1 # Pleroma: A lightweight social networking server
2 # Copyright © 2019 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.ActivityPub.MRF.NormalizeMarkupTest do
7 alias Pleroma.Web.ActivityPub.MRF.NormalizeMarkup
10 <b>this is in bold</b>
11 <p>this is a paragraph</p>
12 this is a linebreak<br />
13 this is a link with allowed "rel" attribute: <a href="http://example.com/" rel="tag">example.com</a>
14 this is a link with not allowed "rel" attribute: <a href="http://example.com/" rel="tag noallowed">example.com</a>
15 this is an image: <img src="http://example.com/image.jpg"><br />
16 <script>alert('hacked')</script>
19 test "it filter html tags" do
21 <b>this is in bold</b>
22 <p>this is a paragraph</p>
23 this is a linebreak<br/>
24 this is a link with allowed "rel" attribute: <a href="http://example.com/" rel="tag">example.com</a>
25 this is a link with not allowed "rel" attribute: <a href="http://example.com/">example.com</a>
26 this is an image: <img src="http://example.com/image.jpg"/><br/>
27 alert('hacked')
30 message = %{"type" => "Create", "object" => %{"content" => @html_sample}}
32 assert {:ok, res} = NormalizeMarkup.filter(message)
33 assert res["object"]["content"] == expected
36 test "it skips filter if type isn't `Create`" do
37 message = %{"type" => "Note", "object" => %{}}
39 assert {:ok, res} = NormalizeMarkup.filter(message)