FreakU
/
mastodon
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix link sanitization for outgoing text/html and text/markdown toots 

Fixes #1739
This commit is contained in:
Claire 2022-04-11 08:40:18 +02:00
parent 9309c53d21
commit f2b2614d0a
2 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/sanitize_ext/sanitize_config.rb
View File

@ -133,7 +133,7 @@ class Sanitize
rel += ['nofollow', 'noopener', 'noreferrer'] unless TagManager.instance.local_url?(node['href']) rel += ['nofollow', 'noopener', 'noreferrer'] unless TagManager.instance.local_url?(node['href'])
if rel.empty? if rel.empty?
node['rel']&.delete node.remove_attribute('rel')
else else
node['rel'] = rel.join(' ') node['rel'] = rel.join(' ')
end end
@ -144,7 +144,7 @@ class Sanitize
node = env[:node] node = env[:node]
if node['target'] != '_blank' && TagManager.instance.local_url?(node['href']) if node['target'] != '_blank' && TagManager.instance.local_url?(node['href'])
node['target']&.delete node.remove_attribute('target')
else else
node['target'] = '_blank' node['target'] = '_blank'
end end

8
spec/lib/advanced_text_formatter_spec.rb
View File

@ -50,6 +50,14 @@ RSpec.describe AdvancedTextFormatter do
end end
end end
context 'given text with a local-domain mention' do
let(:text) { 'foo https://cb6e6126.ngrok.io/about/more' }
it 'creates a link' do
is_expected.to include '<a href="https://cb6e6126.ngrok.io/about/more"'
end
end
context 'given text containing linkable mentions' do context 'given text containing linkable mentions' do
let(:preloaded_accounts) { [Fabricate(:account, username: 'alice')] } let(:preloaded_accounts) { [Fabricate(:account, username: 'alice')] }
let(:text) { '@alice' } let(:text) { '@alice' }