markdown 0.1.17.2 → 0.1.17.3
raw patch · 3 files changed
+6/−2 lines, 3 files
Files
- ChangeLog.md +4/−0
- markdown.cabal +1/−1
- test/main.hs +1/−1
ChangeLog.md view
@@ -1,5 +1,9 @@ # Changelog for markdown +## 0.1.17.3++* Fix the previous test fix+ ## 0.1.17.2 * Make test suite slightly more resilient to escaping rules
markdown.cabal view
@@ -1,5 +1,5 @@ Name: markdown-Version: 0.1.17.2+Version: 0.1.17.3 Synopsis: Convert Markdown to HTML, with XSS protection Description: This library leverages existing high-performance libraries (attoparsec, blaze-html, text, and conduit), and should integrate well with existing codebases. Homepage: https://github.com/snoyberg/markdown
test/main.hs view
@@ -225,7 +225,7 @@ it "inline" $ check "<p>foo<br>bar</p>" "foo<br>bar" it "inline xss" $ check "<p>foo<br>bar</p>" "foo<br onclick='evil'>bar" it "block" $ check "<div>hello world</div>" "<div>hello world</div>"- it "block xss" $ check "alert(\"evil\")" "<script>alert("evil")</script>"+ it "block xss" $ check "alert("evil")" "<script>alert(\"evil\")</script>" it "should be escaped" $ check "<p>1 < 2</p>" "1 < 2" it "standalone" $ checkSet def { msStandaloneHtml = Set.fromList ["<hidden>", "</hidden>"], msXssProtect = False }