hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

SafeText: Let through basic html.

Browse source
This commit is contained in:
lain 2020-05-30 12:17:18 +02:00
commit 2c9465cc51
3 changed files with 22 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

7
test/web/activity_pub/object_validators/types/safe_text_test.exs
View file

@ -17,6 +17,13 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.Types.SafeTextTest do
assert {:ok, "hey look xss alert('foo')"} == SafeText.cast(text)
end
test "it keeps basic html tags" do
text = "hey <a href='http://gensokyo.2hu'>look</a> xss <script>alert('foo')</script>"
assert {:ok, "hey <a href=\"http://gensokyo.2hu\">look</a> xss alert(&#39;foo&#39;)"} ==
SafeText.cast(text)
end
test "errors for non-text" do
assert :error == SafeText.cast(1)
end