Fix sanitizer parsing link text as HTML when stripping unsupported links (#22558)

author: Claire <claire.github-309c@sitedethib.com> 2023-01-11 22:21:10 +0100
committer: GitHub <noreply@github.com> 2023-01-11 22:21:10 +0100
commit: 15b88a83ab7dbe022e33552f45f300fc69a934d0 (patch)
tree: 7f2feb76752588267a93a417a9d087bf48d285c8 /spec/lib
parent: 0c689b9d014324aba5b8751dacec4c0fc20b2038 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/spec/lib/sanitize_config_spec.rb b/spec/lib/sanitize_config_spec.rb
index 747d81158..c9543ceb0 100644
--- a/spec/lib/sanitize_config_spec.rb
+++ b/spec/lib/sanitize_config_spec.rb
@@ -38,6 +38,10 @@ describe Sanitize::Config do
       expect(Sanitize.fragment('<a href="foo://bar">Test</a>', subject)).to eq 'Test'
     end
 
+    it 'does not re-interpret HTML when removing unsupported links' do
+      expect(Sanitize.fragment('<a href="foo://bar">Test&lt;a href="https://example.com"&gt;test&lt;/a&gt;</a>', subject)).to eq 'Test&lt;a href="https://example.com"&gt;test&lt;/a&gt;'
+    end
+
     it 'keeps a with href' do
       expect(Sanitize.fragment('<a href="http://example.com">Test</a>', subject)).to eq '<a href="http://example.com" rel="nofollow noopener noreferrer" target="_blank">Test</a>'
     end
author	Claire <claire.github-309c@sitedethib.com>	2023-01-11 22:21:10 +0100
committer	GitHub <noreply@github.com>	2023-01-11 22:21:10 +0100
commit	15b88a83ab7dbe022e33552f45f300fc69a934d0 (patch)
tree	7f2feb76752588267a93a417a9d087bf48d285c8 /spec/lib
parent	0c689b9d014324aba5b8751dacec4c0fc20b2038 (diff)