!! end
!! test
- evil <math>-wiki-tags without Extension:Math enabled
+ Tags which are hidden from Tidy cannot pass through the Sanitizer
!! wikitext
- <math><img src="some evil external link"><script>some_evil_javascript();</script></math>
+ <mw:toc><script>alert();</script></mw:toc>
!! html+tidy
- <p><math><img src="some evil external link"><script>some_evil_javascript();</script></math></p>
+ <p><mw:toc><script>alert();</script></mw:toc></p>
!! end
###
!! end
+!! test
+T35715: s/strike element in ToC
+!! wikitext
+__TOC__
+== <s>test</s> test <strike>test</strike> ==
+!! html
+<div id="toc" class="toc"><div id="toctitle"><h2>Contents</h2></div>
+<ul>
+<li class="toclevel-1 tocsection-1"><a href="#test_test_test"><span class="tocnumber">1</span> <span class="toctext"><s>test</s> test <strike>test</strike></span></a></li>
+</ul>
+</div>
+
+<h2><span class="mw-headline" id="test_test_test"><s>test</s> test <strike>test</strike></span><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/index.php?title=Parser_test&action=edit&section=1" title="Edit section: test test test">edit</a><span class="mw-editsection-bracket">]</span></span></h2>
+
+!! end
+
# Note that the html output does not have the <p></p>, but the
# html+tidy output *does*. This is because the empty <p></p> is
# removed by the sanitizer, but only when tidy is *not* enabled (!).