XSS Protection Test for Markdown Editor v1.3.1

Test Cases:

", expected: "Should escape script tags" }, { name: "Script injection in bold text", input: "****", expected: "Should escape script tags" }, { name: "Script injection in code block", input: "```\n\n```", expected: "Should escape script tags" }, { name: "Malicious link", input: "[Click me](javascript:alert('XSS'))", expected: "Should reject javascript: URLs" }, { name: "Valid link", input: "[Google](https://google.com)", expected: "Should allow valid HTTPS URLs" }, { name: "Malicious image", input: "![Alt](javascript:alert('XSS'))", expected: "Should reject javascript: URLs" } ]; const resultsDiv = document.getElementById('test-results'); testCases.forEach(test => { const result = parseMarkdown(test.input); const testDiv = document.createElement('div'); testDiv.innerHTML = `

${test.name}

Input: ${escapeHtml(test.input)}

Expected: ${test.expected}

Output: ${escapeHtml(result)}

Rendered:

${result}

`; resultsDiv.appendChild(testDiv); });