diff options
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/lib/request_spec.rb | 5 | ||||
| -rw-r--r-- | spec/lib/sanitize_config_spec.rb | 4 | ||||
| -rw-r--r-- | spec/services/verify_link_service_spec.rb | 27 |
3 files changed, 36 insertions, 0 deletions
diff --git a/spec/lib/request_spec.rb b/spec/lib/request_spec.rb index 5eccf3201..8539944e2 100644 --- a/spec/lib/request_spec.rb +++ b/spec/lib/request_spec.rb @@ -120,6 +120,11 @@ describe Request do expect { subject.perform { |response| response.body_with_limit } }.to raise_error Mastodon::LengthValidationError end + it 'truncates large monolithic body' do + stub_request(:any, 'http://example.com').to_return(body: SecureRandom.random_bytes(2.megabytes), headers: { 'Content-Length' => 2.megabytes }) + expect(subject.perform { |response| response.truncated_body.bytesize }).to be < 2.megabytes + end + it 'uses binary encoding if Content-Type does not tell encoding' do stub_request(:any, 'http://example.com').to_return(body: '', headers: { 'Content-Type' => 'text/html' }) expect(subject.perform { |response| response.body_with_limit.encoding }).to eq Encoding::BINARY diff --git a/spec/lib/sanitize_config_spec.rb b/spec/lib/sanitize_config_spec.rb index dc6418e5b..29344476f 100644 --- a/spec/lib/sanitize_config_spec.rb +++ b/spec/lib/sanitize_config_spec.rb @@ -28,6 +28,10 @@ describe Sanitize::Config do expect(Sanitize.fragment('<a href="foo://bar">Test</a>', subject)).to eq 'Test' end + it 'does not re-interpret HTML when removing unsupported links' do + expect(Sanitize.fragment('<a href="foo://bar">Test<a href="https://example.com">test</a></a>', subject)).to eq 'Test<a href="https://example.com">test</a>' + end + it 'keeps a with href' do expect(Sanitize.fragment('<a href="http://example.com">Test</a>', subject)).to eq '<a href="http://example.com" rel="nofollow noopener noreferrer" target="_blank">Test</a>' end diff --git a/spec/services/verify_link_service_spec.rb b/spec/services/verify_link_service_spec.rb index 52ba454cc..391560f1c 100644 --- a/spec/services/verify_link_service_spec.rb +++ b/spec/services/verify_link_service_spec.rb @@ -73,6 +73,33 @@ RSpec.describe VerifyLinkService, type: :service do end end + context 'when a document is truncated but the link back is valid' do + let(:html) do + " + <!doctype html> + <body> + <a rel=\"me\" href=\"#{ActivityPub::TagManager.instance.url_for(account)}\" + " + end + + it 'marks the field as not verified' do + expect(field.verified?).to be false + end + end + + context 'when a link back might be truncated' do + let(:html) do + " + <!doctype html> + <body> + <a rel=\"me\" href=\"#{ActivityPub::TagManager.instance.url_for(account)}" + end + + it 'does not mark the field as verified' do + expect(field.verified?).to be false + end + end + context 'when a link does not contain a link back' do let(:html) { '' } |