{".foo", ".foo"},
   199  		{"#bar", "#bar"},
   200  		{"corner-radius", "corner-radius"},
   201  		{"-moz-corner-radius", "-moz-corner-radius"},
   202  		{"#000", "#000"},
   203  		{"#48f", "#48f"},
   204  		{"#123456", "#123456"},
   205  		{"U+00-FF, U+980-9FF", "U+00-FF, U+980-9FF"},
   206  		{"color: red", "color: red"},
   207  		{"<!--", "ZgotmplZ"},
   208  		{"-->", "ZgotmplZ"},
   209  		{"<![CDATA[", "ZgotmplZ"},
   210  		{"]]>", "ZgotmplZ"},
   211  		{"</style", "ZgotmplZ"},
   212  		{`"`, "ZgotmplZ"},
   213  		{`'`, "ZgotmplZ"},
   214  		{"`", "ZgotmplZ"},
   215  		{"\x00", "ZgotmplZ"},
   216  		{"/* foo */", "ZgotmplZ"},
   217  		{"//", "ZgotmplZ"},
   218  		{"[href=~", "ZgotmplZ"},
   219  		{"expression(alert(1337))", "ZgotmplZ"},
   220  		{"-expression(alert(1337))", "ZgotmplZ"},
   221  		{"expression", "ZgotmplZ"},
   222  		{"Expression", "ZgotmplZ"},
   223  		{"EXPRESSION", "ZgotmplZ"},
   224  		{"-moz-binding", "ZgotmplZ"},
   225  		{"-expr\x00ession(alert(1337))", "ZgotmplZ"},
   226  		{`-expr\0ession(alert(1337))`, "ZgotmplZ"},
   227  		{`-express\69on(alert(1337))`, "ZgotmplZ"},
   228  		{`-express\69 on(alert(1337))`, "ZgotmplZ"},
   229  		{`-exp\72 ession(alert(1337))`, "ZgotmplZ"},
   230  		{`-exp\52 ession(alert(1337))`, "ZgotmplZ"},
   231  		{`-exp\000052 ession(alert(1337))`, "ZgotmplZ"},
   232  		{`-expre\0000073sion`, "-expre\x073sion"},
   233  		{`@import url evil.css`, "ZgotmplZ"},
   234  		{"<", "ZgotmplZ"},
   235  		{">", "ZgotmplZ"},
   236  	}
   237  	for _, test := range tests {
   238  		got := cssValueFilter(test.css)
   239  		if got != test.want {
   240  			t.Errorf("%q: want %q but got %q", test.css, test.want, got)
   241  		}
   242  	}
   243  }
   244  
   245  func BenchmarkCSSEscaper(b *testing.B) {
   246  	for i := 0; i < b.N; i++ {
   247  		cssEscaper("The <i>quick</i>,\r\n<span style='color:brown'>brown</span> fox jumps\u2028over the <canine class=\"lazy\">dog</canine>")
   248  	}
   249  }
   250  
   251  func BenchmarkCSSEscaperNoSpecials(b *testing.B) {
   252  	for i := 0; i < b.N; i++ {
   253  		cssEscaper("The quick, brown fox jumps over the lazy dog.")
   254  	}
   255  }
   256  
   257  func BenchmarkDecodeCSS(b *testing.B) {
   258  	s := []byte(`The \3c i\3equick\3c/i\3e,\d\A\3cspan style=\27 color:brown\27\3e brown\3c/span\3e fox jumps\2028over the \3c canine class=\22lazy\22 \3edog\3c/canine\3e`)
   259  	b.ResetTimer()
   260  	for i := 0; i < b.N; i++ {
   261  		decodeCSS(s)
   262  	}
   263  }
   264  
   265  func BenchmarkDecodeCSSNoSpecials(b *testing.B) {
   266  	s := []byte("The quick, brown fox jumps over the lazy dog.")
   267  	b.ResetTimer()
   268  	for i := 0; i < b.N; i++ {
   269  		decodeCSS(s)
   270  	}
   271  }
   272  
   273  func BenchmarkCSSValueFilter(b *testing.B) {
   274  	for i := 0; i < b.N; i++ {
   275  		cssValueFilter(`  e\78preS\0Sio/**/n(alert(1337))`)
   276  	}
   277  }
   278  
   279  func BenchmarkCSSValueFilterOk(b *testing.B) {
   280  	for i := 0; i < b.N; i++ {
   281  		cssValueFilter(`Times New Roman`)
   282  	}
   283  }
   284  

View as plain text