1 /* 2 * Copyright 2002-2011 the original author or authors. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package org.springframework.web.servlet.tags; 18 19 import javax.servlet.jsp.JspException; 20 import javax.servlet.jsp.PageContext; 21 import javax.servlet.jsp.tagext.BodyTag; 22 import javax.servlet.jsp.tagext.Tag; 23 24 import org.springframework.mock.web.MockServletContext; 25 import org.springframework.web.util.WebUtils; 26 27 /** 28 * @author Juergen Hoeller 29 * @author Alef Arendsen 30 */ 31 public class HtmlEscapeTagTests extends AbstractTagTests { 32 testHtmlEscapeTag()33 public void testHtmlEscapeTag() throws JspException { 34 PageContext pc = createPageContext(); 35 HtmlEscapeTag tag = new HtmlEscapeTag(); 36 tag.setPageContext(pc); 37 tag.doStartTag(); 38 HtmlEscapingAwareTag testTag = new HtmlEscapingAwareTag() { 39 public int doStartTagInternal() throws Exception { 40 return EVAL_BODY_INCLUDE; 41 } 42 }; 43 testTag.setPageContext(pc); 44 testTag.doStartTag(); 45 46 assertTrue("Correct default", !tag.getRequestContext().isDefaultHtmlEscape()); 47 assertTrue("Correctly applied", !testTag.isHtmlEscape()); 48 tag.setDefaultHtmlEscape("true"); 49 assertTrue("Correct doStartTag return value", tag.doStartTag() == Tag.EVAL_BODY_INCLUDE); 50 assertTrue("Correctly enabled", tag.getRequestContext().isDefaultHtmlEscape()); 51 assertTrue("Correctly applied", testTag.isHtmlEscape()); 52 tag.setDefaultHtmlEscape("false"); 53 assertTrue("Correct doStartTag return value", tag.doStartTag() == Tag.EVAL_BODY_INCLUDE); 54 assertTrue("Correctly disabled", !tag.getRequestContext().isDefaultHtmlEscape()); 55 assertTrue("Correctly applied", !testTag.isHtmlEscape()); 56 57 tag.setDefaultHtmlEscape("true"); 58 assertTrue("Correct doStartTag return value", tag.doStartTag() == Tag.EVAL_BODY_INCLUDE); 59 testTag.setHtmlEscape("true"); 60 assertTrue("Correctly enabled", tag.getRequestContext().isDefaultHtmlEscape()); 61 assertTrue("Correctly applied", testTag.isHtmlEscape()); 62 testTag.setHtmlEscape("false"); 63 assertTrue("Correctly enabled", tag.getRequestContext().isDefaultHtmlEscape()); 64 assertTrue("Correctly applied", !testTag.isHtmlEscape()); 65 tag.setDefaultHtmlEscape("false"); 66 assertTrue("Correct doStartTag return value", tag.doStartTag() == Tag.EVAL_BODY_INCLUDE); 67 testTag.setHtmlEscape("true"); 68 assertTrue("Correctly disabled", !tag.getRequestContext().isDefaultHtmlEscape()); 69 assertTrue("Correctly applied", testTag.isHtmlEscape()); 70 testTag.setHtmlEscape("false"); 71 assertTrue("Correctly disabled", !tag.getRequestContext().isDefaultHtmlEscape()); 72 assertTrue("Correctly applied", !testTag.isHtmlEscape()); 73 } 74 testHtmlEscapeTagWithContextParamTrue()75 public void testHtmlEscapeTagWithContextParamTrue() throws JspException { 76 PageContext pc = createPageContext(); 77 MockServletContext sc = (MockServletContext) pc.getServletContext(); 78 sc.addInitParameter(WebUtils.HTML_ESCAPE_CONTEXT_PARAM, "true"); 79 HtmlEscapeTag tag = new HtmlEscapeTag(); 80 tag.setDefaultHtmlEscape("false"); 81 tag.setPageContext(pc); 82 tag.doStartTag(); 83 84 assertTrue("Correct default", !tag.getRequestContext().isDefaultHtmlEscape()); 85 tag.setDefaultHtmlEscape("true"); 86 assertTrue("Correct doStartTag return value", tag.doStartTag() == Tag.EVAL_BODY_INCLUDE); 87 assertTrue("Correctly enabled", tag.getRequestContext().isDefaultHtmlEscape()); 88 tag.setDefaultHtmlEscape("false"); 89 assertTrue("Correct doStartTag return value", tag.doStartTag() == Tag.EVAL_BODY_INCLUDE); 90 assertTrue("Correctly disabled", !tag.getRequestContext().isDefaultHtmlEscape()); 91 } 92 testHtmlEscapeTagWithContextParamFalse()93 public void testHtmlEscapeTagWithContextParamFalse() throws JspException { 94 PageContext pc = createPageContext(); 95 MockServletContext sc = (MockServletContext) pc.getServletContext(); 96 HtmlEscapeTag tag = new HtmlEscapeTag(); 97 tag.setPageContext(pc); 98 tag.doStartTag(); 99 100 sc.addInitParameter(WebUtils.HTML_ESCAPE_CONTEXT_PARAM, "false"); 101 assertTrue("Correct default", !tag.getRequestContext().isDefaultHtmlEscape()); 102 tag.setDefaultHtmlEscape("true"); 103 assertTrue("Correct doStartTag return value", tag.doStartTag() == Tag.EVAL_BODY_INCLUDE); 104 assertTrue("Correctly enabled", tag.getRequestContext().isDefaultHtmlEscape()); 105 tag.setDefaultHtmlEscape("false"); 106 assertTrue("Correct doStartTag return value", tag.doStartTag() == Tag.EVAL_BODY_INCLUDE); 107 assertTrue("Correctly disabled", !tag.getRequestContext().isDefaultHtmlEscape()); 108 } 109 testEscapeBody()110 public void testEscapeBody() throws JspException { 111 PageContext pc = createPageContext(); 112 final StringBuffer result = new StringBuffer(); 113 EscapeBodyTag tag = new EscapeBodyTag() { 114 protected String readBodyContent() { 115 return "test text"; 116 } 117 protected void writeBodyContent(String content) { 118 result.append(content); 119 } 120 }; 121 tag.setPageContext(pc); 122 assertEquals(BodyTag.EVAL_BODY_BUFFERED, tag.doStartTag()); 123 assertEquals(Tag.SKIP_BODY, tag.doAfterBody()); 124 assertEquals("test text", result.toString()); 125 } 126 testEscapeBodyWithHtmlEscape()127 public void testEscapeBodyWithHtmlEscape() throws JspException { 128 PageContext pc = createPageContext(); 129 final StringBuffer result = new StringBuffer(); 130 EscapeBodyTag tag = new EscapeBodyTag() { 131 protected String readBodyContent() { 132 return "test & text"; 133 } 134 protected void writeBodyContent(String content) { 135 result.append(content); 136 } 137 }; 138 tag.setPageContext(pc); 139 tag.setHtmlEscape("true"); 140 assertEquals(BodyTag.EVAL_BODY_BUFFERED, tag.doStartTag()); 141 assertEquals(Tag.SKIP_BODY, tag.doAfterBody()); 142 assertEquals("test & text", result.toString()); 143 } 144 testEscapeBodyWithJavaScriptEscape()145 public void testEscapeBodyWithJavaScriptEscape() throws JspException { 146 PageContext pc = createPageContext(); 147 final StringBuffer result = new StringBuffer(); 148 EscapeBodyTag tag = new EscapeBodyTag() { 149 protected String readBodyContent() { 150 return "' test & text \\"; 151 } 152 protected void writeBodyContent(String content) { 153 result.append(content); 154 } 155 }; 156 tag.setPageContext(pc); 157 tag.setJavaScriptEscape("true"); 158 assertEquals(BodyTag.EVAL_BODY_BUFFERED, tag.doStartTag()); 159 assertEquals(Tag.SKIP_BODY, tag.doAfterBody()); 160 assertEquals("Correct content", "\\' test & text \\\\", result.toString()); 161 } 162 testEscapeBodyWithHtmlEscapeAndJavaScriptEscape()163 public void testEscapeBodyWithHtmlEscapeAndJavaScriptEscape() throws JspException { 164 PageContext pc = createPageContext(); 165 final StringBuffer result = new StringBuffer(); 166 EscapeBodyTag tag = new EscapeBodyTag() { 167 protected String readBodyContent() { 168 return "' test & text \\"; 169 } 170 protected void writeBodyContent(String content) { 171 result.append(content); 172 } 173 }; 174 tag.setPageContext(pc); 175 tag.setHtmlEscape("true"); 176 tag.setJavaScriptEscape("true"); 177 assertEquals(BodyTag.EVAL_BODY_BUFFERED, tag.doStartTag()); 178 assertEquals(Tag.SKIP_BODY, tag.doAfterBody()); 179 assertEquals("Correct content", "' test & text \\\\", result.toString()); 180 } 181 182 } 183