diff options
author | Claire <claire.github-309c@sitedethib.com> | 2022-04-11 08:40:18 +0200 |
---|---|---|
committer | Claire <claire.github-309c@sitedethib.com> | 2022-04-11 09:06:25 +0200 |
commit | f2b2614d0a3852259f21f7969a946fb3d8b7e96d (patch) | |
tree | 3d77fc18ddd8c25e929dfd4258dcfb8bae26b4be | |
parent | 9309c53d21df806d57dd59dbc59a807d2f8b8b11 (diff) |
Fix link sanitization for outgoing text/html and text/markdown toots
Fixes #1739
-rw-r--r-- | lib/sanitize_ext/sanitize_config.rb | 4 | ||||
-rw-r--r-- | spec/lib/advanced_text_formatter_spec.rb | 8 |
2 files changed, 10 insertions, 2 deletions
diff --git a/lib/sanitize_ext/sanitize_config.rb b/lib/sanitize_ext/sanitize_config.rb index 935e1f4f6..946543868 100644 --- a/lib/sanitize_ext/sanitize_config.rb +++ b/lib/sanitize_ext/sanitize_config.rb @@ -133,7 +133,7 @@ class Sanitize rel += ['nofollow', 'noopener', 'noreferrer'] unless TagManager.instance.local_url?(node['href']) if rel.empty? - node['rel']&.delete + node.remove_attribute('rel') else node['rel'] = rel.join(' ') end @@ -144,7 +144,7 @@ class Sanitize node = env[:node] if node['target'] != '_blank' && TagManager.instance.local_url?(node['href']) - node['target']&.delete + node.remove_attribute('target') else node['target'] = '_blank' end diff --git a/spec/lib/advanced_text_formatter_spec.rb b/spec/lib/advanced_text_formatter_spec.rb index 4e859c93c..ea1a9570d 100644 --- a/spec/lib/advanced_text_formatter_spec.rb +++ b/spec/lib/advanced_text_formatter_spec.rb @@ -50,6 +50,14 @@ RSpec.describe AdvancedTextFormatter do end end + context 'given text with a local-domain mention' do + let(:text) { 'foo https://cb6e6126.ngrok.io/about/more' } + + it 'creates a link' do + is_expected.to include '<a href="https://cb6e6126.ngrok.io/about/more"' + end + end + context 'given text containing linkable mentions' do let(:preloaded_accounts) { [Fabricate(:account, username: 'alice')] } let(:text) { '@alice' } |