# frozen_string_literal: true require "rails_helper" require "cooked_post_processor" require "file_store/s3_store" describe CookedPostProcessor do fab!(:upload) { Fabricate(:upload) } context "#post_process" do fab!(:post) do Fabricate(:post, raw: <<~RAW) RAW end let(:cpp) { CookedPostProcessor.new(post, disable_loading_image: true) } let(:post_process) { sequence("post_process") } it "post process in sequence" do cpp.expects(:post_process_oneboxes).in_sequence(post_process) cpp.expects(:post_process_images).in_sequence(post_process) cpp.expects(:optimize_urls).in_sequence(post_process) cpp.expects(:pull_hotlinked_images).in_sequence(post_process) cpp.post_process expect(PostUpload.exists?(post: post, upload: upload)).to eq(true) end describe 'when post contains oneboxes and inline oneboxes' do let(:url_hostname) { 'meta.discourse.org' } let(:url) do "https://#{url_hostname}/t/mini-inline-onebox-support-rfc/66400" end let(:not_oneboxed_url) do "https://#{url_hostname}/t/random-url" end let(:title) { 'some title' } let(:post) do Fabricate(:post, raw: <<~RAW) #{url} This is a #{url} with path #{not_oneboxed_url} This is a https://#{url_hostname}/t/another-random-url test This is a #{url} with path #{url} RAW end before do SiteSetting.enable_inline_onebox_on_all_domains = true %i{head get}.each do |method| stub_request(method, url).to_return( status: 200, body: <<~RAW #{title} RAW ) end end after do InlineOneboxer.purge(url) Oneboxer.invalidate(url) end it 'should respect SiteSetting.max_oneboxes_per_post' do SiteSetting.max_oneboxes_per_post = 2 SiteSetting.add_rel_nofollow_to_user_content = false cpp.post_process expect(cpp.html).to have_tag('a', with: { href: url, class: described_class::INLINE_ONEBOX_CSS_CLASS }, text: title, count: 2 ) expect(cpp.html).to have_tag('aside.onebox a', text: title, count: 2) expect(cpp.html).to have_tag('aside.onebox a', text: url_hostname, count: 2 ) expect(cpp.html).to have_tag('a', without: { class: described_class::INLINE_ONEBOX_LOADING_CSS_CLASS }, text: not_oneboxed_url, count: 1 ) expect(cpp.html).to have_tag('a', without: { class: 'onebox' }, text: not_oneboxed_url, count: 1 ) end end describe 'when post contains inline oneboxes' do let(:loading_css_class) do described_class::INLINE_ONEBOX_LOADING_CSS_CLASS end before do SiteSetting.enable_inline_onebox_on_all_domains = true end describe 'internal links' do fab!(:topic) { Fabricate(:topic) } fab!(:post) { Fabricate(:post, raw: "Hello #{topic.url}") } let(:url) { topic.url } it "includes the topic title" do cpp.post_process expect(cpp.html).to have_tag('a', with: { href: UrlHelper.cook_url(url) }, without: { class: loading_css_class }, text: topic.title, count: 1 ) topic.update!(title: "Updated to something else") cpp = CookedPostProcessor.new(post, invalidate_oneboxes: true) cpp.post_process expect(cpp.html).to have_tag('a', with: { href: UrlHelper.cook_url(url) }, without: { class: loading_css_class }, text: topic.title, count: 1 ) end end describe 'external links' do let(:url_with_path) do 'https://meta.discourse.org/t/mini-inline-onebox-support-rfc/66400' end let(:url_with_query_param) do 'https://meta.discourse.org?a' end let(:url_no_path) do 'https://meta.discourse.org/' end let(:urls) do [ url_with_path, url_with_query_param, url_no_path ] end let(:title) { 'some title' } let(:escaped_title) { CGI.escapeHTML(title) } let(:post) do Fabricate(:post, raw: <<~RAW) This is a #{url_with_path} topic This should not be inline #{url_no_path} oneboxed - #{url_with_path} - #{url_with_query_param} RAW end let(:staff_post) do Fabricate(:post, user: Fabricate(:admin), raw: <<~RAW) This is a #{url_with_path} topic RAW end before do urls.each do |url| stub_request(:get, url).to_return( status: 200, body: "#{escaped_title}" ) end end after do urls.each { |url| InlineOneboxer.purge(url) } end it 'should convert the right links to inline oneboxes' do cpp.post_process html = cpp.html expect(html).to_not have_tag('a', with: { href: url_no_path }, without: { class: loading_css_class }, text: title ) expect(html).to have_tag('a', with: { href: url_with_path }, without: { class: loading_css_class }, text: title, count: 2 ) expect(html).to have_tag('a', with: { href: url_with_query_param }, without: { class: loading_css_class }, text: title, count: 1 ) expect(html).to have_tag("a[rel='nofollow noopener']") end it 'removes nofollow if user is staff/tl3' do cpp = CookedPostProcessor.new(staff_post, invalidate_oneboxes: true) cpp.post_process expect(cpp.html).to_not have_tag("a[rel='nofollow noopener']") end end end context "processing images" do before do SiteSetting.responsive_post_image_sizes = "" end context "responsive images" do before { SiteSetting.responsive_post_image_sizes = "1|1.5|3" } it "includes responsive images on demand" do upload.update!(width: 2000, height: 1500, filesize: 10000) post = Fabricate(:post, raw: "hello ") # fake some optimized images OptimizedImage.create!( url: '/uploads/default/666x500.jpg', width: 666, height: 500, upload_id: upload.id, sha1: SecureRandom.hex, extension: '.jpg', filesize: 500, version: OptimizedImage::VERSION ) # fake 3x optimized image, we lose 2 pixels here over original due to rounding on downsize OptimizedImage.create!( url: '/uploads/default/1998x1500.jpg', width: 1998, height: 1500, upload_id: upload.id, sha1: SecureRandom.hex, extension: '.jpg', filesize: 800 ) # Fake a loading image optimized_image = OptimizedImage.create!( url: '/uploads/default/10x10.png', width: CookedPostProcessor::LOADING_SIZE, height: CookedPostProcessor::LOADING_SIZE, upload_id: upload.id, sha1: SecureRandom.hex, extension: '.png', filesize: 123 ) cpp = CookedPostProcessor.new(post) cpp.add_to_size_cache(upload.url, 2000, 1500) cpp.post_process html = cpp.html expect(html).to include(%Q|data-small-upload="//test.localhost/uploads/default/10x10.png"|) # 1.5x is skipped cause we have a missing thumb expect(html).to include('srcset="//test.localhost/uploads/default/666x500.jpg, //test.localhost/uploads/default/1998x1500.jpg 3x"') expect(html).to include('src="//test.localhost/uploads/default/666x500.jpg"') # works with CDN set_cdn_url("http://cdn.localhost") cpp = CookedPostProcessor.new(post) cpp.add_to_size_cache(upload.url, 2000, 1500) cpp.post_process html = cpp.html expect(html).to include(%Q|data-small-upload="//cdn.localhost/uploads/default/10x10.png"|) expect(html).to include('srcset="//cdn.localhost/uploads/default/666x500.jpg, //cdn.localhost/uploads/default/1998x1500.jpg 3x"') expect(html).to include('src="//cdn.localhost/uploads/default/666x500.jpg"') end it "doesn't include response images for cropped images" do upload.update!(width: 200, height: 4000, filesize: 12345) post = Fabricate(:post, raw: "hello ") # fake some optimized images OptimizedImage.create!( url: 'http://a.b.c/200x500.jpg', width: 200, height: 500, upload_id: upload.id, sha1: SecureRandom.hex, extension: '.jpg', filesize: 500 ) cpp = CookedPostProcessor.new(post) cpp.add_to_size_cache(upload.url, 200, 4000) cpp.post_process expect(cpp.html).to_not include('srcset="') end end shared_examples "leave dimensions alone" do it "doesn't use them" do expect(cpp.html).to match(/src="http:\/\/foo.bar\/image.png" width="" height=""/) expect(cpp.html).to match(/src="http:\/\/domain.com\/picture.jpg" width="50" height="42"/) expect(cpp).to be_dirty end end context "with image_sizes" do fab!(:post) { Fabricate(:post_with_image_urls) } let(:cpp) { CookedPostProcessor.new(post, image_sizes: image_sizes) } before do cpp.post_process end context "valid" do let(:image_sizes) { { "http://foo.bar/image.png" => { "width" => 111, "height" => 222 } } } it "uses them" do expect(cpp.html).to match(/src="http:\/\/foo.bar\/image.png" width="111" height="222"/) expect(cpp.html).to match(/src="http:\/\/domain.com\/picture.jpg" width="50" height="42"/) expect(cpp).to be_dirty end end context "invalid width" do let(:image_sizes) { { "http://foo.bar/image.png" => { "width" => 0, "height" => 222 } } } include_examples "leave dimensions alone" end context "invalid height" do let(:image_sizes) { { "http://foo.bar/image.png" => { "width" => 111, "height" => 0 } } } include_examples "leave dimensions alone" end context "invalid width & height" do let(:image_sizes) { { "http://foo.bar/image.png" => { "width" => 0, "height" => 0 } } } include_examples "leave dimensions alone" end end context "with unsized images" do fab!(:post) { Fabricate(:post_with_unsized_images) } let(:cpp) { CookedPostProcessor.new(post) } it "adds the width and height to images that don't have them" do FastImage.expects(:size).returns([123, 456]) cpp.post_process expect(cpp.html).to match(/width="123" height="456"/) expect(cpp).to be_dirty end end context "with large images" do fab!(:post) do Fabricate(:post, raw: <<~HTML) HTML end let(:cpp) { CookedPostProcessor.new(post, disable_loading_image: true) } before do SiteSetting.max_image_height = 2000 SiteSetting.create_thumbnails = true FastImage.expects(:size).returns([1750, 2000]) end it "generates overlay information" do OptimizedImage.expects(:resize).returns(true) FileStore::BaseStore.any_instance.expects(:get_depth_for).returns(0) cpp.post_process expect(cpp.html).to match_html <<~HTML

HTML expect(cpp).to be_dirty end describe 'when image is inside onebox' do let(:url) { 'https://image.com/my-avatar' } let(:post) { Fabricate(:post, raw: url) } before do Oneboxer.stubs(:onebox).with(url, anything).returns("") end it 'should not add lightbox' do cpp.post_process expect(cpp.html).to match_html <<~HTML

HTML end end describe 'when image is an svg' do fab!(:post) do Fabricate(:post, raw: '') end it 'should not add lightbox' do cpp.post_process expect(cpp.html).to match_html <<~HTML

HTML end describe 'when image src is an URL' do let(:post) do Fabricate(:post, raw: '') end it 'should not add lightbox' do SiteSetting.crawl_images = true cpp.post_process expect(cpp.html).to match_html("

") end end end end context "with tall images" do fab!(:post) do Fabricate(:post, raw: <<~HTML) HTML end let(:cpp) { CookedPostProcessor.new(post, disable_loading_image: true) } before do SiteSetting.create_thumbnails = true FastImage.expects(:size).returns([860, 2000]) OptimizedImage.expects(:resize).never OptimizedImage.expects(:crop).returns(true) FileStore::BaseStore.any_instance.expects(:get_depth_for).returns(0) end it "crops the image" do cpp.post_process expect(cpp.html).to match(/width="690" height="500">/) expect(cpp).to be_dirty end end context "with iPhone X screenshots" do fab!(:post) do Fabricate(:post, raw: <<~HTML) HTML end let(:cpp) { CookedPostProcessor.new(post, disable_loading_image: true) } before do SiteSetting.create_thumbnails = true FastImage.expects(:size).returns([1125, 2436]) OptimizedImage.expects(:resize).returns(true) OptimizedImage.expects(:crop).never FileStore::BaseStore.any_instance.expects(:get_depth_for).returns(0) end it "crops the image" do cpp.post_process expect(cpp.html).to match_html <<~HTML

HTML expect(cpp).to be_dirty end end context "with large images when using subfolders" do fab!(:post) do Fabricate(:post, raw: <<~HTML) HTML end let(:cpp) { CookedPostProcessor.new(post, disable_loading_image: true) } let(:base_url) { "http://test.localhost/subfolder" } let(:base_uri) { "/subfolder" } before do SiteSetting.max_image_height = 2000 SiteSetting.create_thumbnails = true Discourse.stubs(:base_url).returns(base_url) Discourse.stubs(:base_uri).returns(base_uri) FastImage.expects(:size).returns([1750, 2000]) OptimizedImage.expects(:resize).returns(true) FileStore::BaseStore.any_instance.expects(:get_depth_for).returns(0) end it "generates overlay information" do cpp.post_process expect(cpp.html). to match_html <<~HTML

HTML expect(cpp).to be_dirty end it "should escape the filename" do upload.update!(original_filename: ">.png") cpp.post_process expect(cpp.html).to match_html <<~HTML

HTML end end context "with title" do fab!(:post) do Fabricate(:post, raw: <<~HTML) HTML end let(:cpp) { CookedPostProcessor.new(post, disable_loading_image: true) } before do SiteSetting.max_image_height = 2000 SiteSetting.create_thumbnails = true FastImage.expects(:size).returns([1750, 2000]) OptimizedImage.expects(:resize).returns(true) FileStore::BaseStore.any_instance.expects(:get_depth_for).returns(0) end it "generates overlay information" do cpp.post_process expect(cpp.html).to match_html <<~HTML

HTML expect(cpp).to be_dirty end end context "topic image" do let(:topic) { build(:topic, id: 1) } let(:post) { Fabricate(:post_with_uploaded_image, topic: topic) } let(:cpp) { CookedPostProcessor.new(post) } it "adds a topic image if there's one in the first post" do FastImage.stubs(:size) expect(post.topic.image_url).to eq(nil) cpp.post_process post.topic.reload expect(post.topic.image_url).to be_present end end context "post image" do let(:reply) { Fabricate(:post_with_uploaded_image, post_number: 2) } let(:cpp) { CookedPostProcessor.new(reply) } it "adds a post image if there's one in the post" do FastImage.stubs(:size) expect(reply.image_url).to eq(nil) cpp.post_process reply.reload expect(reply.image_url).to be_present end end end end context "#extract_images" do let(:post) { build(:post_with_plenty_of_images) } let(:cpp) { CookedPostProcessor.new(post) } it "does not extract emojis or images inside oneboxes or quotes" do expect(cpp.extract_images.length).to eq(0) end end context "#get_size_from_attributes" do let(:post) { build(:post) } let(:cpp) { CookedPostProcessor.new(post) } it "returns the size when width and height are specified" do img = { 'src' => 'http://foo.bar/image3.png', 'width' => 50, 'height' => 70 } expect(cpp.get_size_from_attributes(img)).to eq([50, 70]) end it "returns the size when width and height are floats" do img = { 'src' => 'http://foo.bar/image3.png', 'width' => 50.2, 'height' => 70.1 } expect(cpp.get_size_from_attributes(img)).to eq([50, 70]) end it "resizes when only width is specified" do img = { 'src' => 'http://foo.bar/image3.png', 'width' => 100 } SiteSetting.crawl_images = true FastImage.expects(:size).returns([200, 400]) expect(cpp.get_size_from_attributes(img)).to eq([100, 200]) end it "resizes when only height is specified" do img = { 'src' => 'http://foo.bar/image3.png', 'height' => 100 } SiteSetting.crawl_images = true FastImage.expects(:size).returns([100, 300]) expect(cpp.get_size_from_attributes(img)).to eq([33, 100]) end it "doesn't raise an error with a weird url" do img = { 'src' => nil, 'height' => 100 } SiteSetting.crawl_images = true expect(cpp.get_size_from_attributes(img)).to be_nil end end context "#get_size_from_image_sizes" do let(:post) { build(:post) } let(:cpp) { CookedPostProcessor.new(post) } it "returns the size" do image_sizes = { "http://my.discourse.org/image.png" => { "width" => 111, "height" => 222 } } expect(cpp.get_size_from_image_sizes("/image.png", image_sizes)).to eq([111, 222]) end end context "#get_size" do let(:post) { build(:post) } let(:cpp) { CookedPostProcessor.new(post) } it "ensures urls are absolute" do cpp.expects(:is_valid_image_url?).with("http://test.localhost/relative/url/image.png") cpp.get_size("/relative/url/image.png") end it "ensures urls have a default scheme" do cpp.expects(:is_valid_image_url?).with("http://schemaless.url/image.jpg") cpp.get_size("//schemaless.url/image.jpg") end it "caches the results" do SiteSetting.crawl_images = true FastImage.expects(:size).returns([200, 400]) cpp.get_size("http://foo.bar/image3.png") expect(cpp.get_size("http://foo.bar/image3.png")).to eq([200, 400]) end context "when crawl_images is disabled" do before do SiteSetting.crawl_images = false end it "doesn't call FastImage" do FastImage.expects(:size).never expect(cpp.get_size("http://foo.bar/image1.png")).to eq(nil) end it "is always allowed to crawl our own images" do store = stub store.expects(:has_been_uploaded?).returns(true) Discourse.expects(:store).returns(store) FastImage.expects(:size).returns([100, 200]) expect(cpp.get_size("http://foo.bar/image2.png")).to eq([100, 200]) end it "returns nil if FastImage can't get the original size" do Discourse.store.class.any_instance.expects(:has_been_uploaded?).returns(true) FastImage.expects(:size).returns(nil) expect(cpp.get_size("http://foo.bar/image3.png")).to eq(nil) end end end context "#is_valid_image_url?" do let(:post) { build(:post) } let(:cpp) { CookedPostProcessor.new(post) } it "validates HTTP(s) urls" do expect(cpp.is_valid_image_url?("http://domain.com")).to eq(true) expect(cpp.is_valid_image_url?("https://domain.com")).to eq(true) end it "doesn't validate other urls" do expect(cpp.is_valid_image_url?("ftp://domain.com")).to eq(false) expect(cpp.is_valid_image_url?("ftps://domain.com")).to eq(false) expect(cpp.is_valid_image_url?("/tmp/image.png")).to eq(false) expect(cpp.is_valid_image_url?("//domain.com")).to eq(false) end it "doesn't throw an exception with a bad URI" do expect(cpp.is_valid_image_url?("http://doGANGNAM STYLE") cpp.post_process_oneboxes end it "inserts the onebox without wrapping p" do expect(cpp).to be_dirty expect(cpp.html).to match_html "
GANGNAM STYLE
" end it "replaces downloaded onebox image" do url = 'https://image.com/my-avatar' image_url = 'https://image.com/avatar.png' Oneboxer.stubs(:onebox).with(url, anything).returns("") post = Fabricate(:post, raw: url) upload.update!(url: "https://test.s3.amazonaws.com/something.png") post.custom_fields[Post::DOWNLOADED_IMAGES] = { "//image.com/avatar.png": upload.id } post.save_custom_fields cpp = CookedPostProcessor.new(post, invalidate_oneboxes: true) cpp.post_process_oneboxes expect(cpp.doc.to_s).to eq("

") upload.destroy! cpp = CookedPostProcessor.new(post, invalidate_oneboxes: true) cpp.post_process_oneboxes expect(cpp.doc.to_s).to eq("

") end it "replaces large image placeholder" do url = 'https://image.com/my-avatar' image_url = 'https://image.com/avatar.png' Oneboxer.stubs(:onebox).with(url, anything).returns("") post = Fabricate(:post, raw: url) post.custom_fields[Post::LARGE_IMAGES] = "[\"//image.com/avatar.png\"]" post.save_custom_fields cpp = CookedPostProcessor.new(post, invalidate_oneboxes: true) cpp.post_process expect(cpp.doc.to_s).to match(/
/) end end context "#post_process_oneboxes removes nofollow if add_rel_nofollow_to_user_content is disabled" do let(:post) { build(:post_with_youtube, id: 123) } let(:cpp) { CookedPostProcessor.new(post, invalidate_oneboxes: true) } before do SiteSetting.add_rel_nofollow_to_user_content = false Oneboxer.expects(:onebox) .with("http://www.youtube.com/watch?v=9bZkp7q19f0", invalidate_oneboxes: true, user_id: nil, category_id: post.topic.category_id) .returns('') cpp.post_process_oneboxes end it "removes nofollow noopener from links" do expect(cpp).to be_dirty expect(cpp.html).to match_html '' end end context "#post_process_oneboxes removes nofollow if user is tl3" do let(:post) { build(:post_with_youtube, id: 123) } let(:cpp) { CookedPostProcessor.new(post, invalidate_oneboxes: true) } before do post.user.trust_level = TrustLevel[3] post.user.save! SiteSetting.add_rel_nofollow_to_user_content = true SiteSetting.tl3_links_no_follow = false Oneboxer.expects(:onebox) .with("http://www.youtube.com/watch?v=9bZkp7q19f0", invalidate_oneboxes: true, user_id: nil, category_id: post.topic.category_id) .returns('') cpp.post_process_oneboxes end it "removes nofollow noopener from links" do expect(cpp).to be_dirty expect(cpp.html).to match_html '' end end context "#post_process_oneboxes with oneboxed image" do let(:post) { build(:post_with_youtube, id: 123) } let(:cpp) { CookedPostProcessor.new(post, invalidate_oneboxes: true) } it "applies aspect ratio to container" do Oneboxer.expects(:onebox) .with("http://www.youtube.com/watch?v=9bZkp7q19f0", invalidate_oneboxes: true, user_id: nil, category_id: post.topic.category_id) .returns("
") cpp.post_process_oneboxes expect(cpp.html).to match_html('') end it "applies aspect ratio when wrapped in link" do Oneboxer.expects(:onebox) .with("http://www.youtube.com/watch?v=9bZkp7q19f0", invalidate_oneboxes: true, user_id: nil, category_id: post.topic.category_id) .returns("