Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

FIX: Replace Vimeo iframes with a link in emails (#11443) 

This was implemented before, but it was not tested and broke at some
point (probably Nokogiri update).
This commit is contained in:
Bianca Nenciu 2020-12-09 14:58:36 +02:00 committed by GitHub
parent 17fcdd60c1
commit 8ff9cdf390
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/pretty_text.rb
View File

@ -401,7 +401,7 @@ module PrettyText
vimeo_id = iframe['src'].split('/').last
vimeo_url = "https://vimeo.com/#{vimeo_id}"
end
iframe.replace "<p><a href='#{vimeo_url}'>#{vimeo_url}</a></p>"
iframe.replace Nokogiri::HTML5.fragment("<p><a href='#{vimeo_url}'>#{vimeo_url}</a></p>")
end
end

17
spec/components/pretty_text_spec.rb
View File

@ -900,6 +900,23 @@ describe PrettyText do
expect(PrettyText.format_for_email(html, post)).to match(Regexp.escape("https://vimeo.com/329875646/%3E%20%3Cscript%3Ealert(1)%3C/script%3E"))
end
describe "#convert_vimeo_iframes" do
it "converts <iframe> to <a>" do
html = <<~HTML
<p>This is a Vimeo link:</p>
<iframe width="640" height="360" src="https://player.vimeo.com/video/1" data-original-href="https://vimeo.com/1" frameborder="0" allowfullscreen="" seamless="seamless" sandbox="allow-same-origin allow-scripts allow-forms allow-popups allow-popups-to-escape-sandbox allow-presentation"></iframe>
HTML
md = PrettyText.format_for_email(html, post)
expect(md).not_to include('<iframe')
expect(md).to match_html(<<~HTML)
<p>This is a Vimeo link:</p>
<p><a href="https://vimeo.com/1">https://vimeo.com/1</a></p>
HTML
end
end
describe "#strip_secure_media" do
before do
setup_s3