diff options
| author | Starfall <root@starfall.blue> | 2020-02-13 17:55:53 -0600 |
|---|---|---|
| committer | Starfall <root@starfall.blue> | 2020-02-13 17:55:53 -0600 |
| commit | 5902299384d15249fe4b84b8761d4a49f3c7f6fd (patch) | |
| tree | 66f1db08a2f6f9ae2254ba7a81b71835039d671e /spec | |
| parent | 6d24d3bcb84abd04f31da95f97f6d60ef0afdc00 (diff) | |
| parent | 0cbd6d696b8937066cde297ad2eae4b558353b7c (diff) | |
Merge branch 'glitch'
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/controllers/concerns/signature_verification_spec.rb | 27 | ||||
| -rw-r--r-- | spec/controllers/health_check_controller_spec.rb | 13 | ||||
| -rw-r--r-- | spec/lib/sanitize_config_spec.rb | 16 |
3 files changed, 56 insertions, 0 deletions
diff --git a/spec/controllers/concerns/signature_verification_spec.rb b/spec/controllers/concerns/signature_verification_spec.rb index 1fa19f54d..05fb1445b 100644 --- a/spec/controllers/concerns/signature_verification_spec.rb +++ b/spec/controllers/concerns/signature_verification_spec.rb @@ -97,6 +97,33 @@ describe ApplicationController, type: :controller do end end + context 'with inaccessible key' do + before do + get :success + + author = Fabricate(:account, domain: 'localhost:5000', uri: 'http://localhost:5000/actor') + fake_request = Request.new(:get, request.url) + fake_request.on_behalf_of(author) + author.destroy + + request.headers.merge!(fake_request.headers) + + stub_request(:get, 'http://localhost:5000/actor#main-key').to_raise(Mastodon::HostValidationError) + end + + describe '#signed_request?' do + it 'returns true' do + expect(controller.signed_request?).to be true + end + end + + describe '#signed_request_account' do + it 'returns nil' do + expect(controller.signed_request_account).to be_nil + end + end + end + context 'with body' do before do post :success, body: 'Hello world' diff --git a/spec/controllers/health_check_controller_spec.rb b/spec/controllers/health_check_controller_spec.rb new file mode 100644 index 000000000..c00600c9b --- /dev/null +++ b/spec/controllers/health_check_controller_spec.rb @@ -0,0 +1,13 @@ +require 'rails_helper' + +describe HealthCheck::HealthCheckController do + render_views + + describe 'GET #show' do + subject(:response) { get :index, params: { format: :json } } + + it 'returns the right response' do + expect(response).to have_http_status 200 + end + end +end diff --git a/spec/lib/sanitize_config_spec.rb b/spec/lib/sanitize_config_spec.rb index c5143bcef..50558a0d8 100644 --- a/spec/lib/sanitize_config_spec.rb +++ b/spec/lib/sanitize_config_spec.rb @@ -14,5 +14,21 @@ describe Sanitize::Config do it 'keeps ul' do expect(Sanitize.fragment('<p>Check out:</p><ul><li>Foo</li><li>Bar</li></ul>', subject)).to eq '<p>Check out:</p><ul><li>Foo</li><li>Bar</li></ul>' end + + it 'removes a without href' do + expect(Sanitize.fragment('<a>Test</a>', subject)).to eq 'Test' + end + + it 'removes a without href and only keeps text content' do + expect(Sanitize.fragment('<a><span class="invisible">foo&</span><span>Test</span></a>', subject)).to eq 'foo&Test' + end + + it 'removes a with unsupported scheme in href' do + expect(Sanitize.fragment('<a href="foo://bar">Test</a>', subject)).to eq 'Test' + end + + it 'keeps a with href' do + expect(Sanitize.fragment('<a href="http://example.com">Test</a>', subject)).to eq '<a href="http://example.com" rel="nofollow noopener tag noreferrer" target="_blank">Test</a>' + end end end |