diff options
| author | Rémy Coutable <remy@rymai.me> | 2016-12-21 18:47:53 +0000 |
|---|---|---|
| committer | Rémy Coutable <remy@rymai.me> | 2016-12-21 18:47:53 +0000 |
| commit | f3f42f7b8f7a9e92af57e2becfc8411dafc31af6 (patch) | |
| tree | 1adbc29dc025583691b7d172aef078d02f8c131e | |
| parent | f33624083c7d46084c35868af66b2f17b331728a (diff) | |
| parent | 15d83f6ae2e3b52a79e761a63c86907a6161acec (diff) | |
| download | gitlab-ce-f3f42f7b8f7a9e92af57e2becfc8411dafc31af6.tar.gz | |
Merge branch '22742-filter-protocol-relative-urls' into 'master'
Filter protocol-relative URLs in ExternalLinkFilter. Fixes issue #22742.
Closes #22742
See merge request !6635
| -rw-r--r-- | changelogs/unreleased/22742-filter-protocol-relative-urls.yml | 4 | ||||
| -rw-r--r-- | lib/banzai/filter/external_link_filter.rb | 2 | ||||
| -rw-r--r-- | spec/lib/banzai/filter/external_link_filter_spec.rb | 14 |
3 files changed, 19 insertions, 1 deletions
diff --git a/changelogs/unreleased/22742-filter-protocol-relative-urls.yml b/changelogs/unreleased/22742-filter-protocol-relative-urls.yml new file mode 100644 index 00000000000..b331f5a4eb5 --- /dev/null +++ b/changelogs/unreleased/22742-filter-protocol-relative-urls.yml @@ -0,0 +1,4 @@ +--- +title: 'Filter protocol-relative URLs in ExternalLinkFilter. Fixes issue #22742' +merge_request: 6635 +author: Makoto Scott-Hinkle diff --git a/lib/banzai/filter/external_link_filter.rb b/lib/banzai/filter/external_link_filter.rb index 2f19b59e725..d67d466bce8 100644 --- a/lib/banzai/filter/external_link_filter.rb +++ b/lib/banzai/filter/external_link_filter.rb @@ -10,7 +10,7 @@ module Banzai node.set_attribute('href', href) end - if href =~ /\Ahttp(s)?:\/\// && external_url?(href) + if href =~ %r{\A(https?:)?//[^/]} && external_url?(href) node.set_attribute('rel', 'nofollow noreferrer') node.set_attribute('target', '_blank') end diff --git a/spec/lib/banzai/filter/external_link_filter_spec.rb b/spec/lib/banzai/filter/external_link_filter_spec.rb index 167397c736b..d9e4525cb28 100644 --- a/spec/lib/banzai/filter/external_link_filter_spec.rb +++ b/spec/lib/banzai/filter/external_link_filter_spec.rb @@ -80,4 +80,18 @@ describe Banzai::Filter::ExternalLinkFilter, lib: true do expect(filter(act).to_html).to eq(exp) end end + + context 'for protocol-relative links' do + let(:doc) { filter %q(<p><a href="//google.com/">Google</a></p>) } + + it 'adds rel="nofollow" to external links' do + expect(doc.at_css('a')).to have_attribute('rel') + expect(doc.at_css('a')['rel']).to include 'nofollow' + end + + it 'adds rel="noreferrer" to external links' do + expect(doc.at_css('a')).to have_attribute('rel') + expect(doc.at_css('a')['rel']).to include 'noreferrer' + end + end end |