Example 1 with HTMLAnchorElement
use of com.gargoylesoftware.htmlunit.javascript.host.html.HTMLAnchorElement in project htmlunit by HtmlUnit.
the class Document method setLocation.
/**
* Sets the value of the {@code location} property. The location's default property is "href",
* so setting "document.location='http://www.sf.net'" is equivalent to setting
* "document.location.href='http://www.sf.net'".
* @see <a href="http://msdn.microsoft.com/en-us/library/ms535866.aspx">MSDN documentation</a>
* @param location the location to navigate to
* @throws IOException when location loading fails
*/
@JsxSetter
public void setLocation(final String location) throws IOException {
final Object event = getWindow().getEvent();
if (event instanceof UIEvent) {
final Object target = ((UIEvent) event).getTarget();
if (target instanceof HTMLAnchorElement) {
final String href = ((HTMLAnchorElement) target).getHref();
}
}
window_.setLocation(location);
}
Also used :
UIEvent(com.gargoylesoftware.htmlunit.javascript.host.event.UIEvent)
HTMLAnchorElement(com.gargoylesoftware.htmlunit.javascript.host.html.HTMLAnchorElement)
ScriptableObject(net.sourceforge.htmlunit.corejs.javascript.ScriptableObject)
FunctionObject(net.sourceforge.htmlunit.corejs.javascript.FunctionObject)
JsxSetter(com.gargoylesoftware.htmlunit.javascript.configuration.JsxSetter)
Example 2 with HTMLAnchorElement
use of com.gargoylesoftware.htmlunit.javascript.host.html.HTMLAnchorElement in project jenkins by jenkinsci.
the class HeteroListTest method xssPrevented_heteroList_usingDescriptorDisplayName.
@Test
@Issue("SECURITY-2035")
public void xssPrevented_heteroList_usingDescriptorDisplayName() throws Exception {
JenkinsRule.WebClient wc = j.createWebClient();
RootActionImpl rootAction = ExtensionList.lookupSingleton(RootActionImpl.class);
TestItemDescribable.DynamicDisplayNameDescriptor dynamic = ExtensionList.lookupSingleton(TestItemDescribable.DynamicDisplayNameDescriptor.class);
rootAction.descriptorList = Collections.singletonList(dynamic);
dynamic.displayName = "Display<strong>Name</strong>";
HtmlPage page = wc.goTo("root");
page.executeJavaScript("document.querySelector('.hetero-list-add').click();");
Object result = page.executeJavaScript("document.querySelector('.yuimenuitem a')").getJavaScriptResult();
assertThat(result, instanceOf(HTMLAnchorElement.class));
HTMLAnchorElement menuItem = (HTMLAnchorElement) result;
String menuItemContent = menuItem.getInnerHTML();
assertThat(menuItemContent, not(containsString("<")));
}
Also used :
HTMLAnchorElement(com.gargoylesoftware.htmlunit.javascript.host.html.HTMLAnchorElement)
HtmlPage(com.gargoylesoftware.htmlunit.html.HtmlPage)
JenkinsRule(org.jvnet.hudson.test.JenkinsRule)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
Issue(org.jvnet.hudson.test.Issue)
Test(org.junit.Test)
Aggregations
HTMLAnchorElement (com.gargoylesoftware.htmlunit.javascript.host.html.HTMLAnchorElement)2
HtmlPage (com.gargoylesoftware.htmlunit.html.HtmlPage)1
JsxSetter (com.gargoylesoftware.htmlunit.javascript.configuration.JsxSetter)1
UIEvent (com.gargoylesoftware.htmlunit.javascript.host.event.UIEvent)1
FunctionObject (net.sourceforge.htmlunit.corejs.javascript.FunctionObject)1
ScriptableObject (net.sourceforge.htmlunit.corejs.javascript.ScriptableObject)1
CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)1
Test (org.junit.Test)1
Issue (org.jvnet.hudson.test.Issue)1
JenkinsRule (org.jvnet.hudson.test.JenkinsRule)1
