function testWizardRejectsHtmlScriptTags()
{
$badContent = "<script>alert('!');</script>";
$this->get('/widget-wiz/step-one');
try {
$this->submitForm($this->getForm(), array('title' => $badContent, 'goal' => '15', 'currency' => 'USD', 'ending' => $this->in3days(), 'bitcoinAddress' => $this->btcAddr()));
$this->submitForm($this->getForm(), array('about' => $badContent));
} catch (Exception $_) {
# XXX: Until we get proper form-validation in place, we'll just expect to see an
# XXX: exception coming from the 'Paranoid' database layer proclaiming "No angle
# XXX: brackets allowed!".
}
assertEqual(0, count(Widget::getAll()));
}
