#!perl
use strict;
use warnings;
use Test::More tests => 18;
use CGI qw/ autoEscape escapeHTML button textfield password_field textarea popup_menu scrolling_list checkbox_group optgroup checkbox radio_group submit image_button button /;
$CGI::Util::SORT_ATTRIBUTES = 1;
is (button(-name => 'test<'), '', "autoEscape defaults to On");
my $before = escapeHTML("test<");
autoEscape(undef);
my $after = escapeHTML("test<");
is($before, "test<", "reality check escapeHTML");
is ($before, $after, "passing undef to autoEscape doesn't break escapeHTML");
is (button(-name => 'test<'), '', "turning off autoescape actually works");
autoEscape(1);
is (button(-name => 'test<'), '', "autoescape turns back on");
$before = escapeHTML("test<");
autoEscape(0);
$after = escapeHTML("test<");
is ($before, $after, "passing 0 to autoEscape doesn't break escapeHTML");
# RT #25485: Needs Tests: autoEscape() bypassed for Javascript handlers, except in button()
autoEscape(undef);
is(textfield(
{
default => 'text field',
onclick => 'alert("===> text field")',
},
),
qq{ text field")" />},
'autoescape javascript turns off for textfield'
);
is(password_field(
{
default => 'password field',
onclick => 'alert("===> password
field")',
},
),
qq{ password
field")" />},
'autoescape javascript turns off for password field'
);
is(textarea(
{
name => 'foo',
default => 'text area',
rows => 10,
columns => 50,
onclick => 'alert("===> text area")',
},
),
qq{},
'autoescape javascript turns off for textarea'
);
is(popup_menu(
{
name => 'menu_name',
values => ['eenie','meenie','minie'],
default => 'meenie',
onclick => 'alert("===> popup menu")',
}
),
qq{},
'autoescape javascript turns off for popup_menu'
);
is(popup_menu(
-name=>'menu_name',
onclick => 'alert("===> menu group")',
-values=>[
qw/eenie meenie minie/,
optgroup(
-name=>'optgroup_name',
onclick =>
'alert("===> menu group option")',
-values => ['moe','catch'],
-attributes=>{'catch'=>{'class'=>'red'}}
)
],
-labels=>{
'eenie'=>'one',
'meenie'=>'two',
'minie'=>'three'
},
-default=>'meenie'
),
qq{},
'autoescape javascript turns off for popup_menu #2'
);
is(scrolling_list(
-name=>'list_name',
onclick => 'alert("===> scrolling
list")',
-values=>['eenie','meenie','minie','moe'],
-default=>['eenie','moe'],
-size=>5,
-multiple=>'true',
),
qq{},
'autoescape javascript turns off for scrolling list'
);
is(checkbox_group(
-name=>'group_name',
onclick => 'alert("===> checkbox group")',
-values=>['eenie','meenie','minie','moe'],
-default=>['eenie','moe'],
-linebreak=>'true',
),
qq{
},
'autoescape javascript turns off for checkbox group'
);
is(checkbox(
-name=>'checkbox_name',
onclick => 'alert("===> single checkbox")',
onchange => 'alert("===> single checkbox
changed")',
-checked=>1,
-value=>'ON',
-label=>'CLICK ME'
),
qq{},
'autoescape javascript turns off for checkbox'
);
is(radio_group(
{
name=>'group_name',
onclick => 'alert("===> radio group")',
values=>['eenie','meenie','minie','moe'],
rows=>2,
columns=>2,
}
),
qq{