AjaxControlToolkit.Tests.HtmlSanititzer.DefaultHtmlsanitizerSanitizerTests.AnchorTagHtmlQuotesEncapsulation7XSSTest C# (CSharp) Метод

        public void AnchorTagHtmlQuotesEncapsulation7XSSTest()
        {
            // Arrange
            DefaultHtmlSanitizer target = new DefaultHtmlSanitizer();
            Dictionary<string, string[]> elementWhiteList = CreateElementWhiteList();

            // Act
            string htmlFragment = "<A HREF=\"http://www.codeplex.com?url=<SCRIPT>document.write(\"<SCRI\");</SCRIPT>PT SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>\">XSS</A>";
            string actual = target.GetSafeHtmlFragment(htmlFragment, elementWhiteList);

            // Assert
            string expected = "<a href=\"http://www.codeplex.com?url=&lt;&gt;document.write(\"></a>PT SRC=\"http://ha.ckers.org/xss.js\">\">XSS";
            StringAssert.AreEqualIgnoringCase(expected, actual);
        }