Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Post image_count doesn't count favicons and thumbnails in oneboxes, so visitors can post links that get oneboxed

This commit is contained in:
Neil Lalonde 2013-04-11 12:36:45 -04:00
parent e2ff5a1898
commit 36dc5874e5
2 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/models/post.rb
View File

@ -90,7 +90,7 @@ class Post < ActiveRecord::Base
end
def self.white_listed_image_classes
@white_listed_image_classes ||= ['avatar']
@white_listed_image_classes ||= ['avatar', 'favicon', 'thumbnail']
end
def image_count

10
spec/models/post_spec.rb
View File

@ -88,6 +88,8 @@ describe Post do
let(:post_one_image) { Fabricate.build(:post, post_args.merge(raw: "![sherlock](http://bbc.co.uk/sherlock.jpg)", user: visitor)) }
let(:post_two_images) { Fabricate.build(:post, post_args.merge(raw: "<img src='http://discourse.org/logo.png'> <img src='http://bbc.co.uk/sherlock.jpg'>", user: visitor)) }
let(:post_with_avatars) { Fabricate.build(:post, post_args.merge(raw: '<img alt="smiley" title=":smiley:" src="/assets/emoji/smiley.png" class="avatar"> <img alt="wink" title=":wink:" src="/assets/emoji/wink.png" class="avatar">', user: visitor)) }
let(:post_with_favicon) { Fabricate.build(:post, post_args.merge(raw: '<img src="/assets/favicons/wikipedia.png" class="favicon">', user: visitor)) }
let(:post_with_thumbnail) { Fabricate.build(:post, post_args.merge(raw: '<img src="/assets/emoji/smiley.png" class="thumbnail">', user: visitor)) }
let(:post_with_two_classy_images) { Fabricate.build(:post, post_args.merge(raw: "<img src='http://discourse.org/logo.png' class='classy'> <img src='http://bbc.co.uk/sherlock.jpg' class='classy'>", user: visitor)) }
it "returns 0 images for an empty post" do
@ -106,6 +108,14 @@ describe Post do
post_with_avatars.image_count.should == 0
end
it "doesn't count favicons as images" do
post_with_favicon.image_count.should == 0
end
it "doesn't count thumbnails as images" do
post_with_thumbnail.image_count.should == 0
end
it "doesn't count whitelisted images" do
Post.stubs(:white_listed_image_classes).returns(["classy"])
post_with_two_classy_images.image_count.should == 0