-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathrender_test.go
More file actions
97 lines (81 loc) · 2.39 KB
/
render_test.go
File metadata and controls
97 lines (81 loc) · 2.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
package html
import (
"strings"
"testing"
i18n "dappco.re/go/core/i18n"
)
func TestRender_FullPage(t *testing.T) {
svc, _ := i18n.New()
i18n.SetDefault(svc)
ctx := NewContext()
page := NewLayout("HCF").
H(El("h1", Text("Dashboard"))).
C(
El("div",
El("p", Text("Welcome")),
Each([]string{"Home", "Settings", "Profile"}, func(item string) Node {
return El("a", Raw(item))
}),
),
).
F(El("small", Text("Footer")))
got := page.Render(ctx)
// Contains semantic elements
for _, want := range []string{"<header", "<main", "<footer"} {
if !strings.Contains(got, want) {
t.Errorf("full page missing semantic element %q in:\n%s", want, got)
}
}
// Content rendered
for _, want := range []string{"Dashboard", "Welcome", "Home"} {
if !strings.Contains(got, want) {
t.Errorf("full page missing content %q in:\n%s", want, got)
}
}
// Basic tag balance check: every opening tag should have a closing tag.
for _, tag := range []string{"header", "main", "footer", "h1", "div", "p", "small"} {
open := "<" + tag
close := "</" + tag + ">"
if strings.Count(got, open) != strings.Count(got, close) {
t.Errorf("unbalanced <%s> tags in:\n%s", tag, got)
}
}
}
func TestRender_EntitlementGating(t *testing.T) {
svc, _ := i18n.New()
i18n.SetDefault(svc)
ctx := NewContext()
ctx.Entitlements = func(f string) bool { return f == "admin" }
page := NewLayout("HCF").
H(Raw("header")).
C(
Raw("public"),
Entitled("admin", Raw(" admin-panel")),
Entitled("premium", Raw(" premium-content")),
).
F(Raw("footer"))
got := page.Render(ctx)
if !strings.Contains(got, "public") {
t.Errorf("entitlement gating should render public content, got:\n%s", got)
}
if !strings.Contains(got, "admin-panel") {
t.Errorf("entitlement gating should render admin-panel for admin, got:\n%s", got)
}
if strings.Contains(got, "premium-content") {
t.Errorf("entitlement gating should NOT render premium-content, got:\n%s", got)
}
}
func TestRender_XSSPrevention(t *testing.T) {
svc, _ := i18n.New()
i18n.SetDefault(svc)
ctx := NewContext()
page := NewLayout("C").
C(Text("<script>alert('xss')</script>"))
got := page.Render(ctx)
if strings.Contains(got, "<script>") {
t.Errorf("XSS prevention failed: output contains raw <script> tag:\n%s", got)
}
if !strings.Contains(got, "<script>") {
t.Errorf("XSS prevention: expected escaped script tag, got:\n%s", got)
}
}