feat: implement secure image upload pipeline and backend XSS guard (Stage 2 Task A)

This commit is contained in:
2026-06-11 20:32:05 +02:00
parent ec3fc52a73
commit 155bfa9aa0
10 changed files with 242 additions and 40 deletions
@@ -51,4 +51,20 @@ public class HtmlSanitizerServiceTests
result.Should().NotContain("alert");
result.Should().Contain("<img src=\"x\">");
}
[Fact]
public void Sanitize_WithMarkdownCodeBlockContainingAngleBrackets_DoesNotStripAngleBrackets()
{
// Arrange
var service = new HtmlSanitizerService();
var input = "Here is some code:\n\n```csharp\nif (x < y && y > z) { Console.WriteLine(\"test\"); }\n```";
// Act
var result = service.Sanitize(input);
// Assert
result.Should().Contain("&lt;");
result.Should().Contain("&gt;");
result.Should().NotContain("<script>");
}
}