public void AnchorTagUrlEncodingXSSTest()
{
// Arrange
DefaultHtmlSanitizer target = new DefaultHtmlSanitizer();
Dictionary<string, string[]> elementWhiteList = CreateElementWhiteList();
// Act
string htmlFragment = "<A HREF=\"http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D\">XSS</A>";
string actual = target.GetSafeHtmlFragment(htmlFragment, elementWhiteList);
// Assert
string expected = "<a href=\"http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D\">XSS</a>";
StringAssert.AreEqualIgnoringCase(expected, actual);
}