diff options
Diffstat (limited to 'src/ngSanitize/sanitize.js')
| -rw-r--r-- | src/ngSanitize/sanitize.js | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/src/ngSanitize/sanitize.js b/src/ngSanitize/sanitize.js index 5e45eb33..1b6cb94e 100644 --- a/src/ngSanitize/sanitize.js +++ b/src/ngSanitize/sanitize.js @@ -99,35 +99,37 @@ var $sanitizeMinErr = angular.$$minErr('$sanitize'); </table> </div> </doc:source> - <doc:scenario> + <doc:protractor> it('should sanitize the html snippet by default', function() { - expect(using('#bind-html-with-sanitize').element('div').html()). + expect(element(by.css('#bind-html-with-sanitize div')).getInnerHtml()). toBe('<p>an html\n<em>click here</em>\nsnippet</p>'); }); it('should inline raw snippet if bound to a trusted value', function() { - expect(using('#bind-html-with-trust').element("div").html()). + expect(element(by.css('#bind-html-with-trust div')).getInnerHtml()). toBe("<p style=\"color:blue\">an html\n" + "<em onmouseover=\"this.textContent='PWN3D!'\">click here</em>\n" + "snippet</p>"); }); it('should escape snippet without any filter', function() { - expect(using('#bind-default').element('div').html()). + expect(element(by.css('#bind-default div')).getInnerHtml()). toBe("<p style=\"color:blue\">an html\n" + "<em onmouseover=\"this.textContent='PWN3D!'\">click here</em>\n" + "snippet</p>"); }); it('should update', function() { - input('snippet').enter('new <b onclick="alert(1)">text</b>'); - expect(using('#bind-html-with-sanitize').element('div').html()).toBe('new <b>text</b>'); - expect(using('#bind-html-with-trust').element('div').html()).toBe( + element(by.model('snippet')).clear(); + element(by.model('snippet')).sendKeys('new <b onclick="alert(1)">text</b>'); + expect(element(by.css('#bind-html-with-sanitize div')).getInnerHtml()). + toBe('new <b>text</b>'); + expect(element(by.css('#bind-html-with-trust div')).getInnerHtml()).toBe( 'new <b onclick="alert(1)">text</b>'); - expect(using('#bind-default').element('div').html()).toBe( + expect(element(by.css('#bind-default div')).getInnerHtml()).toBe( "new <b onclick=\"alert(1)\">text</b>"); }); - </doc:scenario> + </doc:protractor> </doc:example> */ function $SanitizeProvider() { |