logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma git clone https://hacktivis.me/git/pleroma.git

normalize_markup_test.exs (2565B)

    

  1. # Pleroma: A lightweight social networking server
  2. # Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
  3. # SPDX-License-Identifier: AGPL-3.0-only
  5. defmodule Pleroma.Web.ActivityPub.MRF.NormalizeMarkupTest do
  6.   use Pleroma.DataCase, async: true
  7.   alias Pleroma.Web.ActivityPub.MRF
  8.   alias Pleroma.Web.ActivityPub.MRF.NormalizeMarkup
  10.   @html_sample """
  11.   <b>this is in bold</b>
  12.   <p>this is a paragraph</p>
  13.   this is a linebreak<br />
  14.   this is a link with allowed "rel" attribute: <a href="http://example.com/" rel="tag">example.com</a>
  15.   this is a link with not allowed "rel" attribute: <a href="http://example.com/" rel="tag noallowed">example.com</a>
  16.   this is an image: <img src="http://example.com/image.jpg"><br />
  17.   <script>alert('hacked')</script>
  18.   """
  20.   @expected """
  21.   <b>this is in bold</b>
  22.   <p>this is a paragraph</p>
  23.   this is a linebreak<br/>
  24.   this is a link with allowed &quot;rel&quot; attribute: <a href="http://example.com/" rel="tag">example.com</a>
  25.   this is a link with not allowed &quot;rel&quot; attribute: <a href="http://example.com/">example.com</a>
  26.   this is an image: <img src="http://example.com/image.jpg"/><br/>
  27.   alert(&#39;hacked&#39;)
  28.   """
  30.   test "it filter html tags" do
  31.     message = %{"type" => "Create", "object" => %{"content" => @html_sample}}
  33.     assert {:ok, res} = NormalizeMarkup.filter(message)
  34.     assert res["object"]["content"] == @expected
  35.   end
  37.   test "history-aware" do
  38.     message = %{
  39.       "type" => "Create",
  40.       "object" => %{
  41.         "content" => @html_sample,
  42.         "formerRepresentations" => %{"orderedItems" => [%{"content" => @html_sample}]}
  43.       }
  44.     }
  46.     assert {:ok, res} = MRF.filter_one(NormalizeMarkup, message)
  48.     assert %{
  49.              "content" => @expected,
  50.              "formerRepresentations" => %{"orderedItems" => [%{"content" => @expected}]}
  51.            } = res["object"]
  52.   end
  54.   test "works with Updates" do
  55.     message = %{
  56.       "type" => "Update",
  57.       "object" => %{
  58.         "content" => @html_sample,
  59.         "formerRepresentations" => %{"orderedItems" => [%{"content" => @html_sample}]}
  60.       }
  61.     }
  63.     assert {:ok, res} = MRF.filter_one(NormalizeMarkup, message)
  65.     assert %{
  66.              "content" => @expected,
  67.              "formerRepresentations" => %{"orderedItems" => [%{"content" => @expected}]}
  68.            } = res["object"]
  69.   end
  71.   test "it skips filter if type isn't `Create` or `Update`" do
  72.     message = %{"type" => "Note", "object" => %{}}
  74.     assert {:ok, res} = NormalizeMarkup.filter(message)
  75.     assert res == message
  76.   end
  77. end