osr-plastic/osr-discourse-src
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2023-03-18. You can view files and clone it, but cannot push or open issues or pull requests.
d45d9a31ac
osr-discourse-src/app/assets/javascripts/discourse/tests/unit/lib/text-test.js
Bianca Nenciu 3a985c82c7
SECURITY: Correctly render link title in draft preview (#18958) 
The additional unescaping could cause link titles to be rendered
incorrectly.
2022-11-09 15:54:47 +02:00

28 lines
1.1 KiB
JavaScript
Raw Blame History

import { module, test } from "qunit";
import { cookAsync, excerpt } from "discourse/lib/text";
module("Unit | Utility | text", function () {
test("excerpt", async function (assert) {
let cooked = await cookAsync("Hello! :wave:");
assert.strictEqual(
await excerpt(cooked, 300),
'Hello! <img src="/images/emoji/google_classic/wave.png?v=12" title=":wave:" class="emoji" alt=":wave:" loading="lazy" width="20" height="20">'
);
cooked = await cookAsync("[:wave:](https://example.com)");
assert.strictEqual(
await excerpt(cooked, 300),
'<a href="https://example.com"><img src="/images/emoji/google_classic/wave.png?v=12" title=":wave:" class="emoji only-emoji" alt=":wave:" loading="lazy" width="20" height="20"></a>'
);
cooked = await cookAsync('<script>alert("hi")</script>');
assert.strictEqual(await excerpt(cooked, 300), "");
cooked = await cookAsync("[`<script>alert('hi')</script>`]()");
assert.strictEqual(
await excerpt(cooked, 300),
"<a><code>&lt;script&gt;alert('hi')&lt;/script&gt;</code></a>"
);
});
});
Reference in New Issue View Git Blame Copy Permalink