#li3 > Lithium Documentation > lithium/tests/cases/template/HelperTest::testDefaultEscaping()

Extends

Tests the default escaping for HTML output. When implementing helpers that do not output HTML/XML, the `escape()` method should be overridden accordingly.

Returns

void

Source

						public function testDefaultEscaping() {
		$result = $this->helper->escape('<script>alert("XSS!");</script>');
		$expected = '&lt;script&gt;alert(&quot;XSS!&quot;);&lt;/script&gt;';
		$this->assertEqual($expected, $result);

		$result = $this->helper->escape('<script>//alert("XSS!");</script>', null, array(
			'escape' => false
		));
		$expected = '<script>//alert("XSS!");</script>';
		$this->assertEqual($expected, $result);

		$result = $this->helper->escape(array(
			'<script>alert("XSS!");</script>', '<script>alert("XSS!");</script>'
		));
		$expected = array(
			'&lt;script&gt;alert(&quot;XSS!&quot;);&lt;/script&gt;',
			'&lt;script&gt;alert(&quot;XSS!&quot;);&lt;/script&gt;'
		);
		$this->assertEqual($expected, $result);
	}