feat: implement secure image upload pipeline and backend XSS guard (Stage 2 Task A)
This commit is contained in:
@@ -51,4 +51,20 @@ public class HtmlSanitizerServiceTests
|
||||
result.Should().NotContain("alert");
|
||||
result.Should().Contain("<img src=\"x\">");
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void Sanitize_WithMarkdownCodeBlockContainingAngleBrackets_DoesNotStripAngleBrackets()
|
||||
{
|
||||
// Arrange
|
||||
var service = new HtmlSanitizerService();
|
||||
var input = "Here is some code:\n\n```csharp\nif (x < y && y > z) { Console.WriteLine(\"test\"); }\n```";
|
||||
|
||||
// Act
|
||||
var result = service.Sanitize(input);
|
||||
|
||||
// Assert
|
||||
result.Should().Contain("<");
|
||||
result.Should().Contain(">");
|
||||
result.Should().NotContain("<script>");
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user