AjaxControlToolkit.Tests.HtmlSanititzer.DefaultHtmlsanitizerSanitizerTests.AnchorTagNonAlphaNonDigitXSSTest C# (CSharp) Метод

        public void AnchorTagNonAlphaNonDigitXSSTest()
        {
            // Arrange
            DefaultHtmlSanitizer target = new DefaultHtmlSanitizer();
            Dictionary<string, string[]> elementWhiteList = CreateElementWhiteList();

            // Act
            string htmlFragment = "<A HREF=\"http://www.codeplex.com?url=<SCRIPT/XSS SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>\">XSS</A>";
            string actual = target.GetSafeHtmlFragment(htmlFragment, elementWhiteList);

            // Assert
            string expected = "<a href=\"http://www.codeplex.com?url=&lt;/XSS SRC=\">\">XSS</a>";
            StringAssert.AreEqualIgnoringCase(expected, actual);
        }