update test

Author: pi0

test/utils.test.ts

@@ -43,14 +43,15 @@ describeMatrix("utils", (t, { it, describe, expect }) => {
     });
 
     it("escapes special characters in HTML body", async () => {
-      const malicious = 'https://example.com/"><script>alert(1)</script>';
+      const malicious =
+        'https://example.com/"><script>alert(1)</script>&foo=bar';
       t.app.use(() => redirect(malicious));
       const result = await t.fetch("/");
       expect(result.headers.get("location")).toBe(malicious);
       const body = await result.text();
-      expect(body).not.toContain("<script>");
-      expect(body).toContain("&lt;script&gt;");
-      expect(body).toContain("&quot;");
+      expect(body).toBe(
+        `<html><head><meta http-equiv="refresh" content="0; url=https://example.com/&quot;&gt;&lt;script&gt;alert(1)&lt;/script&gt;&amp;foo=bar" /></head></html>`,
+      );
     });
   });