commit: b5a9c6b3d292abc7e47d8a6f830f6b5589c04862
parent: 60f3230a05247a65f6dee346fd9ddaa24bc6f34d
Author: Eugen Rochko <eugen@zeonfederated.com>
Date: Fri, 12 May 2017 17:46:44 +0200
Prepend reblogs' wrapper content with "RT @original_author", (#3013)
so that when a reblog parse fails on another instance, it doesn't
look like a misattributed/stolen text
Diffstat:
3 files changed, 83 insertions(+), 39 deletions(-)
diff --git a/app/lib/atom_serializer.rb b/app/lib/atom_serializer.rb
@@ -337,7 +337,7 @@ class AtomSerializer
def serialize_status_attributes(entry, status)
append_element(entry, 'summary', Formatter.instance.format(status.proper, :spoiler_text, false).to_str, 'xml:lang': status.language, type: 'html') if status.spoiler_text?
- append_element(entry, 'content', Formatter.instance.format(status.proper).to_str, type: 'html', 'xml:lang': status.language)
+ append_element(entry, 'content', Formatter.instance.format(status).to_str, type: 'html', 'xml:lang': status.language)
status.mentions.each do |mentioned|
append_element(entry, 'link', nil, rel: :mentioned, 'ostatus:object-type': TagManager::TYPES[:person], href: TagManager.instance.uri_for(mentioned.account))
diff --git a/app/lib/formatter.rb b/app/lib/formatter.rb
@@ -10,13 +10,24 @@ class Formatter
include ActionView::Helpers::TextHelper
def format(status, attribute = :text, paragraphize = true)
+ if status.reblog?
+ prepend_reblog = status.reblog.account.acct
+ status = status.proper
+ else
+ prepend_reblog = false
+ end
+
raw_content = status.public_send(attribute)
return '' if raw_content.blank?
return reformat(raw_content) unless status.local?
+ linkable_accounts = status.mentions.map(&:account)
+ linkable_accounts << status.account
+
html = raw_content
- html = encode_and_link_urls(html, status.mentions)
+ html = "RT @#{prepend_reblog} #{html}" if prepend_reblog
+ html = encode_and_link_urls(html, linkable_accounts)
html = simple_format(html, {}, sanitize: false) if paragraphize
html = html.delete("\n")
@@ -52,7 +63,7 @@ class Formatter
HTMLEntities.new.encode(html)
end
- def encode_and_link_urls(html, mentions = nil)
+ def encode_and_link_urls(html, accounts = nil)
entities = Extractor.extract_entities_with_indices(html, extract_url_without_protocol: false)
rewrite(html.dup, entities) do |entity|
@@ -61,7 +72,7 @@ class Formatter
elsif entity[:hashtag]
link_to_hashtag(entity)
elsif entity[:screen_name]
- link_to_mention(entity, mentions)
+ link_to_mention(entity, accounts)
end
end
end
@@ -69,19 +80,21 @@ class Formatter
def rewrite(text, entities)
chars = text.to_s.to_char_a
- # sort by start index
+ # Sort by start index
entities = entities.sort_by do |entity|
indices = entity.respond_to?(:indices) ? entity.indices : entity[:indices]
indices.first
end
result = []
+
last_index = entities.reduce(0) do |index, entity|
indices = entity.respond_to?(:indices) ? entity.indices : entity[:indices]
result << encode(chars[index...indices.first].join)
result << yield(entity)
indices.last
end
+
result << encode(chars[last_index..-1].join)
result.flatten.join
@@ -89,26 +102,28 @@ class Formatter
def link_to_url(entity)
normalized_url = Addressable::URI.parse(entity[:url]).normalize
- html_attrs = {
- target: '_blank',
- rel: 'nofollow noopener',
- }
+ html_attrs = { target: '_blank', rel: 'nofollow noopener' }
+
Twitter::Autolink.send(:link_to_text, entity, link_html(entity[:url]), normalized_url, html_attrs)
rescue Addressable::URI::InvalidURIError
encode(entity[:url])
end
- def link_to_mention(entity, mentions)
+ def link_to_mention(entity, linkable_accounts)
acct = entity[:screen_name]
- return link_to_account(acct) unless mentions
- mention = mentions.find { |item| TagManager.instance.same_acct?(item.account.acct, acct) }
- mention ? mention_html(mention.account) : "@#{acct}"
+
+ return link_to_account(acct) unless linkable_accounts
+
+ account = linkable_accounts.find { |item| TagManager.instance.same_acct?(item.acct, acct) }
+ account ? mention_html(account) : "@#{acct}"
end
def link_to_account(acct)
username, domain = acct.split('@')
- domain = nil if TagManager.instance.local_domain?(domain)
+
+ domain = nil if TagManager.instance.local_domain?(domain)
account = Account.find_remote(username, domain)
+
account ? mention_html(account) : "@#{acct}"
end
@@ -117,7 +132,7 @@ class Formatter
end
def link_html(url)
- url = Addressable::URI.parse(url).display_uri.to_s
+ url = Addressable::URI.parse(url).display_uri.to_s
prefix = url.match(/\Ahttps?:\/\/(www\.)?/).to_s
text = url[prefix.length, 30]
suffix = url[prefix.length + 30..-1]
@@ -127,7 +142,7 @@ class Formatter
end
def hashtag_html(tag)
- "<a href=\"#{tag_url(tag.downcase)}\" class=\"mention hashtag\">#<span>#{tag}</span></a>"
+ "<a href=\"#{tag_url(tag.downcase)}\" class=\"mention hashtag\" rel=\"tag\">#<span>#{tag}</span></a>"
end
def mention_html(account)
diff --git a/spec/lib/formatter_spec.rb b/spec/lib/formatter_spec.rb
@@ -7,38 +7,56 @@ RSpec.describe Formatter do
let(:remote_status) { Fabricate(:status, text: '<script>alert("Hello")</script> Beep boop', uri: 'beepboop', account: account) }
let(:local_text_with_mention) { "@#{account.username} @#{account.username}@example.com #{local_text}?x=@#{account.username} #hashtag" }
- let(:local_status_with_mention) { Fabricate(:status, text: local_text_with_mention,
- account: account, mentions: [Fabricate(:mention, account: account)]) }
+
+ let(:local_status_with_mention) do
+ Fabricate(
+ :status,
+ text: local_text_with_mention,
+ account: account,
+ mentions: [Fabricate(:mention, account: account)]
+ )
+ end
describe '#format' do
subject { Formatter.instance.format(local_status) }
- it 'returns a string' do
- expect(subject).to be_a String
- end
+ context 'with standalone status' do
+ it 'returns a string' do
+ expect(subject).to be_a String
+ end
- it 'contains plain text' do
- expect(subject).to match('Hello world')
- end
+ it 'contains plain text' do
+ expect(subject).to match('Hello world')
+ end
- it 'contains a link' do
- expect(subject).to match('<a href="http://google.com/" rel="nofollow noopener" target="_blank"><span class="invisible">http://</span><span class="">google.com/</span><span class="invisible"></span></a>')
- end
+ it 'contains a link' do
+ expect(subject).to match('<a href="http://google.com/" rel="nofollow noopener" target="_blank"><span class="invisible">http://</span><span class="">google.com/</span><span class="invisible"></span></a>')
+ end
- it 'contains a mention' do
- result = Formatter.instance.format(local_status_with_mention)
- expect(result).to match "<a href=\"#{TagManager.instance.url_for(account)}\" class=\"u-url mention\">@<span>#{account.username}</span></a></span>"
- expect(result).to match %r{href=\"http://google.com/\?x=@#{account.username}}
- expect(result).not_to match "href=\"https://example.com/@#{account.username}"
+ it 'contains a mention' do
+ result = Formatter.instance.format(local_status_with_mention)
+ expect(result).to match "<a href=\"#{TagManager.instance.url_for(account)}\" class=\"u-url mention\">@<span>#{account.username}</span></a></span>"
+ expect(result).to match %r{href=\"http://google.com/\?x=@#{account.username}}
+ expect(result).not_to match "href=\"https://example.com/@#{account.username}"
+ end
+
+ it 'contains a hashtag' do
+ result = Formatter.instance.format(local_status_with_mention)
+ expect(result).to match('/tags/hashtag" class="mention hashtag" rel="tag">#<span>hashtag</span></a>')
+ end
end
- it 'contains a hashtag' do
- result = Formatter.instance.format(local_status_with_mention)
- expect(result).to match("/tags/hashtag\" class=\"mention hashtag\">#<span>hashtag</span></a>")
+ context 'with reblog' do
+ let(:local_status) { Fabricate(:status, account: account, reblog: Fabricate(:status, text: 'Hello world', account: account)) }
+
+ it 'contains credit to original author' do
+ expect(subject).to include("RT <span class=\"h-card\"><a href=\"#{TagManager.instance.url_for(account)}\" class=\"u-url mention\">@<span>#{account.username}</span></a></span> Hello world")
+ end
end
context 'matches a stand-alone medium URL' do
let(:local_text) { 'https://hackernoon.com/the-power-to-build-communities-a-response-to-mark-zuckerberg-3f2cac9148a4' }
+
it 'has valid url' do
expect(subject).to include('href="https://hackernoon.com/the-power-to-build-communities-a-response-to-mark-zuckerberg-3f2cac9148a4"')
end
@@ -46,6 +64,7 @@ RSpec.describe Formatter do
context 'matches a stand-alone google URL' do
let(:local_text) { 'http://google.com' }
+
it 'has valid url' do
expect(subject).to include('href="http://google.com/"')
end
@@ -53,6 +72,7 @@ RSpec.describe Formatter do
context 'matches a stand-alone IDN URL' do
let(:local_text) { 'https://nic.みんな/' }
+
it 'has valid url' do
expect(subject).to include('href="https://nic.xn--q9jyb4c/"')
end
@@ -64,6 +84,7 @@ RSpec.describe Formatter do
context 'matches a URL without trailing period' do
let(:local_text) { 'http://www.mcmansionhell.com/post/156408871451/50-states-of-mcmansion-hell-scottsdale-arizona. ' }
+
it 'has valid url' do
expect(subject).to include('href="http://www.mcmansionhell.com/post/156408871451/50-states-of-mcmansion-hell-scottsdale-arizona"')
end
@@ -75,6 +96,7 @@ RSpec.describe Formatter do
context 'matches a URL without exclamation point' do
let(:local_text) { 'http://www.google.com!' }
+
it 'has valid url' do
expect(subject).to include('href="http://www.google.com/"')
end
@@ -82,6 +104,7 @@ RSpec.describe Formatter do
context 'matches a URL without single quote' do
let(:local_text) { "http://www.google.com'" }
+
it 'has valid url' do
expect(subject).to include('href="http://www.google.com/"')
end
@@ -89,6 +112,7 @@ RSpec.describe Formatter do
context 'matches a URL without angle brackets' do
let(:local_text) { 'http://www.google.com>' }
+
it 'has valid url' do
expect(subject).to include('href="http://www.google.com/"')
end
@@ -96,6 +120,7 @@ RSpec.describe Formatter do
context 'matches a URL with a query string' do
let(:local_text) { 'https://www.ruby-toolbox.com/search?utf8=%E2%9C%93&q=autolink' }
+
it 'has valid url' do
expect(subject).to include('href="https://www.ruby-toolbox.com/search?utf8=%E2%9C%93&q=autolink"')
end
@@ -103,20 +128,23 @@ RSpec.describe Formatter do
context 'matches a URL with parenthesis in it' do
let(:local_text) { 'https://en.wikipedia.org/wiki/Diaspora_(software)' }
+
it 'has valid url' do
expect(subject).to include('href="https://en.wikipedia.org/wiki/Diaspora_(software)"')
end
end
context 'contains html (script tag)' do
- let(:local_text) { '<script>alert("Hello")</script>' }
- it 'has valid url' do
- expect(subject).to match '<p><script>alert("Hello")</script></p>'
- end
+ let(:local_text) { '<script>alert("Hello")</script>' }
+
+ it 'has valid url' do
+ expect(subject).to match '<p><script>alert("Hello")</script></p>'
+ end
end
context 'contains html (xss attack)' do
let(:local_text) { %q{<img src="javascript:alert('XSS');">} }
+
it 'has valid url' do
expect(subject).to match '<p><img src="javascript:alert('XSS');"></p>'
end
@@ -124,6 +152,7 @@ RSpec.describe Formatter do
context 'contains invalid URL' do
let(:local_text) { 'http://www\.google\.com' }
+
it 'has valid url' do
expect(subject).to eq '<p>http://www\.google\.com</p>'
end
