public function testShouldAutoEscapeHtml()
{
$this->specify("The output() method outputs HTML incorrectly", function ($function) {
$flash = $this->getFlash();
$flash->setAutoescape(false);
$flash->{$function}("<script>alert('This will execute as JavaScript!')</script>");
expect($flash->getMessages($function))->equals(["<script>alert('This will execute as JavaScript!')</script>"]);
ob_start();
$flash->{$function}("<script>alert('This will execute as JavaScript!')</script>");
$flash->output();
$actual = ob_get_contents();
ob_end_clean();
expect($actual)->equals("<div class=\"{$function}Message\"><script>alert('This will execute as JavaScript!')</script></div>" . PHP_EOL);
$flash->setAutoescape(true);
$flash->{$function}("<script>alert('This will execute as JavaScript!')</script>");
expect($flash->getMessages($function))->equals(["<script>alert('This will execute as JavaScript!')</script>"]);
ob_start();
$flash->{$function}("<script>alert('This will execute as JavaScript!')</script>");
$flash->output();
$actual = ob_get_contents();
ob_end_clean();
expect($actual)->equals("<div class=\"{$function}Message\"><script>alert('This will execute as JavaScript!')</script></div>" . PHP_EOL);
}, ['examples' => [['error'], ['success'], ['notice'], ['warning']]]);
}
