This project is read-only.


HTML Characters in test error messages need escaping


If an error message contains HTML markup characters then then need to be escaped before being added to the error output or the displayed string is incorrectly displayed by the browser. A suggested fix is to add the following function to the Test class in tsUnit:
 private htmlEscape(str:string):string {
    return String(str)
        .replace(/&/g, '&')
        .replace(/"/g, '"')
        .replace(/'/g, ''')
        .replace(/</g, '<')
        .replace(/>/g, '>');
Then modify the getTestResultsList function at line 95 in tsUnit.ts to read as follows:
list += '<li>' + result.funcName + '(): ' + this.htmlEscape(result.message) + '</li>';
This will pass the result.message through a function to replace HTML markup characters with their escape sequence versions.

Attached is a new version of the tsUnit class with the modifications above.

file attachments

Closed Sep 9, 2014 at 2:30 PM by Sohnee


Sohnee wrote Mar 20, 2013 at 10:08 AM

This has been added in the following changeset:

wrote Mar 20, 2013 at 10:08 AM

Sohnee wrote Mar 22, 2013 at 12:16 PM

This has been added to the 0.8.4 download:

wrote May 16, 2013 at 9:39 AM

wrote May 16, 2013 at 9:39 AM

wrote Jun 14, 2013 at 8:03 AM

wrote Sep 9, 2014 at 2:30 PM