mirror of
https://github.com/strapi/strapi.git
synced 2025-07-19 07:02:26 +00:00
48a818041e
* Fix some security issue Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com> * compt node 10 Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com>
29 lines
1.1 KiB
JavaScript
29 lines
1.1 KiB
JavaScript
'use strict';
|
|
|
|
const { isValidEmailTemplate } = require('../email-template');
|
|
|
|
describe('isValidEmailTemplate', () => {
|
|
test('Accepts one valid pattern', () => {
|
|
expect(isValidEmailTemplate('<%= CODE %>')).toBe(true);
|
|
expect(isValidEmailTemplate('<%=CODE%>')).toBe(true);
|
|
});
|
|
|
|
test('Refuses invalid patterns', () => {
|
|
expect(isValidEmailTemplate('<%- CODE %>')).toBe(false);
|
|
expect(isValidEmailTemplate('<% CODE %>')).toBe(false);
|
|
expect(isValidEmailTemplate('<%= <% CODE %> %>')).toBe(false);
|
|
expect(isValidEmailTemplate('<%- <% CODE %> %>')).toBe(false);
|
|
expect(isValidEmailTemplate('${ <% CODE %> }')).toBe(false);
|
|
expect(isValidEmailTemplate('<%CODE%>')).toBe(false);
|
|
expect(isValidEmailTemplate('${CODE}')).toBe(false);
|
|
expect(isValidEmailTemplate('${ CODE }')).toBe(false);
|
|
});
|
|
|
|
test('Fails on non authorized keys', () => {
|
|
expect(isValidEmailTemplate('<% random expression %>')).toBe(false);
|
|
expect(isValidEmailTemplate('<% random expression }%>')).toBe(false);
|
|
expect(isValidEmailTemplate('<% some.var.azdazd %>')).toBe(false);
|
|
expect(isValidEmailTemplate('<% function() %>')).toBe(false);
|
|
});
|
|
});
|