spec/lib/html_aware_formatter_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

# frozen_string_literal: true

require 'rails_helper'

RSpec.describe HtmlAwareFormatter do
  describe '#to_s' do
    subject { described_class.new(text, local).to_s }

    context 'when local' do
      let(:local) { true }
      let(:text) { 'Foo bar' }

      it 'returns formatted text' do
        expect(subject).to eq '<p>Foo bar</p>'
      end
    end

    context 'when remote' do
      let(:local) { false }

      context 'given plain text' do
        let(:text) { 'Beep boop' }

        it 'keeps the plain text' do
          expect(subject).to include 'Beep boop'
        end
      end

      context 'given text containing script tags' do
        let(:text) { '<script>alert("Hello")</script>' }

        it 'strips the scripts' do
          expect(subject).to_not include '<script>alert("Hello")</script>'
        end
      end

      context 'given text containing malicious classes' do
        let(:text) { '<span class="mention  status__content__spoiler-link">Show more</span>' }

        it 'strips the malicious classes' do
          expect(subject).to_not include 'status__content__spoiler-link'
        end
      end
    end
  end
end