diff --git a/package.json b/package.json
index ca40fd356..89c850db2 100644
--- a/package.json
+++ b/package.json
@@ -18,7 +18,7 @@
   "bugs": "https://github.com/josdejong/jsoneditor/issues",
   "scripts": {
     "build": "gulp",
-    "build-assets": "gulp build-assets"
+    "test": "mocha test"
   },
   "dependencies": {
     "brace": "^0.4.1",
@@ -31,6 +31,7 @@
     "gulp-shell": "^0.3.0",
     "gulp-util": "^3.0.3",
     "mkdirp": "^0.5.0",
+    "mocha": "^2.1.0",
     "uglify-js": "^2.4.16",
     "webpack": "^1.5.3"
   }
diff --git a/src/js/util.js b/src/js/util.js
index 9ede6fdf7..10ae41614 100644
--- a/src/js/util.js
+++ b/src/js/util.js
@@ -54,6 +54,7 @@ exports.sanitize = function (jsString) {
     chars.push(c);
     i++;
   }
+
   var jsonString = chars.join('');
 
   // replace unescaped single quotes with double quotes,
@@ -71,11 +72,11 @@ exports.sanitize = function (jsString) {
   jsonString = jsonString.replace(/\/\*(.|[\r\n])*?\*\//g,'');//Remove all code comments
 
   //If JSON starts with a function (Carachters/digist/"_-"), remove this function. 
-  //This is usefull for "stripping" JSONP objects to become JSON
+  //This is useful for "stripping" JSONP objects to become JSON
   //For example: function_12321321 ( [{"a":"b"}] ); => [{"a":"b"}]
   var match = jsonString.match(/^\s*[\dA-z_$]+\s*\(([\s\S]*)\)\s*;?\s*$/);
   if (match) {
-    var jsonString = match[1];
+    jsonString = match[1];
   }
 
   return jsonString;
diff --git a/test/util.test.js b/test/util.test.js
new file mode 100644
index 000000000..dcf4f9dcc
--- /dev/null
+++ b/test/util.test.js
@@ -0,0 +1,43 @@
+var assert = require('assert');
+var util = require('../src/js/util');
+
+describe('util', function () {
+
+  describe('sanitize', function () {
+
+    it('should replace JavaScript with JSON', function () {
+      assert.equal(util.sanitize('{a:2}'), '{"a":2}');
+      assert.equal(util.sanitize('{\'a\':2}'), '{"a":2}');
+      assert.equal(util.sanitize('{a:\'foo\'}'), '{"a":"foo"}');
+
+      // handle escape characters
+      assert.equal(util.sanitize('{a:"foo\'bar"}'), '{"a":"foo\'bar"}');
+      assert.equal(util.sanitize('{a:"foo\\"bar"}'), '{"a":"foo\\"bar"}');
+      assert.equal(util.sanitize('{a:\'foo"bar\'}'), '{"a":"foo\\"bar"}');
+      assert.equal(util.sanitize('{a:"foo\\\'bar"}'), '{"a":"foo\'bar"}');
+    });
+
+    it('should strip JSONP notation', function () {
+      // matching
+      assert.equal(util.sanitize('callback_123({});'), '{}');
+      assert.equal(util.sanitize('callback_123([]);'), '[]');
+      assert.equal(util.sanitize('callback_123(2);'), '2');
+      assert.equal(util.sanitize('callback_123("foo");'), '"foo"');
+      assert.equal(util.sanitize('callback_123(null);'), 'null');
+      assert.equal(util.sanitize('callback_123(true);'), 'true');
+      assert.equal(util.sanitize('callback_123(false);'), 'false');
+      assert.equal(util.sanitize('/* foo bar */ callback_123 ({})'), '{}');
+      assert.equal(util.sanitize('/* foo bar */ callback_123 ({})'), '{}');
+      assert.equal(util.sanitize('/* foo bar */\ncallback_123({})'), '{}');
+      assert.equal(util.sanitize('/* foo bar */ callback_123 (  {}  )'), '  {}  ');
+
+      // non-matching
+      assert.equal(util.sanitize('callback abc({});'), 'callback abc({});');
+      assert.equal(util.sanitize('callback {}'), 'callback {}');
+      assert.equal(util.sanitize('callback({}'), 'callback({}');
+    });
+
+  });
+
+  // TODO: thoroughly test all util methods
+});
\ No newline at end of file