1

Closed

HTML Characters in test error messages need escaping

description

If an error message contains HTML markup characters then then need to be escaped before being added to the error output or the displayed string is incorrectly displayed by the browser. A suggested fix is to add the following function to the Test class in tsUnit:
 private htmlEscape(str:string):string {
    return String(str)
        .replace(/&/g, '&')
        .replace(/"/g, '"')
        .replace(/'/g, ''')
        .replace(/</g, '<')
        .replace(/>/g, '>');
}
Then modify the getTestResultsList function at line 95 in tsUnit.ts to read as follows:
list += '<li>' + result.funcName + '(): ' + this.htmlEscape(result.message) + '</li>';
This will pass the result.message through a function to replace HTML markup characters with their escape sequence versions.

Attached is a new version of the tsUnit class with the modifications above.

file attachments

Closed Sep 9, 2014 at 1:30 PM by Sohnee

comments

Sohnee wrote Mar 20, 2013 at 9:08 AM

This has been added in the following changeset:

https://tsunit.codeplex.com/SourceControl/changeset/102194

wrote Mar 20, 2013 at 9:08 AM

Sohnee wrote Mar 22, 2013 at 11:16 AM

This has been added to the 0.8.4 download:

https://tsunit.codeplex.com/releases/view/103843

wrote May 16, 2013 at 8:39 AM

wrote May 16, 2013 at 8:39 AM

wrote Jun 14, 2013 at 7:03 AM

wrote Sep 9, 2014 at 1:30 PM