chore: add unit test and benchmark to URL function

2025-02-06 10:03:16 +00:00 · 2024-04-02 10:08:21 +01:00 · 2024-04-02 10:08:21 +01:00 · 8cc2e944ec
commit 8cc2e944ec
parent 6365f9449e
4 changed files with 78 additions and 20 deletions
--- a/.version
+++ b/.version
@ -1 +1 @@
-0.2.648
+0.2.655
--- a/runtime.go
+++ b/runtime.go
@ -461,25 +461,6 @@ func SanitizeCSS[T ~string](property string, value T) SafeCSS {
 	return SafeCSS(p + ":" + v + ";")
 }

-// Hyperlink sanitization.
-
-// FailedSanitizationURL is returned if a URL fails sanitization checks.
-const FailedSanitizationURL = SafeURL("about:invalid#TemplFailedSanitizationURL")
-
-// URL sanitizes the input string s and returns a SafeURL.
-func URL(s string) SafeURL {
-	if i := strings.IndexRune(s, ':'); i >= 0 && !strings.ContainsRune(s[:i], '/') {
-		protocol := s[:i]
-		if !strings.EqualFold(protocol, "http") && !strings.EqualFold(protocol, "https") && !strings.EqualFold(protocol, "mailto") && !strings.EqualFold(protocol, "tel") && !strings.EqualFold(protocol, "ftp") && !strings.EqualFold(protocol, "ftps") {
-			return FailedSanitizationURL
-		}
-	}
-	return SafeURL(s)
-}
-
-// SafeURL is a URL that has been sanitized.
-type SafeURL string
-
 // Attributes is an alias to map[string]any made for spread attributes.
 type Attributes map[string]any

--- a/url.go
+++ b/url.go
@ -0,0 +1,20 @@
+package templ
+
+import "strings"
+
+// FailedSanitizationURL is returned if a URL fails sanitization checks.
+const FailedSanitizationURL = SafeURL("about:invalid#TemplFailedSanitizationURL")
+
+// URL sanitizes the input string s and returns a SafeURL.
+func URL(s string) SafeURL {
+	if i := strings.IndexRune(s, ':'); i >= 0 && !strings.ContainsRune(s[:i], '/') {
+		protocol := s[:i]
+		if !strings.EqualFold(protocol, "http") && !strings.EqualFold(protocol, "https") && !strings.EqualFold(protocol, "mailto") && !strings.EqualFold(protocol, "tel") && !strings.EqualFold(protocol, "ftp") && !strings.EqualFold(protocol, "ftps") {
+			return FailedSanitizationURL
+		}
+	}
+	return SafeURL(s)
+}
+
+// SafeURL is a URL that has been sanitized.
+type SafeURL string
--- a/url_test.go
+++ b/url_test.go
@ -0,0 +1,57 @@
+package templ
+
+import (
+	"strings"
+	"testing"
+)
+
+type urlTest struct {
+	url             string
+	expectSanitized bool
+}
+
+var urlTests = []urlTest{
+	{"//example.com", false},
+	{"/", false},
+	{"/index", false},
+	{"http://example.com", false},
+	{"https://example.com", false},
+	{"mailto:test@example.com", false},
+	{"tel:+1234567890", false},
+	{"ftp://example.com", false},
+	{"ftps://example.com", false},
+	{"irc://example.com", true},
+	{"bitcoin://example.com", true},
+}
+
+func testURL(t *testing.T, url string, expectSanitized bool) {
+	u := URL(url)
+	wasSanitized := u == FailedSanitizationURL
+	if expectSanitized != wasSanitized {
+		t.Errorf("expected sanitized=%v, got %v", expectSanitized, wasSanitized)
+	}
+}
+
+func TestURL(t *testing.T) {
+	for _, test := range urlTests {
+		t.Run(test.url, func(t *testing.T) {
+			testURL(t, test.url, test.expectSanitized)
+		})
+		test.url = strings.ToUpper(test.url)
+		t.Run(strings.ToUpper(test.url), func(t *testing.T) {
+			testURL(t, test.url, test.expectSanitized)
+		})
+	}
+}
+
+func BenchmarkURL(b *testing.B) {
+	for i := 0; i < b.N; i++ {
+		for _, test := range urlTests {
+			u := URL(test.url)
+			wasSanitized := u == FailedSanitizationURL
+			if test.expectSanitized != wasSanitized {
+				b.Errorf("expected sanitized=%v, got %v", test.expectSanitized, wasSanitized)
+			}
+		}
+	}
+}
 @ -1 +1 @@
 .2.648
 .2.655