diff options
author | Sean McGivern <sean@mcgivern.me.uk> | 2016-10-18 20:49:51 +0000 |
---|---|---|
committer | Sean McGivern <sean@mcgivern.me.uk> | 2016-10-18 20:49:51 +0000 |
commit | 95f7d6bcbdb55aaf96edcd672362ae0f99836420 (patch) | |
tree | 9143f1b8068a74d53b5c9b1b1a2d425772e64e25 /spec | |
parent | 2c00d00ec1c39dbea0e0e54265027b5476b78e3c (diff) | |
parent | 3db585d27c005397aab3fa05cbe77853bc1019be (diff) | |
download | gitlab-ce-95f7d6bcbdb55aaf96edcd672362ae0f99836420.tar.gz |
Merge branch '22782-external-link-filter-with-non-lowercase-scheme' into 'master'
Add Nofollow for uppercased external url protocols
Closes #22782
See merge request !6820
Diffstat (limited to 'spec')
-rw-r--r-- | spec/lib/banzai/filter/external_link_filter_spec.rb | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/spec/lib/banzai/filter/external_link_filter_spec.rb b/spec/lib/banzai/filter/external_link_filter_spec.rb index 695a5bc6fd4..167397c736b 100644 --- a/spec/lib/banzai/filter/external_link_filter_spec.rb +++ b/spec/lib/banzai/filter/external_link_filter_spec.rb @@ -46,4 +46,38 @@ describe Banzai::Filter::ExternalLinkFilter, lib: true do expect(doc.at_css('a')['rel']).to include 'noreferrer' end end + + context 'for non-lowercase scheme links' do + let(:doc_with_http) { filter %q(<p><a href="httP://google.com/">Google</a></p>) } + let(:doc_with_https) { filter %q(<p><a href="hTTpS://google.com/">Google</a></p>) } + + it 'adds rel="nofollow" to external links' do + expect(doc_with_http.at_css('a')).to have_attribute('rel') + expect(doc_with_https.at_css('a')).to have_attribute('rel') + + expect(doc_with_http.at_css('a')['rel']).to include 'nofollow' + expect(doc_with_https.at_css('a')['rel']).to include 'nofollow' + end + + it 'adds rel="noreferrer" to external links' do + expect(doc_with_http.at_css('a')).to have_attribute('rel') + expect(doc_with_https.at_css('a')).to have_attribute('rel') + + expect(doc_with_http.at_css('a')['rel']).to include 'noreferrer' + expect(doc_with_https.at_css('a')['rel']).to include 'noreferrer' + end + + it 'skips internal links' do + internal_link = Gitlab.config.gitlab.url + "/sign_in" + url = internal_link.gsub(/\Ahttp/, 'HtTp') + act = %Q(<a href="#{url}">Login</a>) + exp = %Q(<a href="#{internal_link}">Login</a>) + expect(filter(act).to_html).to eq(exp) + end + + it 'skips relative links' do + exp = act = %q(<a href="http_spec/foo.rb">Relative URL</a>) + expect(filter(act).to_html).to eq(exp) + end + end end |