test: update test for new html scrub policy
This commit is contained in:
parent
bd76d9cee6
commit
497814cbbb
@ -26,7 +26,7 @@ test "it adds emoji when updating profiles" do
|
||||
test "it filters out obviously bad tags when accepting a post as HTML" do
|
||||
user = insert(:user)
|
||||
|
||||
post = "<h1>2hu</h1><script>alert('xss')</script>"
|
||||
post = "<p><b>2hu</b></p><script>alert('xss')</script>"
|
||||
|
||||
{:ok, activity} =
|
||||
CommonAPI.post(user, %{
|
||||
@ -35,13 +35,13 @@ test "it filters out obviously bad tags when accepting a post as HTML" do
|
||||
})
|
||||
|
||||
content = activity.data["object"]["content"]
|
||||
assert content == "<h1>2hu</h1>alert('xss')"
|
||||
assert content == "<p><b>2hu</b></p>alert('xss')"
|
||||
end
|
||||
|
||||
test "it filters out obviously bad tags when accepting a post as Markdown" do
|
||||
user = insert(:user)
|
||||
|
||||
post = "<h1>2hu</h1><script>alert('xss')</script>"
|
||||
post = "<p><b>2hu</b></p><script>alert('xss')</script>"
|
||||
|
||||
{:ok, activity} =
|
||||
CommonAPI.post(user, %{
|
||||
@ -50,7 +50,7 @@ test "it filters out obviously bad tags when accepting a post as Markdown" do
|
||||
})
|
||||
|
||||
content = activity.data["object"]["content"]
|
||||
assert content == "<h1>2hu</h1>alert('xss')"
|
||||
assert content == "<p><b>2hu</b></p>alert('xss')"
|
||||
end
|
||||
end
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user