public void ImageXSS2Test() { // Arrange var sanitizer = new HtmlSanitizer(); // Act string htmlFragment = "<IMG SRC=javascript:alert('XSS')>"; string actual = sanitizer.Sanitize(htmlFragment); // Assert string expected = "<IMG>"; Assert.That(actual, Is.EqualTo(expected).IgnoreCase); }