test: update test for new html scrub policy

This commit is contained in:
William Pitcock 2018-10-05 21:11:22 +00:00
parent bd76d9cee6
commit 497814cbbb

View File

@ -26,7 +26,7 @@ test "it adds emoji when updating profiles" do
test "it filters out obviously bad tags when accepting a post as HTML" do
user = insert(:user)
post = "<h1>2hu</h1><script>alert('xss')</script>"
post = "<p><b>2hu</b></p><script>alert('xss')</script>"
{:ok, activity} =
CommonAPI.post(user, %{
@ -35,13 +35,13 @@ test "it filters out obviously bad tags when accepting a post as HTML" do
})
content = activity.data["object"]["content"]
assert content == "<h1>2hu</h1>alert('xss')"
assert content == "<p><b>2hu</b></p>alert('xss')"
end
test "it filters out obviously bad tags when accepting a post as Markdown" do
user = insert(:user)
post = "<h1>2hu</h1><script>alert('xss')</script>"
post = "<p><b>2hu</b></p><script>alert('xss')</script>"
{:ok, activity} =
CommonAPI.post(user, %{
@ -50,7 +50,7 @@ test "it filters out obviously bad tags when accepting a post as Markdown" do
})
content = activity.data["object"]["content"]
assert content == "<h1>2hu</h1>alert('xss')"
assert content == "<p><b>2hu</b></p>alert('xss')"
end
end
end