From: Claire Date: Fri, 19 Mar 2021 12:57:15 +0000 (+0100) Subject: Merge branch 'main' into glitch-soc/merge-upstream X-Git-Url: https://git.xn--scling-oua.cat.family/?a=commitdiff_plain;h=3ad6ef72cb3a02135a0f395a8a46323e86c4b334;p=mastodon.git Merge branch 'main' into glitch-soc/merge-upstream --- 3ad6ef72cb3a02135a0f395a8a46323e86c4b334 diff --cc Gemfile.lock index 83202b7d7,106c13554..0f32a76b7 --- a/Gemfile.lock +++ b/Gemfile.lock @@@ -490,26 -490,9 +490,10 @@@ GE link_header (~> 0.0, >= 0.0.8) rdf-normalize (0.4.0) rdf (~> 3.1) + redcarpet (3.5.1) redis (4.2.5) - redis-actionpack (5.2.0) - actionpack (>= 5, < 7) - redis-rack (>= 2.1.0, < 3) - redis-store (>= 1.1.0, < 2) - redis-activesupport (5.2.0) - activesupport (>= 3, < 7) - redis-store (>= 1.3, < 2) redis-namespace (1.8.1) redis (>= 3.0.4) - redis-rack (2.1.3) - rack (>= 2.0.8, < 3) - redis-store (>= 1.2, < 2) - redis-rails (5.0.2) - redis-actionpack (>= 5.0, < 6) - redis-activesupport (>= 5.0, < 6) - redis-store (>= 1.2, < 2) - redis-store (1.9.0) - redis (>= 4, < 5) regexp_parser (2.1.1) request_store (1.5.0) rack (>= 1.4) @@@ -789,12 -772,10 +773,11 @@@ DEPENDENCIE rails-i18n (~> 5.1) rails-settings-cached (~> 0.6) rdf-normalize (~> 0.4) + redcarpet (~> 3.5) redis (~> 4.2) redis-namespace (~> 1.8) - redis-rails (~> 5.0) rqrcode (~> 1.2) - rspec-rails (~> 4.1) + rspec-rails (~> 5.0) rspec-sidekiq (~> 3.1) rspec_junit_formatter (~> 0.4) rubocop (~> 1.11) diff --cc app/lib/formatter.rb index 9a3e63d46,2611bcbae..02ebe6f89 --- a/app/lib/formatter.rb +++ b/app/lib/formatter.rb @@@ -1,31 -1,7 +1,30 @@@ # frozen_string_literal: true require 'singleton' - require_relative './sanitize_config' +class HTMLRenderer < Redcarpet::Render::HTML + def block_code(code, language) + "

#{encode(code).gsub("\n", "
")}

" + end + + def autolink(link, link_type) + return link if link_type == :email + Formatter.instance.link_url(link) + rescue Addressable::URI::InvalidURIError, IDN::Idna::IdnaError + encode(link) + end + + private + + def html_entities + @html_entities ||= HTMLEntities.new + end + + def encode(html) + html_entities.encode(html) + end +end + class Formatter include Singleton include RoutingHelper diff --cc spec/lib/sanitize_config_spec.rb index da24f67d6,747d81158..8bcffb2e5 --- a/spec/lib/sanitize_config_spec.rb +++ b/spec/lib/sanitize_config_spec.rb @@@ -1,20 -1,29 +1,19 @@@ # frozen_string_literal: true require 'rails_helper' - require Rails.root.join('app', 'lib', 'sanitize_config.rb') describe Sanitize::Config do - describe '::MASTODON_STRICT' do - subject { Sanitize::Config::MASTODON_STRICT } - - it 'converts h1 to p' do - expect(Sanitize.fragment('

Foo

', subject)).to eq '

Foo

' - end - - it 'converts ul to p' do - expect(Sanitize.fragment('

Check out:

', subject)).to eq '

Check out:

Foo
Bar

' - end - - it 'converts p inside ul' do - expect(Sanitize.fragment('

Foo
Bar
Baz

', subject)).to eq '

Foo
Bar
Baz

' + shared_examples 'common HTML sanitization' do + it 'keeps h1' do + expect(Sanitize.fragment('

Foo

', subject)).to eq '

Foo

' end - it 'converts ul inside ul' do - expect(Sanitize.fragment('

Foo
- Bar
- Baz

', subject)).to eq '

Foo
Bar
Baz

' + it 'keeps ul' do + expect(Sanitize.fragment('

Check out:

', subject)).to eq '

Check out:

' end - it 'keep links in lists' do - expect(Sanitize.fragment('

Check out:

joinmastodon.org
Bar

', subject)).to eq '

Check out:

joinmastodon.org
Bar

' + it 'keeps start and reversed attributes of ol' do + expect(Sanitize.fragment('

Check out:

', subject)).to eq '

Check out:

' end it 'removes a without href' do