t/tags.t: Test of automatic escaping of user data

Test that user data passed to XML::Tags::to_xml_string is automatically escaped
(to protect against cross-side scripting attacks), and that mechanism to turned
automatic off escaping works.

This test can also serve as example on how to turn off autoescaping of user
data.

Signed-off-by: Jakub Narebski <jnareb@gmail.com>

diff --git a/t/tags.t b/t/tags.t
index af792cb..6c5a5e5 100644 (file)
--- a/t/tags.t
+++ b/t/tags.t
@@ -31,12 +31,12 @@ use Test::More qw(no_plan);
     <woo ent="$ent">;
   }
 
-sub flaax {
-  use XML::Tags qw(woo);
-  my $data = "one&two<three>four";
-  <woo>,  $data, </woo>,
-  <woo>, \$data, </woo>;
-}
+  sub flaax {
+    use XML::Tags qw(woo);
+    my $data = "one&two<three>four";
+    <woo>,  $data, </woo>,
+    <woo>, \$data, </woo>;
+  }
 
   sub globbery {
     <t/globbery/*>;