public void AnchorTagMixedEncodingXSSTest()
{
// Arrange
DefaultHtmlSanitizer target = new DefaultHtmlSanitizer();
Dictionary<string, string[]> elementWhiteList = CreateElementWhiteList();
// Act
string htmlFragment = @"<A HREF=""h
tt p://6	6.000146.0x7.147/"">XSS</A>";
string actual = target.GetSafeHtmlFragment(htmlFragment, elementWhiteList);
// Assert
string expected = "<a href=\"h\r\ntt\tp://6&#9;6.000146.0x7.147/\">XSS</a>";
StringAssert.AreEqualIgnoringCase(expected, actual);
}