nickname: "shp@shitposter.club",
name: ":karjalanpiirakka: shp",
bio:
- "<script src=\"invalid-html\"></script><span>valid html</span>. a<br>b<br/>c<br >d<br />f",
+ "<script src=\"invalid-html\"></script><span>valid html</span>. a<br>b<br/>c<br >d<br />f '&<>\"",
inserted_at: ~N[2017-08-15 15:47:06.597036],
emoji: %{"karjalanpiirakka" => "/file.png"}
})
followers_count: 3,
following_count: 0,
statuses_count: 5,
- note: "<span>valid html</span>. a<br/>b<br/>c<br/>d<br/>f",
+ note: "<span>valid html</span>. a<br/>b<br/>c<br/>d<br/>f '&<>"",
url: user.ap_id,
avatar: "http://localhost:4001/images/avi.png",
avatar_static: "http://localhost:4001/images/avi.png",
header_static: "http://localhost:4001/images/banner.png",
emojis: [
%{
- "static_url" => "/file.png",
- "url" => "/file.png",
- "shortcode" => "karjalanpiirakka",
- "visible_in_picker" => false
+ static_url: "/file.png",
+ url: "/file.png",
+ shortcode: "karjalanpiirakka",
+ visible_in_picker: false
}
],
fields: [],
bot: false,
source: %{
- note: "valid html. a\nb\nc\nd\nf",
+ note: "valid html. a\nb\nc\nd\nf '&<>\"",
sensitive: false,
pleroma: %{
actor_type: "Person",
fields: []
},
pleroma: %{
+ ap_id: user.ap_id,
background_image: "https://example.com/images/asuka_hospital.png",
confirmation_pending: false,
tags: [],
test "Represent the user account for the account owner" do
user = insert(:user)
- notification_settings = %Pleroma.User.NotificationSetting{}
+ notification_settings = %{
+ followers: true,
+ follows: true,
+ non_followers: true,
+ non_follows: true,
+ privacy_option: false
+ }
+
privacy = user.default_scope
assert %{
fields: []
},
pleroma: %{
+ ap_id: user.ap_id,
background_image: nil,
confirmation_pending: false,
tags: [],
{:ok, _activity} =
CommonAPI.post(other_user, %{
- "status" => "Hey @#{user.nickname}.",
- "visibility" => "direct"
+ status: "Hey @#{user.nickname}.",
+ visibility: "direct"
})
user = User.get_cached_by_ap_id(user.ap_id)
AccountView.render("show.json", %{user: user, for: user})
end
end
+
+ test "uses mediaproxy urls when it's enabled" do
+ clear_config([:media_proxy, :enabled], true)
+
+ user =
+ insert(:user,
+ avatar: %{"url" => [%{"href" => "https://evil.website/avatar.png"}]},
+ banner: %{"url" => [%{"href" => "https://evil.website/banner.png"}]},
+ emoji: %{"joker_smile" => "https://evil.website/society.png"}
+ )
+
+ AccountView.render("show.json", %{user: user})
+ |> Enum.all?(fn
+ {key, url} when key in [:avatar, :avatar_static, :header, :header_static] ->
+ String.starts_with?(url, Pleroma.Web.base_url())
+
+ {:emojis, emojis} ->
+ Enum.all?(emojis, fn %{url: url, static_url: static_url} ->
+ String.starts_with?(url, Pleroma.Web.base_url()) &&
+ String.starts_with?(static_url, Pleroma.Web.base_url())
+ end)
+
+ _ ->
+ true
+ end)
+ |> assert()
+ end
end