require 'rails_helper' require 'pretty_text' require 'html_normalize' describe PrettyText do before do SiteSetting.enable_markdown_typographer = false end def n(html) HtmlNormalize.normalize(html) end def cook(*args) n(PrettyText.cook(*args)) end let(:wrapped_image) { "
" } let(:wrapped_image_excerpt) {} describe "Quoting" do describe "with avatar" do let(:default_avatar) { "//test.localhost/uploads/default/avatars/42d/57c/46ce7ee487/{size}.png" } let(:user) { Fabricate(:user) } before do User.stubs(:default_template).returns(default_avatar) end it "do off topic quoting with emoji unescape" do topic = Fabricate(:topic, title: "this is a test topic :slight_smile:") expected = <<~HTML HTML expect(cook("[quote=\"EvilTrout, post:2, topic:#{topic.id}\"]\nddd\n[/quote]", topic_id: 1)).to eq(n(expected)) end it "indifferent about missing quotations" do md = <<~MD [quote=#{user.username}, post:123, topic:456, full:true] ddd [/quote] MD html = <<~HTML HTML expect(PrettyText.cook(md)).to eq(html.strip) end it "indifferent about curlies and no curlies" do md = <<~MD [quote=“#{user.username}, post:123, topic:456, full:true”] ddd [/quote] MD html = <<~HTML HTML expect(PrettyText.cook(md)).to eq(html.strip) end it "trims spaces on quote params" do md = <<~MD [quote="#{user.username}, post:555, topic: 666"] ddd [/quote] MD html = <<~HTML HTML expect(PrettyText.cook(md)).to eq(html.strip) end end it "can handle inline block bbcode" do cooked = PrettyText.cook("[quote]te **s** t[/quote]") html = <<~HTML HTML expect(cooked).to eq(html.strip) end it "can handle quote edge cases" do expect(PrettyText.cook("[quote]abc\ntest\n[/quote]")).not_to include('aside') expect(PrettyText.cook("[quote] \ntest\n[/quote] ")).to include('aside') expect(PrettyText.cook("a\n[quote]\ntest\n[/quote]\n\n\na")).to include('aside') expect(PrettyText.cook("- a\n[quote]\ntest\n[/quote]\n\n\na")).to include('aside') expect(PrettyText.cook("[quote]\ntest")).not_to include('aside') expect(PrettyText.cook("[quote]\ntest\n[/quote]z")).not_to include('aside') nested = <<~QUOTE [quote] a [quote] b [/quote] c [/quote] QUOTE cooked = PrettyText.cook(nested) expect(cooked.scan('aside').length).to eq(4) expect(cooked.scan('quote]').length).to eq(0) end describe "with letter avatar" do let(:user) { Fabricate(:user) } context "subfolder" do before do GlobalSetting.stubs(:relative_url_root).returns("/forum") Discourse.stubs(:base_uri).returns("/forum") end it "should have correct avatar url" do md = <<~MD [quote="#{user.username}, post:123, topic:456, full:true"] ddd [/quote] MD expect(PrettyText.cook(md)).to include("/forum/letter_avatar_proxy") end end end end describe "Mentions" do it "should handle 3 mentions in a row" do expect(PrettyText.cook('@hello @hello @hello')).to match_html "@hello @hello @hello
" end it "can handle mention edge cases" do expect(PrettyText.cook("hi\n@s")).to eq("hi
\n@s
hi
\n@ss
hi
\n@s.
hi
\n@s.s
hi
\n@.s.s
hi @sam! hi
' expect(PrettyText.cook("hi\n@sam.")).to eq("hi
\n@sam.
@a,@b
') end it "should handle group mentions with a hyphen and without" do expect(PrettyText.cook('@hello @hello-hello')).to match_html "@hello @hello-hello
" end it 'should allow for @mentions to have punctuation' do expect(PrettyText.cook("hello @bob's @bob,@bob; @bob\"")).to match_html( "hello @bob's @bob,@bob; @bob\"
" ) end it 'should not treat a medium link as a mention' do expect(PrettyText.cook(". http://test/@sam")).not_to include('mention') end end describe "code fences" do it 'indents code correctly' do code = <<~MD X ``` # x ``` MD cooked = PrettyText.cook(code) html = <<~HTMLX
#
x
HTML
expect(cooked).to eq(html.strip)
end
it "doesn't replace emoji in code blocks with our emoji sets if emoji is enabled" do
expect(PrettyText.cook("```\n💣`\n```\n")).not_to match(/\:bomb\:/)
end
it 'can include code class correctly' do
# keep in mind spaces should be trimmed per spec
expect(PrettyText.cook("``` ruby the mooby\n`````")).to eq('
')
expect(PrettyText.cook("```cpp\ncpp\n```")).to match_html("cpp\n
")
expect(PrettyText.cook("```\ncpp\n```")).to match_html("cpp\n
")
expect(PrettyText.cook("```text\ncpp\n```")).to match_html("cpp\n
")
end
it 'indents code correctly' do
code = "X\n```\n\n #\n x\n```"
cooked = PrettyText.cook(code)
expect(cooked).to match_html("X
\n\n #\n x\n
")
end
it 'does censor code fences' do
begin
['apple', 'banana'].each { |w| Fabricate(:watched_word, word: w, action: WatchedWord.actions[:censor]) }
expect(PrettyText.cook("# banana")).not_to include('banana')
ensure
$redis.flushall
end
end
end
describe "rel nofollow" do
before do
SiteSetting.add_rel_nofollow_to_user_content = true
SiteSetting.exclude_rel_nofollow_domains = "foo.com|bar.com"
end
it "should inject nofollow in all user provided links" do
expect(PrettyText.cook('cnn')).to match(/nofollow noopener/)
end
it "should not inject nofollow in all local links" do
expect(PrettyText.cook("cnn") !~ /nofollow/).to eq(true)
end
it "should not inject nofollow in all subdomain links" do
expect(PrettyText.cook("cnn") !~ /nofollow/).to eq(true)
end
it "should inject nofollow in all non subdomain links" do
expect(PrettyText.cook("cnn")).to match(/nofollow/)
end
it "should not inject nofollow for foo.com" do
expect(PrettyText.cook("cnn") !~ /nofollow/).to eq(true)
end
it "should inject nofollow for afoo.com" do
expect(PrettyText.cook("cnn")).to match(/nofollow/)
end
it "should not inject nofollow for bar.foo.com" do
expect(PrettyText.cook("cnn") !~ /nofollow/).to eq(true)
end
it "should not inject nofollow if omit_nofollow option is given" do
expect(PrettyText.cook('cnn', omit_nofollow: true) !~ /nofollow/).to eq(true)
end
end
describe "Excerpt" do
it "sanitizes attempts to inject invalid attributes" do
spinner = "", 100)).to eq("[image]")
end
context 'alt tags' do
it "should keep alt tags" do
expect(PrettyText.excerpt("", 100)).to eq("[car]")
end
describe 'when alt tag is empty' do
it "should not keep alt tags" do
expect(PrettyText.excerpt("", 100)).to eq("[#{I18n.t('excerpt_image')}]")
end
end
end
context 'title tags' do
it "should keep title tags" do
expect(PrettyText.excerpt("", 100)).to eq("[car]")
end
describe 'when title tag is empty' do
it "should not keep title tags" do
expect(PrettyText.excerpt("", 100)).to eq("[#{I18n.t('excerpt_image')}]")
end
end
end
it "should convert images to markdown if the option is set" do
expect(PrettyText.excerpt("", 100, markdown_images: true)).to eq("![car](http://cnn.com/a.gif)")
end
it "should keep spoilers" do
expect(PrettyText.excerpt("", 100)).to match_html "[image]"
expect(PrettyText.excerpt("spoiler", 100)).to match_html "spoiler"
end
it "should remove meta informations" do
expect(PrettyText.excerpt(wrapped_image, 100)).to match_html "[image]"
end
end
it "should have an option to strip links" do
expect(PrettyText.excerpt("cnn", 100, strip_links: true)).to eq("cnn")
end
it "should preserve links" do
expect(PrettyText.excerpt("cnn", 100)).to match_html "cnn"
end
it "should deal with special keys properly" do
expect(PrettyText.excerpt("", 100)).to eq("") end it "should truncate stuff properly" do expect(PrettyText.excerpt("hello world", 5)).to eq("hello…") expect(PrettyText.excerpt("
hello
world
", 6)).to eq("hello w…") end it "should insert a space between to Ps" do expect(PrettyText.excerpt("a
b
", 5)).to eq("a b") end it "should strip quotes" do expect(PrettyText.excerpt("boom", 5)).to eq("boom") end it "should not count the surrounds of a link" do expect(PrettyText.excerpt("cnn", 3)).to match_html "cnn" end it "uses an ellipsis instead of html entities if provided with the option" do expect(PrettyText.excerpt("cnn", 2, text_entities: true)).to match_html "cn..." end it "should truncate links" do expect(PrettyText.excerpt("cnn", 2)).to match_html "cn…" end it "doesn't extract empty quotes as links" do expect(PrettyText.extract_links("\n").to_a).to be_empty end it "doesn't extract links from elided parts" do expect(PrettyText.extract_links("<h3>Hours</h3>
", 100)).to eq("<h3>Hours</h3>")
end
it "should handle nil" do
expect(PrettyText.excerpt(nil, 100)).to eq('')
end
it "handles span excerpt at the beginning of a post" do
expect(PrettyText.excerpt("hi test", 100)).to eq('hi')
post = Fabricate(:post, raw: "hi test")
expect(post.excerpt).to eq("hi")
end
it "ignores max excerpt length if a span excerpt is specified" do
two_hundred = "123456789 " * 20 + "."
text = two_hundred + "#{two_hundred}" + two_hundred
expect(PrettyText.excerpt(text, 100)).to eq(two_hundred)
post = Fabricate(:post, raw: text)
expect(post.excerpt).to eq(two_hundred)
end
it "unescapes html entities when we want text entities" do
expect(PrettyText.excerpt("'", 500, text_entities: true)).to eq("'")
end
it "should have an option to preserve emoji images" do
emoji_image = ""
expect(PrettyText.excerpt(emoji_image, 100, keep_emoji_images: true)).to match_html(emoji_image)
end
it "should have an option to remap emoji to code points" do
emoji_image = "I you "
expect(PrettyText.excerpt(emoji_image, 100, remap_emoji: true)).to match_html("I ❤ you :unknown:")
end
it "should have an option to preserve emoji codes" do
emoji_code = ""
expect(PrettyText.excerpt(emoji_code, 100)).to eq(":heart:")
end
context 'option to preserve onebox source' do
it "should return the right excerpt" do
onebox = "\n\n\n"
expected = "meta.discourse.org"
expect(PrettyText.excerpt(onebox, 100, keep_onebox_source: true))
.to eq(expected)
expect(PrettyText.excerpt("#{onebox}\n \n \n \n\n\n #{onebox}", 100, keep_onebox_source: true))
.to eq("#{expected}\n\n#{expected}")
end
it 'should continue to strip quotes' do
expect(PrettyText.excerpt(
"boom", 100, keep_onebox_source: true
)).to eq("boom")
end
end
end
describe "strip links" do
it "returns blank for blank input" do
expect(PrettyText.strip_links("")).to be_blank
end
it "does nothing to a string without links" do
expect(PrettyText.strip_links("I'm the batman")).to eq("I'm the batman")
end
it "strips links but leaves the text content" do
expect(PrettyText.strip_links("I'm the linked batman")).to eq("I'm the linked batman")
end
it "escapes the text content" do
expect(PrettyText.strip_links("I'm the linked <batman>")).to eq("I'm the linked <batman>")
end
end
describe "strip_image_wrapping" do
def strip_image_wrapping(html)
doc = Nokogiri::HTML.fragment(html)
described_class.strip_image_wrapping(doc)
doc.to_html
end
it "doesn't change HTML when there's no wrapped image" do
html = ""
expect(strip_image_wrapping(html)).to eq(html)
end
it "strips the metadata" do
expect(strip_image_wrapping(wrapped_image)).to match_html ""
end
end
describe 'format_for_email' do
let(:base_url) { "http://baseurl.net" }
let(:post) { Fabricate(:post) }
before do
Discourse.stubs(:base_url).returns(base_url)
end
it 'does not crash' do
PrettyText.format_for_email('test', post)
end
it "adds base url to relative links" do
html = "@wiseguy, @trollol what do you guys think?
" output = described_class.format_for_email(html, post) expect(output).to eq("@wiseguy, @trollol what do you guys think?
") end it "doesn't change external absolute links" do html = "Check out this guy.
" expect(described_class.format_for_email(html, post)).to eq(html) end it "doesn't change internal absolute links" do html = "Check out this guy.
" expect(described_class.format_for_email(html, post)).to eq(html) end it "can tolerate invalid URLs" do html = "Check out this guy.
" expect { described_class.format_for_email(html, post) }.to_not raise_error end end it 'Is smart about linebreaks and IMG tags' do raw = <<~MD a a - li ``` test ``` ``` test ``` MD html = <<~HTMLa
a
test
test
HTML
expect(PrettyText.cook(raw)).to eq(html.strip)
end
it 'can substitute s3 cdn correctly' do
SiteSetting.enable_s3_uploads = true
SiteSetting.s3_access_key_id = "XXX"
SiteSetting.s3_secret_access_key = "XXX"
SiteSetting.s3_upload_bucket = "test"
SiteSetting.s3_cdn_url = "https://awesome.cdn"
# add extra img tag to ensure it does not blow up
raw = <<~HTML
HTML
html = <<~HTML
hello
") expect(PrettyText.cook("hello 👩🎤")).to eq("hello
") expect(PrettyText.cook("hello 👩🏾🎓")).to eq("hello
") expect(PrettyText.cook("hello 🤷♀️")).to eq("hello
") end end describe "custom emoji" do it "replaces the custom emoji" do CustomEmoji.create!(name: 'trout', upload: Fabricate(:upload)) Emoji.clear_cache expect(PrettyText.cook("hello :trout:")).to match(/]+trout[^>]+>/) end end describe "censored_pattern site setting" do it "can be cleared if it causes cooking to timeout" do SiteSetting.censored_pattern = "evilregex" described_class.stubs(:markdown).raises(MiniRacer::ScriptTerminatedError) PrettyText.cook("Protect against it plz.") rescue nil expect(SiteSetting.censored_pattern).to be_blank end end it "replaces skin toned emoji" do expect(PrettyText.cook("hello 👱🏿♀️")).to eq("hello
") expect(PrettyText.cook("hello 👩🎤")).to eq("hello
") expect(PrettyText.cook("hello 👩🏾🎓")).to eq("hello
") expect(PrettyText.cook("hello 🤷♀️")).to eq("hello
") end it "should not treat a non emoji as an emoji" do expect(PrettyText.cook(':email,class_name:')).not_to include('emoji') end it "supports href schemes" do SiteSetting.allowed_href_schemes = "macappstore|steam" cooked = cook("[Steam URL Scheme](steam://store/452530)") expected = '' expect(cooked).to eq(n expected) end it "supports forbidden schemes" do SiteSetting.allowed_href_schemes = "macappstore|itunes" cooked = cook("[Steam URL Scheme](steam://store/452530)") expected = '' expect(cooked).to eq(n expected) end it "produces tag links" do Fabricate(:topic, tags: [Fabricate(:tag, name: 'known')]) cooked = PrettyText.cook(" #unknown::tag #known::tag") html = <<~HTML#unknown::tag #known
HTML expect(cooked).to eq(html.strip) cooked = PrettyText.cook("[`a` #known::tag here](http://somesite.com)") html = <<~HTML HTML expect(cooked).to eq(html.strip) cooked = PrettyText.cook("`a` #known::tag here") expect(cooked).to eq(html.strip) cooked = PrettyText.cook("test #known::tag") html = <<~HTML HTML expect(cooked).to eq(html.strip) # ensure it does not fight with the autolinker expect(PrettyText.cook(' http://somewhere.com/#known')).not_to include('hashtag') expect(PrettyText.cook(' http://somewhere.com/?#known')).not_to include('hashtag') expect(PrettyText.cook(' http://somewhere.com/?abc#known')).not_to include('hashtag') end it "can handle mixed lists" do # known bug in old md engine cooked = PrettyText.cook("* a\n\n1. b") expect(cooked).to match_html("1 2
" SiteSetting.traditional_markdown_linebreaks = false expect(PrettyText.cook("1\n2")).to match_html "1
\n2
a,,b
' expect(cooked).to match(expected.strip) end it "can handle emoji by translation" do expected = '' expect(PrettyText.cook(";)")).to eq(expected) end it "can handle multiple emojis by translation" do cooked = PrettyText.cook(":) ;) :)") expect(cooked.split("img").length - 1).to eq(3) end it "handles emoji boundries correctly" do expect(PrettyText.cook(",:)")).to include("emoji") expect(PrettyText.cook(":-)\n")).to include("emoji") expect(PrettyText.cook("a :)")).to include("emoji") expect(PrettyText.cook(":),")).not_to include("emoji") expect(PrettyText.cook("abcde ^:;-P")).to include("emoji") end it 'can censor words correctly' do begin ['apple', 'banana'].each { |w| Fabricate(:watched_word, word: w, action: WatchedWord.actions[:censor]) } expect(PrettyText.cook('yay banana yay')).not_to include('banana') expect(PrettyText.cook('yay `banana` yay')).not_to include('banana') expect(PrettyText.cook("# banana")).not_to include('banana') expect(PrettyText.cook("# banana")).to include("\u25a0\u25a0") ensure $redis.flushall end end it 'supports typographer' do SiteSetting.enable_markdown_typographer = true expect(PrettyText.cook('(tm)')).to eq('™
') SiteSetting.enable_markdown_typographer = false expect(PrettyText.cook('(tm)')).to eq('(tm)
') end it 'handles onebox correctly' do expect(PrettyText.cook("http://a.com\nhttp://b.com").split("onebox").length).to eq(3) expect(PrettyText.cook("http://a.com\n\nhttp://b.com").split("onebox").length).to eq(3) expect(PrettyText.cook("a\nhttp://a.com")).to include('onebox') expect(PrettyText.cook("> http://a.com")).not_to include('onebox') expect(PrettyText.cook("a\nhttp://a.com a")).not_to include('onebox') expect(PrettyText.cook("a\nhttp://a.com\na")).to include('onebox') expect(PrettyText.cook("http://a.com")).to include('onebox') expect(PrettyText.cook("http://a.com ")).to include('onebox') expect(PrettyText.cook("http://a.com a")).not_to include('onebox') expect(PrettyText.cook("- http://a.com")).not_to include('onebox') expect(PrettyText.cook("abc
') expect(PrettyText.cook("a[i]b[/i]c")).to eq('abc
') end it "can onebox local topics" do op = Fabricate(:post) reply = Fabricate(:post, topic_id: op.topic_id) url = Discourse.base_url + reply.url quote = create_post(topic_id: op.topic.id, raw: "This is a sample reply with a quote\n\n#{url}") quote.reload expect(quote.cooked).not_to include('[quote') end it "supports tables" do markdown = <<~MD | Tables | Are | Cool | | ------------- |:-------------:| -----:| | col 3 is | right-aligned | $1600 | MD expected = <<~HTMLTables | Are | Cool |
---|---|---|
col 3 is | right-aligned | $1600 |
Testing codified **stuff** and `more` stuff
codified\n\n\n **stuff** and `more` stuff
"
expect(cooked).to eq(html)
end
it "support special handling for space in urls" do
cooked = PrettyText.cook "http://testing.com?a%20b"
html = ''
expect(cooked).to eq(html)
end
it "supports onebox for decoded urls" do
cooked = PrettyText.cook "http://testing.com?a%50b"
html = ''
expect(cooked).to eq(html)
end
it "should sanitize the html" do
expect(PrettyText.cook("alert(42)
" end it "should not onebox magically linked urls" do expect(PrettyText.cook('[url]site.com[/url]')).not_to include('onebox') end it "should sanitize the html" do expect(PrettyText.cook("hi
")).to eq "hi
" end it "should strip SCRIPT" do expect(PrettyText.cook("")).to eq "" end it "should allow sanitize bypass" do expect(PrettyText.cook("
Hello #{topic.title}
HTML expect(PrettyText.cook(raw)).to eq(cooked.strip) end end end