1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
|
# frozen_string_literal: true
describe Diaspora::MessageRenderer do
def message(text, opts={})
Diaspora::MessageRenderer.new(text, opts)
end
describe '#title' do
context 'when :length is passed in parameters' do
it 'returns string of size less or equal to :length' do
string_size = 12
title = message("## This is a really, really, really long title\n Post content").title(length: string_size)
expect(title.size).to be <= string_size
end
end
context 'when :length is not passed in parameters' do
context 'with a Markdown header of less than 200 characters on first line' do
it 'returns atx style header' do
expect(message("## My title\n Post content...").title).to eq "My title"
expect(message("## My title ##\n Post content...").title).to eq "My title"
end
it 'returns setext style header' do
expect(message("My title \n======\n Post content...").title).to eq "My title"
end
it 'returns header without markdown' do
expect(message("## **[My title](http://diasporafoundation.org)**\n Post content...").title).to eq "My title (http://diasporafoundation.org)"
end
end
context "without a Markdown header of less than 200 characters on first line" do
it "truncates posts to the 70 first characters" do
text = "Chillwave heirloom small batch semiotics, brunch cliche yr gluten-free whatever bitters selfies."
expect(message(text).title).to eq "Chillwave heirloom small batch semiotics, brunch cliche yr gluten-f..."
end
end
end
end
describe '#html' do
it 'escapes the message' do
xss = "</a> <script> alert('hey'); </script>"
expect(message(xss).html).to_not include xss
end
it 'is html_safe' do
expect(message("hey guys").html).to be_html_safe
end
it 'should leave HTML entities intact' do
entities = '& ß ' ' "'
expect(message(entities).html).to eq entities
end
it 'normalizes' do
expect(
message("\u202a#\u200eUSA\u202c").markdownified
).to eq %(<p><a class="tag" href="/tags/USA">#USA</a></p>\n)
end
context 'with mentions' do
it 'makes hovercard links for mentioned people' do
expect(
message(
"@{Bob; #{bob.person.diaspora_handle}}",
mentioned_people: [bob.person]
).html
).to include 'hovercard'
end
it 'makes plaintext out of mentions of people not in the posts aspects' do
expect(
message("@{Bob; #{bob.person.diaspora_handle}}").html
).to_not include 'href'
end
context 'linking all mentions' do
it "makes no hovercards if they're disabled" do
message = message(
"@{Bob; #{bob.person.diaspora_handle}}",
mentioned_people: [bob.person],
disable_hovercards: true
).html
expect(message).to_not include 'hovercard'
expect(message).to include AppConfig.url_to("/people/#{bob.person.guid}")
end
end
end
context "with diaspora:// links" do
it "replaces diaspora:// links with pod-local links" do
target = FactoryBot.create(:status_message)
expect(
message("Have a look at diaspora://#{target.diaspora_handle}/post/#{target.guid}.").html
).to match(/Have a look at #{AppConfig.url_to("/posts/#{target.guid}")}./)
end
it "doesn't touch invalid diaspora:// links" do
text = "You can create diaspora://author/type/guid links!"
expect(message(text).html).to match(/#{text}/)
end
it "ignores a diaspora:// links with a unknown guid" do
text = "Try this: `diaspora://unknown@localhost:3000/post/thislookslikeavalidguid123456789`"
expect(message(text).html).to match(/#{text}/)
end
it "ignores a diaspora:// links with an invalid entity type" do
target = FactoryBot.create(:status_message)
text = "Try this: `diaspora://#{target.diaspora_handle}/posts/#{target.guid}`"
expect(message(text).html).to match(/#{text}/)
end
end
end
describe "#markdownified" do
describe "not doing something dumb" do
it "strips out script tags" do
expect(
message("<script>alert('XSS is evil')</script>").markdownified
).to eq "<p>alert('XSS is evil')</p>\n"
end
it 'strips onClick handlers from links' do
expect(
message('[XSS](http://joindiaspora.com/" onClick="$\(\'a\'\).remove\(\))').markdownified
).to_not match(/ onClick/i)
end
end
it 'does not barf if message is nil' do
expect(message(nil).markdownified).to eq ''
end
it 'autolinks standard url links' do
expect(
message("http://joindiaspora.com/").markdownified
).to include 'href="http://joindiaspora.com/"'
end
it "normalizes" do
{
"\u202a#\u200eUSA\u202c" => "<p><a class=\"tag\" href=\"/tags/USA\">#USA</a></p>\n",
"ള്" => "<p>ള്</p>\n"
}.each do |input, output|
expect(message(input).markdownified).to eq output
end
end
context 'when formatting status messages' do
it "should leave tags intact" do
expect(
message("I love #markdown").markdownified
).to match %r{<a class="tag" href="/tags/markdown">#markdown</a>}
end
it 'should leave multi-underscore tags intact' do
expect(
message("Here is a #multi_word tag").markdownified
).to match %r{Here is a <a class="tag" href="/tags/multi_word">#multi_word</a> tag}
expect(
message("Here is a #multi_word_tag yo").markdownified
).to match %r{Here is a <a class="tag" href="/tags/multi_word_tag">#multi_word_tag</a> yo}
end
it "should leave mentions intact" do
expect(
message("Hey @{Bob; #{bob.diaspora_handle}}!", mentioned_people: [bob.person]).markdownified
).to match(/hovercard/)
end
it "should leave mentions intact for real diaspora handles" do
new_person = FactoryBot.create(:person, diaspora_handle: "maxwell@joindiaspora.com")
expect(
message(
"Hey @{maxwell@joindiaspora.com; #{new_person.diaspora_handle}}!",
mentioned_people: [new_person]
).markdownified
).to match(/hovercard/)
end
it "does not parse mentions as markdown" do
new_person = FactoryBot.create(:person, diaspora_handle: "__underscore__@example.org")
expect(
message(
"Hey @{#{new_person.diaspora_handle}}!",
mentioned_people: [new_person]
).markdownified
).to match(%r{>#{new_person.name}</a>})
end
it 'should process text with both a hashtag and a link' do
expect(
message("Test #tag?\nhttps://joindiaspora.com\n").markdownified
).to eq %{<p>Test <a class="tag" href="/tags/tag">#tag</a>?<br>\n<a href="https://joindiaspora.com" rel="nofollow noopener noreferrer" target="_blank">https://joindiaspora.com</a></p>\n}
end
it 'should process text with a header' do
expect(message("# I love markdown").markdownified).to match "I love markdown"
end
it 'should leave HTML entities intact' do
entities = '& ß ' ' "'
expect(message(entities).markdownified).to eq "<p>#{entities}</p>\n"
end
context "with diaspora:// links" do
it "replaces diaspora:// links with pod-local links" do
target1 = FactoryBot.create(:status_message)
target2 = FactoryBot.create(:status_message)
text = "Have a look at [this post](diaspora://#{target1.diaspora_handle}/post/#{target1.guid}) and " \
"this one too diaspora://#{target2.diaspora_handle}/post/#{target2.guid}."
rendered = message(text).markdownified
expect(rendered).to match(%r{at <a href="#{AppConfig.url_to("/posts/#{target1.guid}")}">this post</a> and})
expect(rendered).to match(/this one too #{AppConfig.url_to("/posts/#{target2.guid}")}./)
end
it "doesn't touch invalid diaspora:// links" do
text = "You can create diaspora://author/type/guid links!"
expect(message(text).markdownified).to match(/#{text}/)
end
end
end
end
describe "#plain_text_without_markdown" do
it 'does not remove markdown in links' do
text = "some text and here comes http://exampe.org/foo_bar_baz a link"
expect(message(text).plain_text_without_markdown).to eq text
end
it 'does not destroy hashtag that starts a line' do
text = "#hashtag message"
expect(message(text).plain_text_without_markdown).to eq text
end
context "with mention" do
it "contains the name of the mentioned person" do
msg = message("@{#{alice.diaspora_handle}} is cool", mentioned_people: alice.person)
expect(msg.plain_text_without_markdown).to eq "@#{alice.name} is cool"
end
it "uses the name from mention when the mention contains a name" do
msg = message("@{Alice; #{alice.diaspora_handle}} is cool", mentioned_people: alice.person)
expect(msg.plain_text_without_markdown).to eq "@Alice is cool"
end
it "uses the diaspora ID when the person cannot be found" do
msg = message("@{#{alice.diaspora_handle}} is cool", mentioned_people: [])
expect(msg.plain_text_without_markdown).to eq "@#{alice.diaspora_handle} is cool"
end
end
context "with diaspora:// links" do
it "replaces diaspora:// links with pod-local links" do
target1 = FactoryBot.create(:status_message)
target2 = FactoryBot.create(:status_message)
text = "Have a look at [this post](diaspora://#{target1.diaspora_handle}/post/#{target1.guid}) and " \
"this one too diaspora://#{target2.diaspora_handle}/post/#{target2.guid}."
rendered = message(text).plain_text_without_markdown
expect(rendered).to match(/look at this post \(#{AppConfig.url_to("/posts/#{target1.guid}")}\) and/)
expect(rendered).to match(/this one too #{AppConfig.url_to("/posts/#{target2.guid}")}./)
end
it "doesn't touch invalid diaspora:// links" do
text = "You can create diaspora://author/type/guid links!"
expect(message(text).plain_text_without_markdown).to match(/#{text}/)
end
end
end
describe "#urls" do
it "extracts the urls from the raw message" do
text = "[Perdu](http://perdu.com/) and [DuckDuckGo](https://duckduckgo.com/) can help you"
expect(message(text).urls).to eql ["http://perdu.com/", "https://duckduckgo.com/"]
end
it "extracts urls from continous markdown correctly" do
text = "[](https://www.antifainfoblatt.de/artikel/%E2%80%9Eschlie%C3%9Flich-waren-es-zu-viele%E2%80%9C)"
expect(message(text).urls).to eq ["https://www.antifainfoblatt.de/sites/default/files/public/styles/front_full/public/jockpalfreeman.png?itok=OPjHKpmt", "https://www.antifainfoblatt.de/artikel/%E2%80%9Eschlie%C3%9Flich-waren-es-zu-viele%E2%80%9C"]
end
it "encodes extracted urls" do
url = "http://www.example.com/url/with/umlauts/ä/index.html"
expect(message(url).urls).to eq ["http://www.example.com/url/with/umlauts/%C3%A4/index.html"]
end
it "not double encodes an already encoded url" do
encoded_url = "http://www.example.com/url/with/umlauts/%C3%A4/index.html"
expect(message(encoded_url).urls).to eq [encoded_url]
end
it "parses IDN correctly" do
url = "http://www.hören.at/"
expect(message(url).urls).to eq ["http://www.xn--hren-5qa.at/"]
end
end
describe "#plain_text_for_json" do
it "normalizes" do
{
"\u202a#\u200eUSA\u202c" => "#USA",
"ള്" => "ള്"
}.each do |input, output|
expect(message(input).plain_text_for_json).to eq output
end
end
context "with diaspora:// links" do
it "replaces diaspora:// links with pod-local links" do
target1 = FactoryBot.create(:status_message)
target2 = FactoryBot.create(:status_message)
text = "Have a look at [this post](diaspora://#{target1.diaspora_handle}/post/#{target1.guid}) and " \
"this one too diaspora://#{target2.diaspora_handle}/post/#{target2.guid}."
rendered = message(text).plain_text_for_json
expect(rendered).to match(/look at \[this post\]\(#{AppConfig.url_to("/posts/#{target1.guid}")}\) and/)
expect(rendered).to match(/this one too #{AppConfig.url_to("/posts/#{target2.guid}")}./)
end
it "doesn't touch invalid diaspora:// links" do
text = "You can create diaspora://author/type/guid links!"
expect(message(text).plain_text_for_json).to match(/#{text}/)
end
end
end
end
|
