From: Eric Wong <e@80x24.org>
Date: Sun, 27 Jan 2019 11:35:29 +0000 (+0000)
Subject: t/hl_mod: extra check to ensure we escape HTML
X-Git-Tag: v1.2.0~397^2~13
X-Git-Url: http://www.git.stargrave.org/?a=commitdiff_plain;h=3998cdd1c94661687cee413b01b95422cf02c34a;p=public-inbox.git

t/hl_mod: extra check to ensure we escape HTML

Otherwise, it's open season on our users :<
---

diff --git a/t/hl_mod.t b/t/hl_mod.t
index b8b8eb9d..62cc6248 100644
--- a/t/hl_mod.t
+++ b/t/hl_mod.t
@@ -20,6 +20,7 @@ my $orig = $str;
 	my $ref = $hls->do_hl(\$str, 'foo.perl');
 	is(ref($ref), 'SCALAR', 'got a scalar reference back');
 	like($$ref, qr/I can see you!/, 'we can see ourselves in output');
+	like($$ref, qr/&amp;&amp;/, 'escaped');
 
 	use PublicInbox::Spawn qw(which);
 	if (eval { require IPC::Run } && which('w3m')) {