DEV: Add test.

DEV: Add test.

Follow-up to bccd090cedd4f49b9a07958292baed462b8c1a1c.

diff --git a/plugins/discourse-details/spec/components/pretty_text_spec.rb b/plugins/discourse-details/spec/components/pretty_text_spec.rb
index 946d56c..aa76830 100644
--- a/plugins/discourse-details/spec/components/pretty_text_spec.rb
+++ b/plugins/discourse-details/spec/components/pretty_text_spec.rb
@@ -41,4 +41,16 @@ describe PrettyText do
     expect(md).to eq(html)
   end
 
+  it 'escapes summary text' do
+    md = PrettyText.cook(<<~EOF)
+      <script>alert('hello')</script>
+      [details="<script>alert('hello')</script>"]
+      <script>alert('hello')</script>
+      [/details]
+    EOF
+    md = PrettyText.format_for_email(md, post)
+
+    expect(md).not_to include('<script>')
+  end
+
 end

GitHub sha: 463db229

1 Like