42 lines
1.4 KiB
HTML
42 lines
1.4 KiB
HTML
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<meta charset="windows-1252">
|
|
<script src="../../resources/js-test-pre.js"></script>
|
|
<script src="resources/utilities.js"></script>
|
|
</head>
|
|
<body>
|
|
<script>
|
|
description("Test URLs that have a query string.");
|
|
|
|
cases = [
|
|
// Regular ASCII case in some different encodings.
|
|
["foo=bar", "foo=bar"],
|
|
// Allow question marks in the query without escaping
|
|
["as?df", "as?df"],
|
|
// Always escape '#' since it would mark the ref.
|
|
// Disabled because this test requires being able to set the query directly.
|
|
// ["as#df", "as%23df"],
|
|
// Escape some questionable 8-bit characters, but never unescape.
|
|
["\\x02hello\x7f bye", "%02hello%7F%20bye"],
|
|
["%40%41123", "%40%41123"],
|
|
// Chinese input/output
|
|
["q=\u4F60\u597D", "q=%26%2320320%3B%26%2322909%3B"],
|
|
// Invalid UTF-8/16 input should be replaced with invalid characters.
|
|
["q=\\ud800\\ud800", "q=%26%2355296%3B%26%2355296%3B"],
|
|
// Don't allow < or > because sometimes they are used for XSS if the
|
|
// URL is echoed in content. Firefox does this, IE doesn't.
|
|
["q=<asdf>", "q=%3Casdf%3E"],
|
|
// Escape double quotemarks in the query.
|
|
["q=\"asdf\"", "q=%22asdf%22"],
|
|
];
|
|
|
|
for (var i = 0; i < cases.length; ++i) {
|
|
shouldBe("canonicalize('http://www.example.com/?" + cases[i][0] + "')",
|
|
"'http://www.example.com/?" + cases[i][1] + "'");
|
|
}
|
|
</script>
|
|
<script src="../../resources/js-test-post.js"></script>
|
|
</body>
|
|
</html>
|