scenario 'Sanitizes comment body for security' do
    create :comment, commentable: proposal,
                     body: "<script>alert('hola')</script> <a href=\"javascript:alert('sorpresa!')\">click me<a/> http://www.url.com"

    visit proposal_path(proposal)