From 7dffaef4799b0e867e91e19b76567c0e1a19bb43 Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Tue, 23 Jun 2020 18:16:47 +0300 Subject: tests consistency --- test/html_test.exs | 255 ----------------------------------------------------- 1 file changed, 255 deletions(-) delete mode 100644 test/html_test.exs (limited to 'test/html_test.exs') diff --git a/test/html_test.exs b/test/html_test.exs deleted file mode 100644 index 7d3756884..000000000 --- a/test/html_test.exs +++ /dev/null @@ -1,255 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2020 Pleroma Authors -# SPDX-License-Identifier: AGPL-3.0-only - -defmodule Pleroma.HTMLTest do - alias Pleroma.HTML - alias Pleroma.Object - alias Pleroma.Web.CommonAPI - use Pleroma.DataCase - - import Pleroma.Factory - - @html_sample """ - this is in bold -

this is a paragraph

- this is a linebreak
- this is a link with allowed "rel" attribute: - this is a link with not allowed "rel" attribute: example.com - this is an image:
- - """ - - @html_onerror_sample """ - - """ - - @html_span_class_sample """ - hi - """ - - @html_span_microformats_sample """ - @foo - """ - - @html_span_invalid_microformats_sample """ - @foo - """ - - describe "StripTags scrubber" do - test "works as expected" do - expected = """ - this is in bold - this is a paragraph - this is a linebreak - this is a link with allowed "rel" attribute: example.com - this is a link with not allowed "rel" attribute: example.com - this is an image: - alert('hacked') - """ - - assert expected == HTML.strip_tags(@html_sample) - end - - test "does not allow attribute-based XSS" do - expected = "\n" - - assert expected == HTML.strip_tags(@html_onerror_sample) - end - end - - describe "TwitterText scrubber" do - test "normalizes HTML as expected" do - expected = """ - this is in bold -

this is a paragraph

- this is a linebreak
- this is a link with allowed "rel" attribute: - this is a link with not allowed "rel" attribute: example.com - this is an image:
- alert('hacked') - """ - - assert expected == HTML.filter_tags(@html_sample, Pleroma.HTML.Scrubber.TwitterText) - end - - test "does not allow attribute-based XSS" do - expected = """ - - """ - - assert expected == HTML.filter_tags(@html_onerror_sample, Pleroma.HTML.Scrubber.TwitterText) - end - - test "does not allow spans with invalid classes" do - expected = """ - hi - """ - - assert expected == - HTML.filter_tags(@html_span_class_sample, Pleroma.HTML.Scrubber.TwitterText) - end - - test "does allow microformats" do - expected = """ - @foo - """ - - assert expected == - HTML.filter_tags(@html_span_microformats_sample, Pleroma.HTML.Scrubber.TwitterText) - end - - test "filters invalid microformats markup" do - expected = """ - @foo - """ - - assert expected == - HTML.filter_tags( - @html_span_invalid_microformats_sample, - Pleroma.HTML.Scrubber.TwitterText - ) - end - end - - describe "default scrubber" do - test "normalizes HTML as expected" do - expected = """ - this is in bold -

this is a paragraph

- this is a linebreak
- this is a link with allowed "rel" attribute: - this is a link with not allowed "rel" attribute: example.com - this is an image:
- alert('hacked') - """ - - assert expected == HTML.filter_tags(@html_sample, Pleroma.HTML.Scrubber.Default) - end - - test "does not allow attribute-based XSS" do - expected = """ - - """ - - assert expected == HTML.filter_tags(@html_onerror_sample, Pleroma.HTML.Scrubber.Default) - end - - test "does not allow spans with invalid classes" do - expected = """ - hi - """ - - assert expected == HTML.filter_tags(@html_span_class_sample, Pleroma.HTML.Scrubber.Default) - end - - test "does allow microformats" do - expected = """ - @foo - """ - - assert expected == - HTML.filter_tags(@html_span_microformats_sample, Pleroma.HTML.Scrubber.Default) - end - - test "filters invalid microformats markup" do - expected = """ - @foo - """ - - assert expected == - HTML.filter_tags( - @html_span_invalid_microformats_sample, - Pleroma.HTML.Scrubber.Default - ) - end - end - - describe "extract_first_external_url_from_object" do - test "extracts the url" do - user = insert(:user) - - {:ok, activity} = - CommonAPI.post(user, %{ - status: - "I think I just found the best github repo https://github.com/komeiji-satori/Dress" - }) - - object = Object.normalize(activity) - {:ok, url} = HTML.extract_first_external_url_from_object(object) - assert url == "https://github.com/komeiji-satori/Dress" - end - - test "skips mentions" do - user = insert(:user) - other_user = insert(:user) - - {:ok, activity} = - CommonAPI.post(user, %{ - status: - "@#{other_user.nickname} install misskey! https://github.com/syuilo/misskey/blob/develop/docs/setup.en.md" - }) - - object = Object.normalize(activity) - {:ok, url} = HTML.extract_first_external_url_from_object(object) - - assert url == "https://github.com/syuilo/misskey/blob/develop/docs/setup.en.md" - - refute url == other_user.ap_id - end - - test "skips hashtags" do - user = insert(:user) - - {:ok, activity} = - CommonAPI.post(user, %{ - status: "#cofe https://www.pixiv.net/member_illust.php?mode=medium&illust_id=72255140" - }) - - object = Object.normalize(activity) - {:ok, url} = HTML.extract_first_external_url_from_object(object) - - assert url == "https://www.pixiv.net/member_illust.php?mode=medium&illust_id=72255140" - end - - test "skips microformats hashtags" do - user = insert(:user) - - {:ok, activity} = - CommonAPI.post(user, %{ - status: - "#cofe https://www.pixiv.net/member_illust.php?mode=medium&illust_id=72255140", - content_type: "text/html" - }) - - object = Object.normalize(activity) - {:ok, url} = HTML.extract_first_external_url_from_object(object) - - assert url == "https://www.pixiv.net/member_illust.php?mode=medium&illust_id=72255140" - end - - test "does not crash when there is an HTML entity in a link" do - user = insert(:user) - - {:ok, activity} = CommonAPI.post(user, %{status: "\"http://cofe.com/?boomer=ok&foo=bar\""}) - - object = Object.normalize(activity) - - assert {:ok, nil} = HTML.extract_first_external_url_from_object(object) - end - - test "skips attachment links" do - user = insert(:user) - - {:ok, activity} = - CommonAPI.post(user, %{ - status: - "image.png" - }) - - object = Object.normalize(activity) - - assert {:ok, nil} = HTML.extract_first_external_url_from_object(object) - end - end -end -- cgit v1.2.3