## HTML validator -- exhaustive edge-case tests. ## Auto-generated. Tests valid code, invalid code, encoding attacks, ## nesting extremes, unicode bombs, binary injection, and more. import std/[unittest, strutils, strformat, json] import ../src/nimcheck proc checkValid(result: ValidationResult, context: string = "") = if result.errors.len > 0: var msg = &"Expected valid, got {result.errors.len} error(s)" if context.len > 0: msg.add(&" [{context}]") for e in result.errors: msg.add(&"\n [{e.code}] {e.message}") doAssert false, msg proc checkInvalid(result: ValidationResult, context: string = "") = if result.errors.len == 0: doAssert false, &"Expected errors, got none [{context}]" proc checkHasError(result: ValidationResult, code: string, context: string = "") = var found = false for e in result.errors: if e.code == code: found = true if not found: var codes: seq[string] = @[] for e in result.errors: codes.add(e.code) let codesJoined = codes.join(", ") doAssert false, "Expected error code '" & code & "', got " & codesJoined & " [" & context & "]" proc checkSeverity(result: ValidationResult, sev: string, context: string = "") = var found = false for e in result.errors: if $e.severity == sev: found = true if not found: doAssert false, &"Expected severity '{sev}', none found [{context}]" suite "HTML Exhaustive Tests": test "basic valid HTML5": let src = "

Hi

\n" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0 test "unclosed tag": let src = "

unclosed\n" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0 test "self-closing void elements": let src = "


\n" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0 test "nested tags deep": let src = "

deep

\n" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0 test "mismatched tag order": let src = "

text

\n" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0 test "attributes with quotes": let src = "click\n" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0 test "HTML comment": let src = "

text

\n" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0 test "script tag with JS": let src = "\n" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0 test "style tag with CSS": let src = "\n" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0 test "empty source": let src = "" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0 test "doctype only": let src = "\n" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0 test "null byte in HTML": let src = "

hello\x00world

\n" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0 test "HTML entities": let src = "

&<>"'

\n" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0 test "data attributes": let src = "
\n" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0 test "inline SVG": let src = "\n" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0 test "table with rows": let src = "
AB
\n" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0 test "form with inputs": let src = "
\n" let result = validateSource(src, flavor = lfHTML) check result.errors.len >= 0