diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2018-10-04 15:47:03 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-10-04 15:47:03 +0200 |
commit | 7fe137d2f7792ed735be11eaca6d87fbc114043a (patch) | |
tree | 77d3cfbfdb19dbac86fbadaac3896c381431e20b /spec | |
parent | 49b182cd5134f45ca825ae62d869bbb28d3c9266 (diff) |
Fix link verification for remote accounts (#8868)
Diffstat (limited to 'spec')
-rw-r--r-- | spec/services/verify_link_service_spec.rb | 139 |
1 files changed, 83 insertions, 56 deletions
diff --git a/spec/services/verify_link_service_spec.rb b/spec/services/verify_link_service_spec.rb index 9b04d6136..2edcdb75f 100644 --- a/spec/services/verify_link_service_spec.rb +++ b/spec/services/verify_link_service_spec.rb @@ -3,80 +3,107 @@ require 'rails_helper' RSpec.describe VerifyLinkService, type: :service do subject { described_class.new } - let(:account) { Fabricate(:account, username: 'alice') } - let(:field) { Account::Field.new(account, 'name' => 'Website', 'value' => 'http://example.com') } + context 'given a local account' do + let(:account) { Fabricate(:account, username: 'alice') } + let(:field) { Account::Field.new(account, 'name' => 'Website', 'value' => 'http://example.com') } - before do - stub_request(:head, 'https://redirect.me/abc').to_return(status: 301, headers: { 'Location' => ActivityPub::TagManager.instance.url_for(account) }) - stub_request(:get, 'http://example.com').to_return(status: 200, body: html) - subject.call(field) - end - - context 'when a link contains an <a> back' do - let(:html) do - <<-HTML - <!doctype html> - <body> - <a href="#{ActivityPub::TagManager.instance.url_for(account)}" rel="me">Follow me on Mastodon</a> - </body> - HTML + before do + stub_request(:head, 'https://redirect.me/abc').to_return(status: 301, headers: { 'Location' => ActivityPub::TagManager.instance.url_for(account) }) + stub_request(:get, 'http://example.com').to_return(status: 200, body: html) + subject.call(field) end - it 'marks the field as verified' do - expect(field.verified?).to be true + context 'when a link contains an <a> back' do + let(:html) do + <<-HTML + <!doctype html> + <body> + <a href="#{ActivityPub::TagManager.instance.url_for(account)}" rel="me">Follow me on Mastodon</a> + </body> + HTML + end + + it 'marks the field as verified' do + expect(field.verified?).to be true + end end - end - context 'when a link contains an <a rel="noopener"> back' do - let(:html) do - <<-HTML - <!doctype html> - <body> - <a href="#{ActivityPub::TagManager.instance.url_for(account)}" rel="noopener me" target="_blank">Follow me on Mastodon</a> - </body> - HTML + context 'when a link contains an <a rel="noopener"> back' do + let(:html) do + <<-HTML + <!doctype html> + <body> + <a href="#{ActivityPub::TagManager.instance.url_for(account)}" rel="noopener me" target="_blank">Follow me on Mastodon</a> + </body> + HTML + end + + it 'marks the field as verified' do + expect(field.verified?).to be true + end end - it 'marks the field as verified' do - expect(field.verified?).to be true + context 'when a link contains a <link> back' do + let(:html) do + <<-HTML + <!doctype html> + <head> + <link type="text/html" href="#{ActivityPub::TagManager.instance.url_for(account)}" rel="me" /> + </head> + HTML + end + + it 'marks the field as verified' do + expect(field.verified?).to be true + end end - end - context 'when a link contains a <link> back' do - let(:html) do - <<-HTML - <!doctype html> - <head> - <link type="text/html" href="#{ActivityPub::TagManager.instance.url_for(account)}" rel="me" /> - </head> - HTML + context 'when a link goes through a redirect back' do + let(:html) do + <<-HTML + <!doctype html> + <head> + <link type="text/html" href="https://redirect.me/abc" rel="me" /> + </head> + HTML + end + + it 'marks the field as verified' do + expect(field.verified?).to be true + end end - it 'marks the field as verified' do - expect(field.verified?).to be true + context 'when a link does not contain a link back' do + let(:html) { '' } + + it 'marks the field as verified' do + expect(field.verified?).to be false + end end end - context 'when a link goes through a redirect back' do - let(:html) do - <<-HTML - <!doctype html> - <head> - <link type="text/html" href="https://redirect.me/abc" rel="me" /> - </head> - HTML - end + context 'given a remote account' do + let(:account) { Fabricate(:account, username: 'alice', domain: 'example.com', url: 'https://profile.example.com/alice') } + let(:field) { Account::Field.new(account, 'name' => 'Website', 'value' => '<a href="http://example.com" rel="me"><span class="invisible">http://</span><span class="">example.com</span><span class="invisible"></span></a>') } - it 'marks the field as verified' do - expect(field.verified?).to be true + before do + stub_request(:get, 'http://example.com').to_return(status: 200, body: html) + subject.call(field) end - end - context 'when a link does not contain a link back' do - let(:html) { '' } + context 'when a link contains an <a> back' do + let(:html) do + <<-HTML + <!doctype html> + <body> + <a href="https://profile.example.com/alice" rel="me">Follow me on Mastodon</a> + </body> + HTML + end - it 'marks the field as verified' do - expect(field.verified?).to be false + it 'marks the field as verified' do + expect(field.verified?).to be true + end end end end |