diff options
-rw-r--r-- | lib/rdoc/generator/template/darkfish/index.rhtml | 2 | ||||
-rw-r--r-- | test/rdoc/test_rdoc_generator_darkfish.rb | 21 |
2 files changed, 22 insertions, 1 deletions
diff --git a/lib/rdoc/generator/template/darkfish/index.rhtml b/lib/rdoc/generator/template/darkfish/index.rhtml index 13fa3dcc7f..423e225b68 100644 --- a/lib/rdoc/generator/template/darkfish/index.rhtml +++ b/lib/rdoc/generator/template/darkfish/index.rhtml @@ -17,6 +17,6 @@ main_page = @files.find { |f| f.full_name == @options.main_page } then %> <%= main_page.description %> <%- else -%> -<p>This is the API documentation for <%= @title %>. +<p>This is the API documentation for <%= h @title %>. <%- end -%> </main> diff --git a/test/rdoc/test_rdoc_generator_darkfish.rb b/test/rdoc/test_rdoc_generator_darkfish.rb index ae3a4c5ebf..1cee3e44ab 100644 --- a/test/rdoc/test_rdoc_generator_darkfish.rb +++ b/test/rdoc/test_rdoc_generator_darkfish.rb @@ -248,6 +248,22 @@ class TestRDocGeneratorDarkfish < RDoc::TestCase assert_include File.read('index.html'), %Q[href="./#{base}"] end + def test_title + title = "RDoc Test".freeze + @options.title = title + @g.generate + + assert_main_title(File.read('index.html'), title) + end + + def test_title_escape + title = %[<script>alert("RDoc")</script>].freeze + @options.title = title + @g.generate + + assert_main_title(File.read('index.html'), title) + end + ## # Asserts that +filename+ has a link count greater than 1 if hard links to # @tmpdir are supported. @@ -271,4 +287,9 @@ class TestRDocGeneratorDarkfish < RDoc::TestCase "#{filename} is not hard-linked" end + def assert_main_title(content, title) + title = CGI.escapeHTML(title) + assert_equal(title, content[%r[<title>(.*?)<\/title>]im, 1]) + assert_include(content[%r[<main\s[^<>]*+>\s*(.*?)</main>]im, 1], title) + end end |