link_spec.rb 2.4 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'rails_helper'
  3. RSpec.describe HtmlSanitizer::Scrubber::Link do
  4. let(:scrubber) { described_class.new(web_app_url_prefix: 'http://example') }
  5. describe('#scrubber') do
  6. subject(:actual) { fragment.scrub!(scrubber).to_html }
  7. let(:fragment) { Loofah.fragment(input) }
  8. context 'when url as text' do
  9. let(:input) { 'http://zammad.org' }
  10. let(:target) { '<a href="http://zammad.org" rel="nofollow noreferrer noopener" target="_blank">http://zammad.org</a>' }
  11. it { is_expected.to eq target }
  12. end
  13. context 'when a has no href' do
  14. let(:input) { '<a>link</a>' }
  15. let(:target) { 'link' }
  16. it { is_expected.to eq target }
  17. end
  18. context 'when a has title' do
  19. let(:input) { '<a title="test" href="http://example.org">link</a>' }
  20. let(:target) { '<a title="test" href="http://example.org" rel="nofollow noreferrer noopener">link</a>' }
  21. it { is_expected.to eq target }
  22. end
  23. context 'when a has no title' do
  24. let(:input) { '<a href="http://example.org">link</a>' }
  25. let(:target) { '<a href="http://example.org" rel="nofollow noreferrer noopener" title="http://example.org">link</a>' }
  26. it { is_expected.to eq target }
  27. end
  28. context 'when external URL' do
  29. let(:input) { '<a href="http://not.example.org">link</a>' }
  30. let(:target) { '<a href="http://not.example.org" rel="nofollow noreferrer noopener" target="_blank" title="http://not.example.org">link</a>' }
  31. it { is_expected.to eq target }
  32. end
  33. context 'when URL without protocol' do
  34. let(:input) { '<a href="example.org">link</a>' }
  35. let(:target) { '<a href="example.org">link</a>' }
  36. it { is_expected.to eq target }
  37. end
  38. context 'when URL without protocol and external' do
  39. let(:scrubber) { described_class.new(web_app_url_prefix: 'http://example', external: true) }
  40. let(:input) { '<a href="example.org">link</a>' }
  41. let(:target) { '<a href="http://example.org" rel="nofollow noreferrer noopener" title="http://example.org">link</a>' }
  42. it { is_expected.to eq target }
  43. end
  44. context 'when external URL with tel protocol' do
  45. let(:input) { '<a href="tel:+4930555716000">my telephone number</a>' }
  46. let(:target) { '<a href="tel:+4930555716000">my telephone number</a>' }
  47. it { is_expected.to eq target }
  48. end
  49. end
  50. end