pleroma

commit: 46a5c06853c21e720b41a4b38a4d88a38a218ad4
parent fc7ce5f93c4031863cbaf62b72dce55b5b6b0390
Author: Tusooa Zhu <tusooa@kazv.moe>
Date:   Sat, 23 Jul 2022 22:50:38 -0400

Make NormalizeMarkup history-aware

Diffstat:
M
lib/pleroma/web/activity_pub/mrf/normalize_markup.ex
6
+++++-
M
test/pleroma/web/activity_pub/mrf/normalize_markup_test.exs
59
+++++++++++++++++++++++++++++++++++++++++++++++------------

2 files changed, 52 insertions(+), 13 deletions(-)
diff --git a/lib/pleroma/web/activity_pub/mrf/normalize_markup.ex b/lib/pleroma/web/activity_pub/mrf/normalize_markup.ex
@@ -9,7 +9,11 @@ defmodule Pleroma.Web.ActivityPub.MRF.NormalizeMarkup do
   @behaviour Pleroma.Web.ActivityPub.MRF.Policy
 
   @impl true
-  def filter(%{"type" => "Create", "object" => child_object} = object) do
+  def history_awareness, do: :auto
+
+  @impl true
+  def filter(%{"type" => type, "object" => child_object} = object)
+      when type in ["Create", "Update"] do
     scrub_policy = Pleroma.Config.get([:mrf_normalize_markup, :scrub_policy])
 
     content =
diff --git a/test/pleroma/web/activity_pub/mrf/normalize_markup_test.exs b/test/pleroma/web/activity_pub/mrf/normalize_markup_test.exs
@@ -4,6 +4,7 @@
 
 defmodule Pleroma.Web.ActivityPub.MRF.NormalizeMarkupTest do
   use Pleroma.DataCase, async: true
+  alias Pleroma.Web.ActivityPub.MRF
   alias Pleroma.Web.ActivityPub.MRF.NormalizeMarkup
 
   @html_sample """
@@ -16,24 +17,58 @@ defmodule Pleroma.Web.ActivityPub.MRF.NormalizeMarkupTest do
   <script>alert('hacked')</script>
   """
 
-  test "it filter html tags" do
-    expected = """
-    <b>this is in bold</b>
-    <p>this is a paragraph</p>
-    this is a linebreak<br/>
-    this is a link with allowed &quot;rel&quot; attribute: <a href="http://example.com/" rel="tag">example.com</a>
-    this is a link with not allowed &quot;rel&quot; attribute: <a href="http://example.com/">example.com</a>
-    this is an image: <img src="http://example.com/image.jpg"/><br/>
-    alert(&#39;hacked&#39;)
-    """
+  @expected """
+  <b>this is in bold</b>
+  <p>this is a paragraph</p>
+  this is a linebreak<br/>
+  this is a link with allowed &quot;rel&quot; attribute: <a href="http://example.com/" rel="tag">example.com</a>
+  this is a link with not allowed &quot;rel&quot; attribute: <a href="http://example.com/">example.com</a>
+  this is an image: <img src="http://example.com/image.jpg"/><br/>
+  alert(&#39;hacked&#39;)
+  """
 
+  test "it filter html tags" do
     message = %{"type" => "Create", "object" => %{"content" => @html_sample}}
 
     assert {:ok, res} = NormalizeMarkup.filter(message)
-    assert res["object"]["content"] == expected
+    assert res["object"]["content"] == @expected
+  end
+
+  test "history-aware" do
+    message = %{
+      "type" => "Create",
+      "object" => %{
+        "content" => @html_sample,
+        "formerRepresentations" => %{"orderedItems" => [%{"content" => @html_sample}]}
+      }
+    }
+
+    assert {:ok, res} = MRF.filter_one(NormalizeMarkup, message)
+
+    assert %{
+             "content" => @expected,
+             "formerRepresentations" => %{"orderedItems" => [%{"content" => @expected}]}
+           } = res["object"]
+  end
+
+  test "works with Updates" do
+    message = %{
+      "type" => "Update",
+      "object" => %{
+        "content" => @html_sample,
+        "formerRepresentations" => %{"orderedItems" => [%{"content" => @html_sample}]}
+      }
+    }
+
+    assert {:ok, res} = MRF.filter_one(NormalizeMarkup, message)
+
+    assert %{
+             "content" => @expected,
+             "formerRepresentations" => %{"orderedItems" => [%{"content" => @expected}]}
+           } = res["object"]
   end
 
-  test "it skips filter if type isn't `Create`" do
+  test "it skips filter if type isn't `Create` or `Update`" do
     message = %{"type" => "Note", "object" => %{}}
 
     assert {:ok, res} = NormalizeMarkup.filter(message)