Do some basic escaping.
This commit is contained in:
parent
1af9c77736
commit
83c657afa5
@ -11,7 +11,7 @@ defmodule Pleroma.Web.TwitterAPI.Utils do
|
|||||||
def add_attachments(text, attachments) do
|
def add_attachments(text, attachments) do
|
||||||
attachment_text = Enum.map(attachments, fn
|
attachment_text = Enum.map(attachments, fn
|
||||||
(%{"url" => [%{"href" => href} | _]}) ->
|
(%{"url" => [%{"href" => href} | _]}) ->
|
||||||
"<a href='#{href}' class='attachment'>#{Path.basename(href)}</a>"
|
"<a href=\"#{URI.encode(href)}\" class='attachment'>#{Path.basename(href)}</a>"
|
||||||
_ -> ""
|
_ -> ""
|
||||||
end)
|
end)
|
||||||
Enum.join([text | attachment_text], "<br>\n")
|
Enum.join([text | attachment_text], "<br>\n")
|
||||||
|
@ -34,7 +34,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do
|
|||||||
|
|
||||||
{ :ok, activity = %Activity{} } = TwitterAPI.create_status(user, input)
|
{ :ok, activity = %Activity{} } = TwitterAPI.create_status(user, input)
|
||||||
|
|
||||||
assert get_in(activity.data, ["object", "content"]) == "Hello again, <a href='shp'>@shp</a>.<br>\nThis is on another line. #2hu #epic #phantasmagoric<br>\n<a href='http://example.org/image.jpg' class='attachment'>image.jpg</a>"
|
assert get_in(activity.data, ["object", "content"]) == "Hello again, <a href='shp'>@shp</a>.<br>\nThis is on another line. #2hu #epic #phantasmagoric<br>\n<a href=\"http://example.org/image.jpg\" class='attachment'>image.jpg</a>"
|
||||||
assert get_in(activity.data, ["object", "type"]) == "Note"
|
assert get_in(activity.data, ["object", "type"]) == "Note"
|
||||||
assert get_in(activity.data, ["object", "actor"]) == user.ap_id
|
assert get_in(activity.data, ["object", "actor"]) == user.ap_id
|
||||||
assert get_in(activity.data, ["actor"]) == user.ap_id
|
assert get_in(activity.data, ["actor"]) == user.ap_id
|
||||||
|
14
test/web/twitter_api/twitter_api_utils_test.exs
Normal file
14
test/web/twitter_api/twitter_api_utils_test.exs
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
defmodule Pleroma.Web.TwitterAPI.UtilsTest do
|
||||||
|
alias Pleroma.Web.TwitterAPI.Utils
|
||||||
|
use Pleroma.DataCase
|
||||||
|
|
||||||
|
test "it adds attachment links to a given text and attachment set" do
|
||||||
|
attachment = %{
|
||||||
|
"url" => [%{"href" => "http://heise.de/i\"m a boy.png"}]
|
||||||
|
}
|
||||||
|
|
||||||
|
res = Utils.add_attachments("", [attachment])
|
||||||
|
|
||||||
|
assert res == "<br>\n<a href=\"http://heise.de/i%22m%20a%20boy.png\" class='attachment'>i\"m a boy.png</a>"
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in New Issue
Block a user