npm - astro-helmet - Versions diffs - 0.1.2 → 0.1.3 - Mend

astro-helmet 0.1.2 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/package.json +4 -2
package/src/index.ts +13 -1
package/src/renderAttrs.test.ts +113 -0
package/src/{index.test.ts → renderHead.test.ts} +1 -20

package/package.json CHANGED Viewed

@@ -1,13 +1,14 @@
 {
 	"name": "astro-helmet",
 	"type": "module",
-	"version": "0.1.2",
+	"version": "0.1.3",
 	"description": "A document head manager for astro.",
 	"main": "dist/index.js",
 	"types": "dist/index.d.ts",
 	"scripts": {
 		"build": "tsc",
-		"test": "vitest"
+		"test": "vitest",
+		"coverage": "vitest run --coverage"
 	},
 	"keywords": [
 		"astro",
@@ -22,6 +23,7 @@
 	"author": "Ryan Voitiskis",
 	"license": "ISC",
 	"devDependencies": {
+		"@vitest/coverage-v8": "^1.6.0",
 		"prettier": "^3.3.0",
 		"typescript": "^5.4.5",
 		"vitest": "^1.6.0"

package/src/index.ts CHANGED Viewed

@@ -168,8 +168,20 @@ export function renderAttrs(item: BaseItem | ContentItem): string {
 		.filter(([key]) => !['innerHTML', 'priority', 'tagName'].includes(key))
 		.map(([key, value]) => {
 			if (typeof value === 'boolean') return value ? key : ''
-			else return `${key}="${value}"`
+			else if (value === null || value === undefined) return ''
+			else return `${key}="${escapeHtml(String(value))}"`
 		})
 		.filter((attr) => attr !== '')
 		.join(' ')
 }
+function escapeHtml(str: string): string {
+	const escapeMap: Record<string, string> = {
+		'"': '&quot;',
+		'&': '&amp;',
+		'<': '&lt;',
+		'>': '&gt;'
+	}
+	return str.replace(/["&<>]/g, (match) => escapeMap[match] || match)
+}

package/src/renderAttrs.test.ts ADDED Viewed

@@ -0,0 +1,113 @@
+import { renderAttrs } from './index'
+import { describe, it, expect } from 'vitest'
+const testCases = [
+	{
+		description: 'Preload a font with standard attributes',
+		attributes: {
+			rel: 'preload',
+			as: 'font',
+			type: 'font/woff2',
+			crossorigin: 'anonymous',
+			href: '/fonts/InterVariable.woff2'
+		},
+		expected:
+			'rel="preload" as="font" type="font/woff2" crossorigin="anonymous" href="/fonts/InterVariable.woff2"'
+	},
+	{
+		description: 'Link a stylesheet with standard attributes',
+		attributes: {
+			rel: 'stylesheet',
+			href: '/css/styles.css'
+		},
+		expected: 'rel="stylesheet" href="/css/styles.css"'
+	},
+	{
+		description: "Preload font with missing 'as' attribute",
+		attributes: {
+			rel: 'preload',
+			type: 'font/woff2',
+			crossorigin: 'anonymous',
+			href: '/fonts/InterVariable.woff2'
+		},
+		expected:
+			'rel="preload" type="font/woff2" crossorigin="anonymous" href="/fonts/InterVariable.woff2"'
+	},
+	{
+		description: 'Use non-standard rel attribute',
+		attributes: {
+			rel: 'data',
+			href: '/data/config.json'
+		},
+		expected: 'rel="data" href="/data/config.json"'
+	},
+	{
+		description: 'Link tag with invalid type attribute for CSS',
+		attributes: {
+			rel: 'stylesheet',
+			type: 'text/plain',
+			href: '/css/styles.css'
+		},
+		expected: 'rel="stylesheet" type="text/plain" href="/css/styles.css"'
+	},
+	{
+		description: 'Attributes with boolean values',
+		attributes: {
+			async: true,
+			defer: false,
+			src: '/js/script.js'
+		},
+		expected: 'async src="/js/script.js"'
+	},
+	{
+		description: 'Attributes with special characters',
+		attributes: {
+			'data-test': 'value with spaces',
+			'data-test2': 'value with "quotes"',
+			src: '/js/script.js'
+		},
+		expected:
+			'data-test="value with spaces" data-test2="value with &quot;quotes&quot;" src="/js/script.js"'
+	},
+	{
+		description: 'Attributes with empty values',
+		attributes: {
+			rel: '',
+			href: '/css/styles.css'
+		},
+		expected: 'rel="" href="/css/styles.css"'
+	},
+	{
+		description: 'Attributes with undefined values',
+		attributes: {
+			rel: undefined,
+			href: '/css/styles.css'
+		},
+		expected: 'href="/css/styles.css"'
+	},
+	{
+		description: 'Attributes with null values',
+		attributes: {
+			rel: null,
+			href: '/css/styles.css'
+		},
+		expected: 'href="/css/styles.css"'
+	},
+	{
+		description: 'Attributes with number values',
+		attributes: {
+			width: 100,
+			height: 200,
+			src: '/img/image.jpg'
+		},
+		expected: 'width="100" height="200" src="/img/image.jpg"'
+	}
+]
+describe('renderAttrs', () => {
+	testCases.forEach(({ description, attributes, expected }) => {
+		it(description, () => {
+			expect(renderAttrs(attributes)).toEqual(expected)
+		})
+	})
+})

package/src/{index.test.ts → renderHead.test.ts} RENAMED Viewed

@@ -1,5 +1,5 @@
 import { describe, it, expect } from 'vitest'
-import { renderHead, renderAttrs, HeadItems } from './index'
+import { renderHead, HeadItems } from './index'
 describe('renderHead', () => {
 	it('should render the head tags in the correct order', () => {
@@ -19,8 +19,6 @@ describe('renderHead', () => {
 <link rel="stylesheet" href="/styles.css" />
 <meta name="description" content="My page description" />`
-		console.log(renderHead(headItems))
 		expect(renderHead(headItems)).toEqual(expectedOutput)
 	})
@@ -53,20 +51,3 @@ describe('renderHead', () => {
 		expect(renderHead(headItems)).toEqual(expectedOutput)
 	})
 })
-describe('renderAttrs', () => {
-	it('should render boolean attributes correctly', () => {
-		const item = { async: true, src: '/script.js' }
-		expect(renderAttrs(item)).toEqual('async src="/script.js"')
-	})
-	it('should filter out invalid attributes', () => {
-		const item = {
-			innerHTML: '<p>Hello</p>',
-			priority: 1,
-			tagName: 'script',
-			src: '/script.js'
-		}
-		expect(renderAttrs(item)).toEqual('src="/script.js"')
-	})
-})