Commit 497814cb authored by kaniini's avatar kaniini
Browse files

test: update test for new html scrub policy

parent bd76d9ce
Pipeline #3929 passed with stages
in 5 minutes and 57 seconds
......@@ -26,7 +26,7 @@ test "it adds emoji when updating profiles" do
test "it filters out obviously bad tags when accepting a post as HTML" do
user = insert(:user)
post = "<h1>2hu</h1><script>alert('xss')</script>"
post = "<p><b>2hu</b></p><script>alert('xss')</script>"
{:ok, activity} =
CommonAPI.post(user, %{
......@@ -35,13 +35,13 @@ test "it filters out obviously bad tags when accepting a post as HTML" do
})
content = activity.data["object"]["content"]
assert content == "<h1>2hu</h1>alert('xss')"
assert content == "<p><b>2hu</b></p>alert('xss')"
end
test "it filters out obviously bad tags when accepting a post as Markdown" do
user = insert(:user)
post = "<h1>2hu</h1><script>alert('xss')</script>"
post = "<p><b>2hu</b></p><script>alert('xss')</script>"
{:ok, activity} =
CommonAPI.post(user, %{
......@@ -50,7 +50,7 @@ test "it filters out obviously bad tags when accepting a post as Markdown" do
})
content = activity.data["object"]["content"]
assert content == "<h1>2hu</h1>alert('xss')"
assert content == "<p><b>2hu</b></p>alert('xss')"
end
end
end
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment