diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/pleroma/activity_test.exs | 1 | ||||
| -rw-r--r-- | test/pleroma/html_test.exs | 26 | ||||
| -rw-r--r-- | test/pleroma/web/mastodon_api/controllers/search_controller_test.exs | 1 |
3 files changed, 28 insertions, 0 deletions
diff --git a/test/pleroma/activity_test.exs b/test/pleroma/activity_test.exs index e38384c9c..a48a68837 100644 --- a/test/pleroma/activity_test.exs +++ b/test/pleroma/activity_test.exs @@ -145,6 +145,7 @@ defmodule Pleroma.ActivityTest do setup do: clear_config([:instance, :limit_to_local_content]) + @tag :skip_on_mac test "finds utf8 text in statuses", %{ japanese_activity: japanese_activity, user: user diff --git a/test/pleroma/html_test.exs b/test/pleroma/html_test.exs index 970baf63b..b99689903 100644 --- a/test/pleroma/html_test.exs +++ b/test/pleroma/html_test.exs @@ -17,6 +17,7 @@ defmodule Pleroma.HTMLTest do this is a link with allowed "rel" attribute: <a href="http://example.com/" rel="tag">example.com</a> this is a link with not allowed "rel" attribute: <a href="http://example.com/" rel="tag noallowed">example.com</a> this is an image: <img src="http://example.com/image.jpg"><br /> + this is an inline emoji: <img class="emoji" src="http://example.com/image.jpg"><br /> <script>alert('hacked')</script> """ @@ -24,6 +25,10 @@ defmodule Pleroma.HTMLTest do <img src="http://example.com/image.jpg" onerror="alert('hacked')"> """ + @html_stillimage_sample """ + <img class="still-image" src="http://example.com/image.jpg"> + """ + @html_span_class_sample """ <span class="animate-spin">hi</span> """ @@ -45,6 +50,7 @@ defmodule Pleroma.HTMLTest do this is a link with allowed "rel" attribute: example.com this is a link with not allowed "rel" attribute: example.com this is an image: + this is an inline emoji: alert('hacked') """ @@ -67,6 +73,7 @@ defmodule Pleroma.HTMLTest do this is a link with allowed "rel" attribute: <a href="http://example.com/" rel="tag">example.com</a> this is a link with not allowed "rel" attribute: <a href="http://example.com/">example.com</a> this is an image: <img src="http://example.com/image.jpg"/><br/> + this is an inline emoji: <img class="emoji" src="http://example.com/image.jpg"/><br/> alert('hacked') """ @@ -90,6 +97,15 @@ defmodule Pleroma.HTMLTest do HTML.filter_tags(@html_span_class_sample, Pleroma.HTML.Scrubber.TwitterText) end + test "does not allow images with invalid classes" do + expected = """ + <img src="http://example.com/image.jpg"/> + """ + + assert expected == + HTML.filter_tags(@html_stillimage_sample, Pleroma.HTML.Scrubber.TwitterText) + end + test "does allow microformats" do expected = """ <span class="h-card"><a class="u-url mention">@<span>foo</span></a></span> @@ -121,6 +137,7 @@ defmodule Pleroma.HTMLTest do this is a link with allowed "rel" attribute: <a href="http://example.com/" rel="tag">example.com</a> this is a link with not allowed "rel" attribute: <a href="http://example.com/">example.com</a> this is an image: <img src="http://example.com/image.jpg"/><br/> + this is an inline emoji: <img class="emoji" src="http://example.com/image.jpg"/><br/> alert('hacked') """ @@ -143,6 +160,15 @@ defmodule Pleroma.HTMLTest do assert expected == HTML.filter_tags(@html_span_class_sample, Pleroma.HTML.Scrubber.Default) end + test "does not allow images with invalid classes" do + expected = """ + <img src="http://example.com/image.jpg"/> + """ + + assert expected == + HTML.filter_tags(@html_stillimage_sample, Pleroma.HTML.Scrubber.TwitterText) + end + test "does allow microformats" do expected = """ <span class="h-card"><a class="u-url mention">@<span>foo</span></a></span> diff --git a/test/pleroma/web/mastodon_api/controllers/search_controller_test.exs b/test/pleroma/web/mastodon_api/controllers/search_controller_test.exs index 9a5d88109..0a9240b70 100644 --- a/test/pleroma/web/mastodon_api/controllers/search_controller_test.exs +++ b/test/pleroma/web/mastodon_api/controllers/search_controller_test.exs @@ -37,6 +37,7 @@ defmodule Pleroma.Web.MastodonAPI.SearchControllerTest do end end + @tag :skip_on_mac test "search", %{conn: conn} do user = insert(:user) user_two = insert(:user, %{nickname: "shp@shitposter.club"}) |