blob: 5ec807af1d398534320221aa2263d770a81e2474 [file] [log] [blame]
<!DOCTYPE html>
<html>
<head>
<script src="../../resources/js-test-pre.js"></script>
<script src="resources/utilities.js"></script>
</head>
<body>
<script>
description("Test URLs that have a query string.");
cases = [
// Regular ASCII case in some different encodings.
["foo=bar", "foo=bar"],
// Allow question marks in the query without escaping
["as?df", "as?df"],
// Always escape '#' since it would mark the ref.
// Disabled because this test requires being able to set the query directly.
// ["as#df", "as%23df"],
// Escape some questionable 8-bit characters, but never unescape.
["\\x02hello\x7f bye", "%02hello%7F%20bye"],
["%40%41123", "%40%41123"],
// Chinese input/output
["q=\u4F60\u597D", "q=%26%2320320%3B%26%2322909%3B"],
// Invalid UTF-8/16 input should be replaced with invalid characters.
["q=\\ud800\\ud800", "q=%26%2355296%3B%26%2355296%3B"],
// Don't allow < or > because sometimes they are used for XSS if the
// URL is echoed in content. Firefox does this, IE doesn't.
["q=<asdf>", "q=%3Casdf%3E"],
// Escape double quotemarks in the query.
["q=\"asdf\"", "q=%22asdf%22"],
];
for (var i = 0; i < cases.length; ++i) {
shouldBe("canonicalize('http://www.example.com/?" + cases[i][0] + "')",
"'http://www.example.com/?" + cases[i][1] + "'");
}
</script>
<script src="../../resources/js-test-post.js"></script>
</body>
</html>