diff options
-rw-r--r-- | app/models/project_services/hipchat_service.rb | 17 | ||||
-rw-r--r-- | spec/models/project_services/hipchat_service_spec.rb | 12 |
2 files changed, 17 insertions, 12 deletions
diff --git a/app/models/project_services/hipchat_service.rb b/app/models/project_services/hipchat_service.rb index e7a77070b9f..660a8ae3421 100644 --- a/app/models/project_services/hipchat_service.rb +++ b/app/models/project_services/hipchat_service.rb @@ -2,6 +2,11 @@ class HipchatService < Service include ActionView::Helpers::SanitizeHelper MAX_COMMITS = 3 + HIPCHAT_ALLOWED_TAGS = %w[ + a b i strong em br img pre code + table th tr td caption colgroup col thead tbody tfoot + ul ol li dl dt dd + ] prop_accessor :token, :room, :server, :notify, :color, :api_version boolean_accessor :notify_only_broken_builds @@ -139,10 +144,10 @@ class HipchatService < Service context.merge!(options) - html = Banzai.render(text, context) - html = Banzai.post_process(html, context) + html = Banzai.post_process(Banzai.render(text, context), context) + sanitized_html = sanitize(html, tags: HIPCHAT_ALLOWED_TAGS, attributes: %w[href title alt]) - sanitize html, attributes: %w(href title alt) + sanitized_html.truncate(200, separator: ' ', omission: '...') end def create_issue_message(data) @@ -159,7 +164,7 @@ class HipchatService < Service issue_link = "<a href=\"#{issue_url}\">issue ##{issue_iid}</a>" message = "#{user_name} #{state} #{issue_link} in #{project_link}: <b>#{title}</b>" - message << markdown(description) + message << "<pre>#{markdown(description)}</pre>" message end @@ -179,7 +184,7 @@ class HipchatService < Service message = "#{user_name} #{state} #{merge_request_link} in " \ "#{project_link}: <b>#{title}</b>" - message << markdown(description) + message << "<pre>#{markdown(description)}</pre>" message end @@ -230,7 +235,7 @@ class HipchatService < Service message = "#{user_name} commented on #{subject_html} in #{project_link}: " message << title - message << markdown(note, ref: commit_id) + message << "<pre>#{markdown(note, ref: commit_id)}</pre>" message end diff --git a/spec/models/project_services/hipchat_service_spec.rb b/spec/models/project_services/hipchat_service_spec.rb index 1029b6d2459..2da3a9cb09f 100644 --- a/spec/models/project_services/hipchat_service_spec.rb +++ b/spec/models/project_services/hipchat_service_spec.rb @@ -135,7 +135,7 @@ describe HipchatService, models: true do "<a href=\"#{obj_attr[:url]}\">issue ##{obj_attr["iid"]}</a> in " \ "<a href=\"#{project.web_url}\">#{project_name}</a>: " \ "<b>Awesome issue</b>" \ - "<p><strong>please</strong> fix</p>") + "<pre><strong>please</strong> fix</pre>") end end @@ -159,7 +159,7 @@ describe HipchatService, models: true do "<a href=\"#{obj_attr[:url]}\">merge request !#{obj_attr["iid"]}</a> in " \ "<a href=\"#{project.web_url}\">#{project_name}</a>: " \ "<b>Awesome merge request</b>" \ - "<p><strong>please</strong> fix</p>") + "<pre><strong>please</strong> fix</pre>") end end @@ -190,7 +190,7 @@ describe HipchatService, models: true do "<a href=\"#{obj_attr[:url]}\">commit #{commit_id}</a> in " \ "<a href=\"#{project.web_url}\">#{project_name}</a>: " \ "#{title}" \ - "<p>a comment on a commit</p>") + "<pre>a comment on a commit</pre>") end end @@ -222,7 +222,7 @@ describe HipchatService, models: true do "<a href=\"#{obj_attr[:url]}\">merge request !#{merge_id}</a> in " \ "<a href=\"#{project.web_url}\">#{project_name}</a>: " \ "<b>#{title}</b>" \ - "<p>merge request <strong>note</strong></p>") + "<pre>merge request <strong>note</strong></pre>") end end @@ -247,7 +247,7 @@ describe HipchatService, models: true do "<a href=\"#{obj_attr[:url]}\">issue ##{issue_id}</a> in " \ "<a href=\"#{project.web_url}\">#{project_name}</a>: " \ "<b>#{title}</b>" \ - "<p>issue <strong>note</strong></p>") + "<pre>issue <strong>note</strong></pre>") end end @@ -275,7 +275,7 @@ describe HipchatService, models: true do "<a href=\"#{obj_attr[:url]}\">snippet ##{snippet_id}</a> in " \ "<a href=\"#{project.web_url}\">#{project_name}</a>: " \ "<b>#{title}</b>" \ - "<p>snippet note</p>") + "<pre>snippet note</pre>") end end end |