You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
20 lines
825 B
20 lines
825 B
import { describe, expect, test } from "bun:test";
|
|
import { safeExternalHref } from "./safe-external-href";
|
|
|
|
describe("safeExternalHref", () => {
|
|
test("allows https urls", () => {
|
|
expect(safeExternalHref("https://example.com/path?q=1")).toBe("https://example.com/path?q=1");
|
|
});
|
|
|
|
test("rejects javascript/data/ftp protocols", () => {
|
|
expect(safeExternalHref("javascript:alert(1)")).toBeUndefined();
|
|
expect(safeExternalHref("data:text/html,hello")).toBeUndefined();
|
|
expect(safeExternalHref("ftp://example.com/file.txt")).toBeUndefined();
|
|
});
|
|
|
|
test("supports mailto only when allowMailto=true", () => {
|
|
const mailto = "mailto:user@example.com?subject=Hello";
|
|
expect(safeExternalHref(mailto)).toBeUndefined();
|
|
expect(safeExternalHref(mailto, { allowMailto: true })).toBe(mailto);
|
|
});
|
|
});
|
|
|