Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
discourse/spec/components/email/styles_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

368 lines
15 KiB
Ruby
Raw Normal View History

DEV: use #frozen_string_literal: true on all spec This change both speeds up specs (less strings to allocate) and helps catch cases where methods in Discourse are mutating inputs. Overall we will be migrating everything to use #frozen_string_literal: true it will take a while, but this is the first and safest move in this direction
2019-04-29 20:27:42 -04:00
# frozen_string_literal: true
Prepare for separation of RSpec helper files Since rspec-rails 3, the default installation creates two helper files: * `spec_helper.rb` * `rails_helper.rb` `spec_helper.rb` is intended as a way of running specs that do not require Rails, whereas `rails_helper.rb` loads Rails (as Discourse's current `spec_helper.rb` does). For more information: https://www.relishapp.com/rspec/rspec-rails/docs/upgrade#default-helper-files In this commit, I've simply replaced all instances of `spec_helper` with `rails_helper`, and renamed the original `spec_helper.rb`. This brings the Discourse project closer to the standard usage of RSpec in a Rails app. At present, every spec relies on loading Rails, but there are likely many that don't need to. In a future pull request, I hope to introduce a separate, minimal `spec_helper.rb` which can be used in tests which don't rely on Rails.
2015-10-11 05:41:23 -04:00
require 'rails_helper'
Better HTML emails, smarter email digests, new email section in admin with digest preview
2013-06-03 16:12:24 -04:00
require 'email'
Moved Email components into a module
2013-06-10 15:33:37 -04:00
describe Email::Styles do
FEATURE: Allow email image embed with secure media (#10563) This PR introduces a few important changes to secure media redaction in emails. First of all, two new site settings have been introduced: * `secure_media_allow_embed_images_in_emails`: If enabled we will embed secure images in emails instead of redacting them. * `secure_media_max_email_embed_image_size_kb`: The cap to the size of the secure image we will embed, defaulting to 1mb, so the email does not become too big. Max is 10mb. Works in tandem with `email_total_attachment_size_limit_kb`. `Email::Sender` will now attach images to the email based on these settings. The sender will also call `inline_secure_images` in `Email::Styles` after secure media is redacted and attachments are added to replace redaction messages with attached images. I went with attachment and `cid` URLs because base64 image support is _still_ flaky in email clients. All redaction of secure media is now handled in `Email::Styles` and calls out to `PrettyText.strip_secure_media` to do the actual stripping and replacing with placeholders. `app/mailers/group_smtp_mailer.rb` and `app/mailers/user_notifications.rb` no longer do any stripping because they are earlier in the pipeline than `Email::Styles`. Finally the redaction notice has been restyled and includes a link to the media that the user can click, which will show it to them if they have the necessary permissions. ![image](https://user-images.githubusercontent.com/920448/92341012-b9a2c380-f0ff-11ea-860e-b376b4528357.png)
2020-09-09 19:50:16 -04:00
let(:attachments) { {} }
Better HTML emails, smarter email digests, new email section in admin with digest preview
2013-06-03 16:12:24 -04:00
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
def basic_fragment(html)
FIX: Emoji sizes in emails should be done by the EmailStyler
2013-06-13 12:15:05 -04:00
styler = Email::Styles.new(html)
styler.format_basic
FEATURE: Nokogumbo (#9577) * FEATURE: Nokogumbo Use Nokogumbo HTML parser.
2020-05-04 23:46:57 -04:00
Nokogiri::HTML5.fragment(styler.to_html)
Better HTML emails, smarter email digests, new email section in admin with digest preview
2013-06-03 16:12:24 -04:00
end
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
def html_fragment(html)
FIX: Emoji sizes in emails should be done by the EmailStyler
2013-06-13 12:15:05 -04:00
styler = Email::Styles.new(html)
styler.format_basic
styler.format_html
FEATURE: Nokogumbo (#9577) * FEATURE: Nokogumbo Use Nokogumbo HTML parser.
2020-05-04 23:46:57 -04:00
Nokogiri::HTML5.fragment(styler.to_html)
test format_notifications
2016-01-27 18:44:49 -05:00
end
FIX: Emoji sizes in emails should be done by the EmailStyler
2013-06-13 12:15:05 -04:00
context "basic formatter" do
Re-enable skip tests for `Email::Styles`.
2017-07-24 10:16:54 -04:00
it "adds a max-width to large images" do
frag = basic_fragment("<img height='auto' width='auto' src='gigantic.jpg'>")
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
expect(frag.at("img")["style"]).to match("max-width")
test format_notifications
2016-01-27 18:44:49 -05:00
end
FIX: prevent huge custom emojis in emails
2017-01-30 12:06:48 -05:00
it "adds a width and height to emojis" do
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = basic_fragment("<img src='/images/emoji/fish.png' class='emoji'>")
expect(frag.at("img")["width"]).to eq("20")
expect(frag.at("img")["height"]).to eq("20")
FIX: Emoji sizes in emails should be done by the EmailStyler
2013-06-13 12:15:05 -04:00
end
FIX: prevent huge custom emojis in emails
2017-01-30 12:06:48 -05:00
it "adds a width and height to custom emojis" do
frag = basic_fragment("<img src='/uploads/default/_emoji/fish.png' class='emoji emoji-custom'>")
expect(frag.at("img")["width"]).to eq("20")
expect(frag.at("img")["height"]).to eq("20")
end
FIX: Emoji sizes in emails should be done by the EmailStyler
2013-06-13 12:15:05 -04:00
it "converts relative paths to absolute paths" do
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = basic_fragment("<img src='/some-image.png'>")
expect(frag.at("img")["src"]).to eq("#{Discourse.base_url}/some-image.png")
FIX: Emoji sizes in emails should be done by the EmailStyler
2013-06-13 12:15:05 -04:00
end
Better HTML emails, smarter email digests, new email section in admin with digest preview
2013-06-03 16:12:24 -04:00
improve email styling, include extra respond link
2013-07-26 03:27:46 -04:00
it "strips classes and ids" do
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = basic_fragment("<div class='foo' id='bar'><div class='foo' id='bar'></div></div>")
expect(frag.to_html).to eq("<div><div></div></div>")
improve email styling, include extra respond link
2013-07-26 03:27:46 -04:00
end
Better HTML emails, smarter email digests, new email section in admin with digest preview
2013-06-03 16:12:24 -04:00
end
FIX: Emoji sizes in emails should be done by the EmailStyler
2013-06-13 12:15:05 -04:00
context "html template formatter" do
it "attaches a style to h3 tags" do
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = html_fragment("<h3>hello</h3>")
expect(frag.at('h3')['style']).to be_present
FIX: Emoji sizes in emails should be done by the EmailStyler
2013-06-13 12:15:05 -04:00
end
it "attaches a style to hr tags" do
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = html_fragment("hello<hr>")
expect(frag.at('hr')['style']).to be_present
FIX: Emoji sizes in emails should be done by the EmailStyler
2013-06-13 12:15:05 -04:00
end
it "attaches a style to a tags" do
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = html_fragment("<a href>wat</a>")
expect(frag.at('a')['style']).to be_present
FIX: Emoji sizes in emails should be done by the EmailStyler
2013-06-13 12:15:05 -04:00
end
it "attaches a style to a tags" do
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = html_fragment("<a href>wat</a>")
expect(frag.at('a')['style']).to be_present
FIX: Emoji sizes in emails should be done by the EmailStyler
2013-06-13 12:15:05 -04:00
end
it "attaches a style to ul and li tags" do
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = html_fragment("<ul><li>hello</li></ul>")
expect(frag.at('ul')['style']).to be_present
expect(frag.at('li')['style']).to be_present
FIX: Emoji sizes in emails should be done by the EmailStyler
2013-06-13 12:15:05 -04:00
end
FIX: Don't put iframes in emails where they are sanitized out. Replace them with links.
2014-07-14 16:41:05 -04:00
it "converts iframes to links" do
iframe_url = "http://www.youtube.com/embed/7twifrxOTQY?feature=oembed&wmode=opaque"
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = html_fragment("<iframe src=\"#{iframe_url}\"></iframe>")
expect(frag.at('iframe')).to be_blank
expect(frag.at('a')).to be_present
expect(frag.at('a')['href']).to eq(iframe_url)
FIX: Don't put iframes in emails where they are sanitized out. Replace them with links.
2014-07-14 16:41:05 -04:00
end
it "won't allow non URLs in iframe src, strips them with no link" do
iframe_url = "alert('xss hole')"
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = html_fragment("<iframe src=\"#{iframe_url}\"></iframe>")
expect(frag.at('iframe')).to be_blank
expect(frag.at('a')).to be_blank
move styles to Styles
2016-01-27 22:07:21 -05:00
end
FIX: email styling with blacklisted iframes
2016-10-21 06:37:03 -04:00
it "won't allow empty iframe src, strips them with no link" do
frag = html_fragment("<iframe src=''></iframe>")
expect(frag.at('iframe')).to be_blank
expect(frag.at('a')).to be_blank
end
FIX: prefer data-original-href attribute to get iframe URL
2019-04-24 04:20:27 -04:00
it "prefers data-original-href attribute to get iframe link" do
DEV: more accurate spec for email iframe handling
2019-04-25 13:02:04 -04:00
original_url = "https://vimeo.com/329875646/85f1546a42"
FIX: prefer data-original-href attribute to get iframe URL
2019-04-24 04:20:27 -04:00
iframe_url = "https://player.vimeo.com/video/329875646"
frag = html_fragment("<iframe src=\"#{iframe_url}\" data-original-href=\"#{original_url}\"></iframe>")
expect(frag.at('iframe')).to be_blank
expect(frag.at('a')).to be_present
expect(frag.at('a')['href']).to eq(original_url)
end
test format_notifications
2016-01-27 18:44:49 -05:00
end
FIX: Replace protocol relative URLs in emails
2014-06-13 17:11:04 -04:00
context "rewriting protocol relative URLs to the forum" do
it "doesn't rewrite a url to another site" do
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = html_fragment('<a href="//youtube.com/discourse">hello</a>')
expect(frag.at('a')['href']).to eq("//youtube.com/discourse")
FIX: Replace protocol relative URLs in emails
2014-06-13 17:11:04 -04:00
end
context "without https" do
before do
Nuke all `SiteSetting.stubs` from our codebase.
2017-07-07 02:09:14 -04:00
SiteSetting.force_https = false
FIX: Replace protocol relative URLs in emails
2014-06-13 17:11:04 -04:00
end
it "rewrites the href to have http" do
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = html_fragment('<a href="//test.localhost/discourse">hello</a>')
expect(frag.at('a')['href']).to eq("http://test.localhost/discourse")
FIX: Replace protocol relative URLs in emails
2014-06-13 17:11:04 -04:00
end
FIX: attachment links in mail lacks protocol
2014-10-27 14:21:55 -04:00
it "rewrites the href for attachment files to have http" do
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = html_fragment('<a class="attachment" href="//try-discourse.global.ssl.fastly.net/uploads/default/368/40b610b0aa90cfcf.txt">attachment_file.txt</a>')
expect(frag.at('a')['href']).to eq("http://try-discourse.global.ssl.fastly.net/uploads/default/368/40b610b0aa90cfcf.txt")
FIX: attachment links in mail lacks protocol
2014-10-27 14:21:55 -04:00
end
FIX: Replace protocol relative URLs in emails
2014-06-13 17:11:04 -04:00
it "rewrites the src to have http" do
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = html_fragment('<img src="//test.localhost/blah.jpg">')
expect(frag.at('img')['src']).to eq("http://test.localhost/blah.jpg")
FIX: Replace protocol relative URLs in emails
2014-06-13 17:11:04 -04:00
end
end
context "with https" do
before do
Nuke all `SiteSetting.stubs` from our codebase.
2017-07-07 02:09:14 -04:00
SiteSetting.force_https = true
FIX: Replace protocol relative URLs in emails
2014-06-13 17:11:04 -04:00
end
FIX: attachment links in mail lacks protocol
2014-10-27 14:21:55 -04:00
it "rewrites the forum URL to have https" do
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = html_fragment('<a href="//test.localhost/discourse">hello</a>')
expect(frag.at('a')['href']).to eq("https://test.localhost/discourse")
FIX: Replace protocol relative URLs in emails
2014-06-13 17:11:04 -04:00
end
FIX: attachment links in mail lacks protocol
2014-10-27 14:21:55 -04:00
it "rewrites the href for attachment files to have https" do
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = html_fragment('<a class="attachment" href="//try-discourse.global.ssl.fastly.net/uploads/default/368/40b610b0aa90cfcf.txt">attachment_file.txt</a>')
expect(frag.at('a')['href']).to eq("https://try-discourse.global.ssl.fastly.net/uploads/default/368/40b610b0aa90cfcf.txt")
FIX: attachment links in mail lacks protocol
2014-10-27 14:21:55 -04:00
end
FIX: Replace protocol relative URLs in emails
2014-06-13 17:11:04 -04:00
it "rewrites the src to have https" do
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
frag = html_fragment('<img src="//test.localhost/blah.jpg">')
expect(frag.at('img')['src']).to eq("https://test.localhost/blah.jpg")
FIX: Replace protocol relative URLs in emails
2014-06-13 17:11:04 -04:00
end
end
FIX: Emoji sizes in emails should be done by the EmailStyler
2013-06-13 12:15:05 -04:00
Better HTML emails, smarter email digests, new email section in admin with digest preview
2013-06-03 16:12:24 -04:00
end
FIX: incorrect emoji stripping logic
2015-08-18 19:12:08 -04:00
context "strip_avatars_and_emojis" do
it "works for lonesome emoji with no title" do
emoji = "<img src='/images/emoji/emoji_one/crying_cat_face.png'>"
style = Email::Styles.new(emoji)
style.strip_avatars_and_emojis
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
expect(style.to_html).to match_html(emoji)
FIX: incorrect emoji stripping logic
2015-08-18 19:12:08 -04:00
end
it "works for lonesome emoji with title" do
emoji = "<img title='cry_cry' src='/images/emoji/emoji_one/crying_cat_face.png'>"
style = Email::Styles.new(emoji)
style.strip_avatars_and_emojis
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
expect(style.to_html).to match_html("cry_cry")
FIX: incorrect emoji stripping logic
2015-08-18 19:12:08 -04:00
end
FIX: fail to send email notification if post has img tag with no src attribute
2017-06-15 10:36:11 -04:00
it "works if img tag has no attrs" do
cooked = "Create a method for click on image and use ng-click in <img> in your slide box...it is simple"
style = Email::Styles.new(cooked)
style.strip_avatars_and_emojis
DEV: Enable preserve_email_structure_when_styling by default In 1bd8a075, a hidden site setting was added that causes Email::Styles to treat its input as a complete document in all cases. This commit enables that setting by default. Some tests were removed that were broken by this change. They tested the behaviour of applying email styles to empty strings. They weren't useful because: * Sending empty email is not something we ever intend to do, * They were testing incidental behaviour - there are lots of valid ways to process the empty string, * Their intent wasn't clear from their descriptions,
2020-07-20 05:04:04 -04:00
expect(style.to_html).to include(cooked)
FIX: fail to send email notification if post has img tag with no src attribute
2017-06-15 10:36:11 -04:00
end
FIX: incorrect emoji stripping logic
2015-08-18 19:12:08 -04:00
end
simplify quote markup in emails
2017-01-02 03:03:03 -05:00
context "onebox_styles" do
it "renders quote as <blockquote>" do
fragment = html_fragment('<aside class="quote"> <div class="title"> <div class="quote-controls"> <i class="fa fa-chevron-down" title="expand/collapse"></i><a href="/t/xyz/123" title="go to the quoted post" class="back"></a> </div> <img alt="" width="20" height="20" src="https://cdn-enterprise.discourse.org/boingboing/user_avatar/bbs.boingboing.net/techapj/40/54379_1.png" class="avatar">techAPJ: </div> <blockquote> <p>lorem ipsum</p> </blockquote> </aside>')
expect(fragment.to_s.squish).to match(/^<blockquote.+<\/blockquote>$/)
end
end
Revert "FEATURE (WIP): add max-width and center email notifications"
2016-01-29 05:13:59 -05:00
FEATURE: Allow email image embed with secure media (#10563) This PR introduces a few important changes to secure media redaction in emails. First of all, two new site settings have been introduced: * `secure_media_allow_embed_images_in_emails`: If enabled we will embed secure images in emails instead of redacting them. * `secure_media_max_email_embed_image_size_kb`: The cap to the size of the secure image we will embed, defaulting to 1mb, so the email does not become too big. Max is 10mb. Works in tandem with `email_total_attachment_size_limit_kb`. `Email::Sender` will now attach images to the email based on these settings. The sender will also call `inline_secure_images` in `Email::Styles` after secure media is redacted and attachments are added to replace redaction messages with attached images. I went with attachment and `cid` URLs because base64 image support is _still_ flaky in email clients. All redaction of secure media is now handled in `Email::Styles` and calls out to `PrettyText.strip_secure_media` to do the actual stripping and replacing with placeholders. `app/mailers/group_smtp_mailer.rb` and `app/mailers/user_notifications.rb` no longer do any stripping because they are earlier in the pipeline than `Email::Styles`. Finally the redaction notice has been restyled and includes a link to the media that the user can click, which will show it to them if they have the necessary permissions. ![image](https://user-images.githubusercontent.com/920448/92341012-b9a2c380-f0ff-11ea-860e-b376b4528357.png)
2020-09-09 19:50:16 -04:00
context "replace_secure_media_urls" do
FIX: Safely skip secure_media steps when it's not enabled (#11110) * FIX: Safely skip secure_media steps when it's not enabled * DEV: Secure media tests should enable secure media
2020-11-03 11:53:15 -05:00
before do
setup_s3
SiteSetting.secure_media = true
end
FEATURE: Allow email image embed with secure media (#10563) This PR introduces a few important changes to secure media redaction in emails. First of all, two new site settings have been introduced: * `secure_media_allow_embed_images_in_emails`: If enabled we will embed secure images in emails instead of redacting them. * `secure_media_max_email_embed_image_size_kb`: The cap to the size of the secure image we will embed, defaulting to 1mb, so the email does not become too big. Max is 10mb. Works in tandem with `email_total_attachment_size_limit_kb`. `Email::Sender` will now attach images to the email based on these settings. The sender will also call `inline_secure_images` in `Email::Styles` after secure media is redacted and attachments are added to replace redaction messages with attached images. I went with attachment and `cid` URLs because base64 image support is _still_ flaky in email clients. All redaction of secure media is now handled in `Email::Styles` and calls out to `PrettyText.strip_secure_media` to do the actual stripping and replacing with placeholders. `app/mailers/group_smtp_mailer.rb` and `app/mailers/user_notifications.rb` no longer do any stripping because they are earlier in the pipeline than `Email::Styles`. Finally the redaction notice has been restyled and includes a link to the media that the user can click, which will show it to them if they have the necessary permissions. ![image](https://user-images.githubusercontent.com/920448/92341012-b9a2c380-f0ff-11ea-860e-b376b4528357.png)
2020-09-09 19:50:16 -04:00
let(:attachments) { { 'testimage.png' => stub(url: 'email/test.png') } }
FEATURE: Add support for secure media (#7888) This PR introduces a new secure media setting. When enabled, it prevent unathorized access to media uploads (files of type image, video and audio). When the `login_required` setting is enabled, then all media uploads will be protected from unauthorized (anonymous) access. When `login_required`is disabled, only media in private messages will be protected from unauthorized access. A few notes: - the `prevent_anons_from_downloading_files` setting no longer applies to audio and video uploads - the `secure_media` setting can only be enabled if S3 uploads are already enabled and configured - upload records have a new column, `secure`, which is a boolean `true/false` of the upload's secure status - when creating a public post with an upload that has already been uploaded and is marked as secure, the post creator will raise an error - when enabling or disabling the setting on a site with existing uploads, the rake task `uploads:ensure_correct_acl` should be used to update all uploads' secure status and their ACL on S3
2019-11-17 20:25:42 -05:00
it "replaces secure media within a link with a placeholder" do
frag = html_fragment("<a href=\"#{Discourse.base_url}\/secure-media-uploads/original/1X/testimage.png\"><img src=\"/secure-media-uploads/original/1X/testimage.png\"></a>")
expect(frag.at('img')).not_to be_present
FEATURE: Allow email image embed with secure media (#10563) This PR introduces a few important changes to secure media redaction in emails. First of all, two new site settings have been introduced: * `secure_media_allow_embed_images_in_emails`: If enabled we will embed secure images in emails instead of redacting them. * `secure_media_max_email_embed_image_size_kb`: The cap to the size of the secure image we will embed, defaulting to 1mb, so the email does not become too big. Max is 10mb. Works in tandem with `email_total_attachment_size_limit_kb`. `Email::Sender` will now attach images to the email based on these settings. The sender will also call `inline_secure_images` in `Email::Styles` after secure media is redacted and attachments are added to replace redaction messages with attached images. I went with attachment and `cid` URLs because base64 image support is _still_ flaky in email clients. All redaction of secure media is now handled in `Email::Styles` and calls out to `PrettyText.strip_secure_media` to do the actual stripping and replacing with placeholders. `app/mailers/group_smtp_mailer.rb` and `app/mailers/user_notifications.rb` no longer do any stripping because they are earlier in the pipeline than `Email::Styles`. Finally the redaction notice has been restyled and includes a link to the media that the user can click, which will show it to them if they have the necessary permissions. ![image](https://user-images.githubusercontent.com/920448/92341012-b9a2c380-f0ff-11ea-860e-b376b4528357.png)
2020-09-09 19:50:16 -04:00
expect(frag.to_s).to include("Redacted")
FEATURE: Add support for secure media (#7888) This PR introduces a new secure media setting. When enabled, it prevent unathorized access to media uploads (files of type image, video and audio). When the `login_required` setting is enabled, then all media uploads will be protected from unauthorized (anonymous) access. When `login_required`is disabled, only media in private messages will be protected from unauthorized access. A few notes: - the `prevent_anons_from_downloading_files` setting no longer applies to audio and video uploads - the `secure_media` setting can only be enabled if S3 uploads are already enabled and configured - upload records have a new column, `secure`, which is a boolean `true/false` of the upload's secure status - when creating a public post with an upload that has already been uploaded and is marked as secure, the post creator will raise an error - when enabling or disabling the setting on a site with existing uploads, the rake task `uploads:ensure_correct_acl` should be used to update all uploads' secure status and their ACL on S3
2019-11-17 20:25:42 -05:00
end
it "replaces secure images with a placeholder" do
frag = html_fragment("<img src=\"/secure-media-uploads/original/1X/testimage.png\">")
expect(frag.at('img')).not_to be_present
FEATURE: Allow email image embed with secure media (#10563) This PR introduces a few important changes to secure media redaction in emails. First of all, two new site settings have been introduced: * `secure_media_allow_embed_images_in_emails`: If enabled we will embed secure images in emails instead of redacting them. * `secure_media_max_email_embed_image_size_kb`: The cap to the size of the secure image we will embed, defaulting to 1mb, so the email does not become too big. Max is 10mb. Works in tandem with `email_total_attachment_size_limit_kb`. `Email::Sender` will now attach images to the email based on these settings. The sender will also call `inline_secure_images` in `Email::Styles` after secure media is redacted and attachments are added to replace redaction messages with attached images. I went with attachment and `cid` URLs because base64 image support is _still_ flaky in email clients. All redaction of secure media is now handled in `Email::Styles` and calls out to `PrettyText.strip_secure_media` to do the actual stripping and replacing with placeholders. `app/mailers/group_smtp_mailer.rb` and `app/mailers/user_notifications.rb` no longer do any stripping because they are earlier in the pipeline than `Email::Styles`. Finally the redaction notice has been restyled and includes a link to the media that the user can click, which will show it to them if they have the necessary permissions. ![image](https://user-images.githubusercontent.com/920448/92341012-b9a2c380-f0ff-11ea-860e-b376b4528357.png)
2020-09-09 19:50:16 -04:00
expect(frag.to_s).to include("Redacted")
FEATURE: Add support for secure media (#7888) This PR introduces a new secure media setting. When enabled, it prevent unathorized access to media uploads (files of type image, video and audio). When the `login_required` setting is enabled, then all media uploads will be protected from unauthorized (anonymous) access. When `login_required`is disabled, only media in private messages will be protected from unauthorized access. A few notes: - the `prevent_anons_from_downloading_files` setting no longer applies to audio and video uploads - the `secure_media` setting can only be enabled if S3 uploads are already enabled and configured - upload records have a new column, `secure`, which is a boolean `true/false` of the upload's secure status - when creating a public post with an upload that has already been uploaded and is marked as secure, the post creator will raise an error - when enabling or disabling the setting on a site with existing uploads, the rake task `uploads:ensure_correct_acl` should be used to update all uploads' secure status and their ACL on S3
2019-11-17 20:25:42 -05:00
end
FIX: Stop secure media URLs being censored too liberally in emails (#8817) For example /t/ URLs were being replaced if they contained secure-media-uploads so if you made a topic called "Secure Media Uploads Are Cool" the View Topic link in the user notifications would be stripped out. Refactored code so this secure URL detection happens in one place.
2020-01-30 01:19:14 -05:00
it "does not replace topic links with secure-media-uploads in the name" do
frag = html_fragment("<a href=\"#{Discourse.base_url}\/t/secure-media-uploads/235723\">Visit Topic</a>")
FEATURE: Allow email image embed with secure media (#10563) This PR introduces a few important changes to secure media redaction in emails. First of all, two new site settings have been introduced: * `secure_media_allow_embed_images_in_emails`: If enabled we will embed secure images in emails instead of redacting them. * `secure_media_max_email_embed_image_size_kb`: The cap to the size of the secure image we will embed, defaulting to 1mb, so the email does not become too big. Max is 10mb. Works in tandem with `email_total_attachment_size_limit_kb`. `Email::Sender` will now attach images to the email based on these settings. The sender will also call `inline_secure_images` in `Email::Styles` after secure media is redacted and attachments are added to replace redaction messages with attached images. I went with attachment and `cid` URLs because base64 image support is _still_ flaky in email clients. All redaction of secure media is now handled in `Email::Styles` and calls out to `PrettyText.strip_secure_media` to do the actual stripping and replacing with placeholders. `app/mailers/group_smtp_mailer.rb` and `app/mailers/user_notifications.rb` no longer do any stripping because they are earlier in the pipeline than `Email::Styles`. Finally the redaction notice has been restyled and includes a link to the media that the user can click, which will show it to them if they have the necessary permissions. ![image](https://user-images.githubusercontent.com/920448/92341012-b9a2c380-f0ff-11ea-860e-b376b4528357.png)
2020-09-09 19:50:16 -04:00
expect(frag.to_s).not_to include("Redacted")
end
FIX: secure_media stripping on lightboxes, non-image links (#11121) - Fixes stripping of lightboxes with empty srcset attribute - Does not fail when email has links with secure media URLs but no child image elements
2020-11-04 15:45:50 -05:00
it "works in lightboxes with missing srcset attribute" do
frag = html_fragment("<a href=\"#{Discourse.base_url}\/secure-media-uploads/original/1X/testimage.png\" class=\"lightbox\"><img src=\"/secure-media-uploads/original/1X/testimage.png\"></a>")
expect(frag.at('img')).not_to be_present
expect(frag.to_s).to include("Redacted")
end
it "works in lightboxes with srcset attribute set" do
frag = html_fragment(
<<~HTML
<a href="#{Discourse.base_url}/secure-media-uploads/original/1X/testimage.png" class="lightbox">
<img src="/secure-media-uploads/original/1X/testimage.png" srcset="/secure-media-uploads/optimized/1X/testimage.png, /secure-media-uploads/original/1X/testimage.png 1.5x" />
</a>
HTML
)
expect(frag.at('img')).not_to be_present
expect(frag.to_s).to include("Redacted")
end
it "skips links with no images as children" do
frag = html_fragment("<a href=\"#{Discourse.base_url}\/secure-media-uploads/original/1X/testimage.png\"><span>Clearly not an image</span></a>")
expect(frag.to_s).to include("not an image")
end
FEATURE: Allow email image embed with secure media (#10563) This PR introduces a few important changes to secure media redaction in emails. First of all, two new site settings have been introduced: * `secure_media_allow_embed_images_in_emails`: If enabled we will embed secure images in emails instead of redacting them. * `secure_media_max_email_embed_image_size_kb`: The cap to the size of the secure image we will embed, defaulting to 1mb, so the email does not become too big. Max is 10mb. Works in tandem with `email_total_attachment_size_limit_kb`. `Email::Sender` will now attach images to the email based on these settings. The sender will also call `inline_secure_images` in `Email::Styles` after secure media is redacted and attachments are added to replace redaction messages with attached images. I went with attachment and `cid` URLs because base64 image support is _still_ flaky in email clients. All redaction of secure media is now handled in `Email::Styles` and calls out to `PrettyText.strip_secure_media` to do the actual stripping and replacing with placeholders. `app/mailers/group_smtp_mailer.rb` and `app/mailers/user_notifications.rb` no longer do any stripping because they are earlier in the pipeline than `Email::Styles`. Finally the redaction notice has been restyled and includes a link to the media that the user can click, which will show it to them if they have the necessary permissions. ![image](https://user-images.githubusercontent.com/920448/92341012-b9a2c380-f0ff-11ea-860e-b376b4528357.png)
2020-09-09 19:50:16 -04:00
end
context "inline_secure_images" do
FIX: Safely skip secure_media steps when it's not enabled (#11110) * FIX: Safely skip secure_media steps when it's not enabled * DEV: Secure media tests should enable secure media
2020-11-03 11:53:15 -05:00
before do
setup_s3
SiteSetting.secure_media = true
end
FEATURE: Allow email image embed with secure media (#10563) This PR introduces a few important changes to secure media redaction in emails. First of all, two new site settings have been introduced: * `secure_media_allow_embed_images_in_emails`: If enabled we will embed secure images in emails instead of redacting them. * `secure_media_max_email_embed_image_size_kb`: The cap to the size of the secure image we will embed, defaulting to 1mb, so the email does not become too big. Max is 10mb. Works in tandem with `email_total_attachment_size_limit_kb`. `Email::Sender` will now attach images to the email based on these settings. The sender will also call `inline_secure_images` in `Email::Styles` after secure media is redacted and attachments are added to replace redaction messages with attached images. I went with attachment and `cid` URLs because base64 image support is _still_ flaky in email clients. All redaction of secure media is now handled in `Email::Styles` and calls out to `PrettyText.strip_secure_media` to do the actual stripping and replacing with placeholders. `app/mailers/group_smtp_mailer.rb` and `app/mailers/user_notifications.rb` no longer do any stripping because they are earlier in the pipeline than `Email::Styles`. Finally the redaction notice has been restyled and includes a link to the media that the user can click, which will show it to them if they have the necessary permissions. ![image](https://user-images.githubusercontent.com/920448/92341012-b9a2c380-f0ff-11ea-860e-b376b4528357.png)
2020-09-09 19:50:16 -04:00
let(:attachments) { { 'testimage.png' => stub(url: 'cid:email/test.png') } }
fab!(:upload) { Fabricate(:upload, original_filename: 'testimage.png', secure: true, sha1: '123456') }
FIX: Ensure oneboxed secure images which are optimized and also lightboxed optimized images are embedded in email (#11061) We had an issue where onebox thumbnail was too large and thus was optimized, and we are using the image URLs in post to redact and re-embed, based on the sha1 in the URL. Optimized image URLs have extra stuff on the end like _99x99 so we were not parsing out the sha1 correctly. Another issue I found was for posts that have giant images, the original was being used to embed in the email and thus would basically never get included because it is huge. For example the URL http://localhost:3000/secure-media-uploads/optimized/2X/7/787b17ea6140f4f022eb7f1509a692f2873cfe35_2_690x335.jpeg was not parsed correctly; we would end up with 787b17ea6140f4f022eb7f1509a692f2873cfe35_2_690x335.jpeg as the sha1 which would not find the image to re-embed that was already attached to the email. This fix will use the first optimized image of the detected upload when we are redacting and then re-embedding to make sure we are not sending giant things in email. Also, I detect if it is a onebox thumbnail or the site icon and force appropriate sizes and styles.
2020-11-01 18:52:21 -05:00
let(:html) { "<a href=\"#{Discourse.base_url}\/secure-media-uploads/original/1X/123456.png\"><img src=\"/secure-media-uploads/original/1X/123456.png\" width=\"20\" height=\"30\"></a>" }
FEATURE: Allow email image embed with secure media (#10563) This PR introduces a few important changes to secure media redaction in emails. First of all, two new site settings have been introduced: * `secure_media_allow_embed_images_in_emails`: If enabled we will embed secure images in emails instead of redacting them. * `secure_media_max_email_embed_image_size_kb`: The cap to the size of the secure image we will embed, defaulting to 1mb, so the email does not become too big. Max is 10mb. Works in tandem with `email_total_attachment_size_limit_kb`. `Email::Sender` will now attach images to the email based on these settings. The sender will also call `inline_secure_images` in `Email::Styles` after secure media is redacted and attachments are added to replace redaction messages with attached images. I went with attachment and `cid` URLs because base64 image support is _still_ flaky in email clients. All redaction of secure media is now handled in `Email::Styles` and calls out to `PrettyText.strip_secure_media` to do the actual stripping and replacing with placeholders. `app/mailers/group_smtp_mailer.rb` and `app/mailers/user_notifications.rb` no longer do any stripping because they are earlier in the pipeline than `Email::Styles`. Finally the redaction notice has been restyled and includes a link to the media that the user can click, which will show it to them if they have the necessary permissions. ![image](https://user-images.githubusercontent.com/920448/92341012-b9a2c380-f0ff-11ea-860e-b376b4528357.png)
2020-09-09 19:50:16 -04:00
def strip_and_inline
# strip out the secure media
styler = Email::Styles.new(html)
styler.format_basic
styler.format_html
html = styler.to_html
# pass in the attachments to match uploads based on sha + original filename
styler = Email::Styles.new(html)
styler.inline_secure_images(attachments)
@frag = Nokogiri::HTML5.fragment(styler.to_s)
end
it "inlines attachments where stripped-secure-media data attr is present" do
strip_and_inline
expect(@frag.to_s).to include("cid:email/test.png")
expect(@frag.css('[data-stripped-secure-media]')).not_to be_present
FIX: persist secure image width and height if is given (#10994) `max-width: 50%; max-height: 400px;` is a good fallback, however, if width and height are given and are smaller than fallback - we should persist that smaller size.
2020-10-21 22:25:09 -04:00
expect(@frag.children.attr('style').value).to eq("width: 20px; height: 30px;")
FEATURE: Allow email image embed with secure media (#10563) This PR introduces a few important changes to secure media redaction in emails. First of all, two new site settings have been introduced: * `secure_media_allow_embed_images_in_emails`: If enabled we will embed secure images in emails instead of redacting them. * `secure_media_max_email_embed_image_size_kb`: The cap to the size of the secure image we will embed, defaulting to 1mb, so the email does not become too big. Max is 10mb. Works in tandem with `email_total_attachment_size_limit_kb`. `Email::Sender` will now attach images to the email based on these settings. The sender will also call `inline_secure_images` in `Email::Styles` after secure media is redacted and attachments are added to replace redaction messages with attached images. I went with attachment and `cid` URLs because base64 image support is _still_ flaky in email clients. All redaction of secure media is now handled in `Email::Styles` and calls out to `PrettyText.strip_secure_media` to do the actual stripping and replacing with placeholders. `app/mailers/group_smtp_mailer.rb` and `app/mailers/user_notifications.rb` no longer do any stripping because they are earlier in the pipeline than `Email::Styles`. Finally the redaction notice has been restyled and includes a link to the media that the user can click, which will show it to them if they have the necessary permissions. ![image](https://user-images.githubusercontent.com/920448/92341012-b9a2c380-f0ff-11ea-860e-b376b4528357.png)
2020-09-09 19:50:16 -04:00
end
it "does not inline anything if the upload cannot be found" do
upload.update(sha1: 'blah12')
strip_and_inline
expect(@frag.to_s).not_to include("cid:email/test.png")
expect(@frag.css('[data-stripped-secure-media]')).to be_present
FIX: Stop secure media URLs being censored too liberally in emails (#8817) For example /t/ URLs were being replaced if they contained secure-media-uploads so if you made a topic called "Secure Media Uploads Are Cool" the View Topic link in the user notifications would be stripped out. Refactored code so this secure URL detection happens in one place.
2020-01-30 01:19:14 -05:00
end
FIX: Ensure oneboxed secure images which are optimized and also lightboxed optimized images are embedded in email (#11061) We had an issue where onebox thumbnail was too large and thus was optimized, and we are using the image URLs in post to redact and re-embed, based on the sha1 in the URL. Optimized image URLs have extra stuff on the end like _99x99 so we were not parsing out the sha1 correctly. Another issue I found was for posts that have giant images, the original was being used to embed in the email and thus would basically never get included because it is huge. For example the URL http://localhost:3000/secure-media-uploads/optimized/2X/7/787b17ea6140f4f022eb7f1509a692f2873cfe35_2_690x335.jpeg was not parsed correctly; we would end up with 787b17ea6140f4f022eb7f1509a692f2873cfe35_2_690x335.jpeg as the sha1 which would not find the image to re-embed that was already attached to the email. This fix will use the first optimized image of the detected upload when we are redacting and then re-embedding to make sure we are not sending giant things in email. Also, I detect if it is a onebox thumbnail or the site icon and force appropriate sizes and styles.
2020-11-01 18:52:21 -05:00
context "when an optimized image is used instead of the original" do
let(:html) { "<a href=\"#{Discourse.base_url}\/secure-media-uploads/optimized/2X/1/123456_2_20x30.png\"><img src=\"/secure-media-uploads/optimized/2X/1/123456_2_20x30.png\" width=\"20\" height=\"30\"></a>" }
it "inlines attachments where the stripped-secure-media data attr is present" do
optimized = Fabricate(:optimized_image, upload: upload, width: 20, height: 30)
strip_and_inline
expect(@frag.to_s).to include("cid:email/test.png")
expect(@frag.css('[data-stripped-secure-media]')).not_to be_present
expect(@frag.children.attr('style').value).to eq("width: 20px; height: 30px;")
end
end
context "when inlining an originally oneboxed image" do
before do
SiteSetting.authorized_extensions = "*"
end
let(:siteicon) { Fabricate(:upload, original_filename: "siteicon.ico") }
let(:attachments) do
{
'testimage.png' => stub(url: 'cid:email/test.png'),
'siteicon.ico' => stub(url: 'cid:email/test2.ico')
}
end
let(:html) do
<<~HTML
<aside class="onebox allowlistedgeneric">
<header class="source">
<img src="#{Discourse.base_url}/secure-media-uploads/original/1X/#{siteicon.sha1}.ico" class="site-icon" width="64" height="64">
<a href="https://test.com/article" target="_blank" rel="noopener" title="02:33PM - 24 October 2020">Test</a>
</header>
<article class="onebox-body">
<div class="aspect-image" style="--aspect-ratio:20/30;"><img src="#{Discourse.base_url}/secure-media-uploads/optimized/2X/1/123456_2_20x30.png" class="thumbnail d-lazyload" width="20" height="30" srcset="#{Discourse.base_url}/secure-media-uploads/optimized/2X/1/123456_2_20x30.png"></div>
<h3><a href="https://test.com/article" target="_blank" rel="noopener">Test</a></h3>
<p>This is a test onebox.</p>
</article>
<div class="onebox-metadata">
</div>
<div style="clear: both"></div>
</aside>
HTML
end
it "keeps the special site icon width and height and onebox styles" do
optimized = Fabricate(:optimized_image, upload: upload, width: 20, height: 30)
strip_and_inline
expect(@frag.to_s).to include("cid:email/test.png")
expect(@frag.to_s).to include("cid:email/test2.ico")
expect(@frag.css('[data-sripped-secure-media]')).not_to be_present
expect(@frag.css('[data-embedded-secure-image]')[0].attr('style')).to eq('width: 16px; height: 16px;')
expect(@frag.css('[data-embedded-secure-image]')[1].attr('style')).to eq('width: 60px; max-height: 80%; max-width: 20%; height: auto; float: left; margin-right: 10px;')
end
FIX: Make secure image onebox check more robust (#11179) When embedding secure images which have been oneboxed, we checked to see if the image's parent's parent had the class onebox-body. This was not always effective as if the image does not get resized/optimized then it does not have the aspect-image div wrapping it. This would cause the image to embed in the email but be huge. This PR changes the check to see if any of the image's ancestors have the class onebox-body, or if the image has the onebox-avatar class to account for variations in HTML structure.
2020-11-09 21:55:18 -05:00
context "when inlining a oneboxed image with a direct parent of onebox-body" do
let(:html) do
<<~HTML
<aside class="onebox allowlistedgeneric">
<header class="source">
<img src="#{Discourse.base_url}/secure-media-uploads/original/1X/#{siteicon.sha1}.ico" class="site-icon" width="64" height="64">
<a href="https://test.com/article" target="_blank" rel="noopener" title="02:33PM - 24 October 2020">Test</a>
</header>
<article class="onebox-body">
<img src="#{Discourse.base_url}/secure-media-uploads/original/1X/123456.png" class="thumbnail onebox-avatar" width="20" height="30">
<h3><a href="https://test.com/article" target="_blank" rel="noopener">Test</a></h3>
<p>This is a test onebox.</p>
</article>
<div class="onebox-metadata">
</div>
<div style="clear: both"></div>
</aside>
HTML
end
it "keeps the special onebox styles" do
strip_and_inline
expect(@frag.to_s).to include("cid:email/test.png")
expect(@frag.to_s).to include("cid:email/test2.ico")
expect(@frag.css('[data-sripped-secure-media]')).not_to be_present
expect(@frag.css('[data-embedded-secure-image]')[1].attr('style')).to eq('width: 60px; max-height: 80%; max-width: 20%; height: auto; float: left; margin-right: 10px;')
end
end
FIX: Ensure oneboxed secure images which are optimized and also lightboxed optimized images are embedded in email (#11061) We had an issue where onebox thumbnail was too large and thus was optimized, and we are using the image URLs in post to redact and re-embed, based on the sha1 in the URL. Optimized image URLs have extra stuff on the end like _99x99 so we were not parsing out the sha1 correctly. Another issue I found was for posts that have giant images, the original was being used to embed in the email and thus would basically never get included because it is huge. For example the URL http://localhost:3000/secure-media-uploads/optimized/2X/7/787b17ea6140f4f022eb7f1509a692f2873cfe35_2_690x335.jpeg was not parsed correctly; we would end up with 787b17ea6140f4f022eb7f1509a692f2873cfe35_2_690x335.jpeg as the sha1 which would not find the image to re-embed that was already attached to the email. This fix will use the first optimized image of the detected upload when we are redacting and then re-embedding to make sure we are not sending giant things in email. Also, I detect if it is a onebox thumbnail or the site icon and force appropriate sizes and styles.
2020-11-01 18:52:21 -05:00
end
FIX: Stop secure media URLs being censored too liberally in emails (#8817) For example /t/ URLs were being replaced if they contained secure-media-uploads so if you made a topic called "Secure Media Uploads Are Cool" the View Topic link in the user notifications would be stripped out. Refactored code so this secure URL detection happens in one place.
2020-01-30 01:19:14 -05:00
end
Better HTML emails, smarter email digests, new email section in admin with digest preview
2013-06-03 16:12:24 -04:00
end