# frozen_string_literal: true require 'rails_helper' RSpec.describe Sanitize::Config do shared_examples 'common HTML sanitization' do it 'keeps h1' do expect(Sanitize.fragment('
Check out:
Check out:
Check out:
Check out:
明日
', subject)).to eq '明日
' end it 'removes a without href' do expect(Sanitize.fragment('Test', subject)).to eq 'Test' end it 'removes a without href and only keeps text content' do expect(Sanitize.fragment('foo&Test', subject)).to eq 'foo&Test' end it 'removes a with unsupported scheme in href' do expect(Sanitize.fragment('Test', subject)).to eq 'Test' end it 'does not re-interpret HTML when removing unsupported links' do expect(Sanitize.fragment('Test<a href="https://example.com">test</a>', subject)).to eq 'Test<a href="https://example.com">test</a>' end it 'keeps a with href' do expect(Sanitize.fragment('Test', subject)).to eq 'Test' end it 'keeps a with translate="no"' do expect(Sanitize.fragment('Test', subject)).to eq 'Test' end it 'removes "translate" attribute with invalid value' do expect(Sanitize.fragment('Test', subject)).to eq 'Test' end it 'removes a with unparsable href' do expect(Sanitize.fragment('Test', subject)).to eq 'Test' end it 'keeps a with supported scheme and no host' do expect(Sanitize.fragment('Test', subject)).to eq 'Test' end it 'keeps title in abbr' do expect(Sanitize.fragment('HTML', subject)).to eq 'HTML' end end describe '::MASTODON_OUTGOING' do subject { described_class::MASTODON_OUTGOING } around do |example| original_web_domain = Rails.configuration.x.web_domain example.run Rails.configuration.x.web_domain = original_web_domain end it_behaves_like 'common HTML sanitization' it 'keeps a with href and rel tag, not adding to rel or target if url is local' do Rails.configuration.x.web_domain = 'domain.test' expect(Sanitize.fragment('Test', subject)).to eq 'Test' end end end