Unescape HTML entities (#24019)

2023-03-08 19:56:41 +01:00 · 2023-03-08 19:56:41 +01:00 · 684a970b3c
commit 684a970b3c
parent 9dfe2dbd3f
2 changed files with 61 additions and 6 deletions
--- a/spec/lib/plain_text_formatter_spec.rb
+++ b/spec/lib/plain_text_formatter_spec.rb
@ -6,7 +6,7 @@ RSpec.describe PlainTextFormatter do
  describe '#to_s' do
    subject { described_class.new(status.text, status.local?).to_s }

-    context 'given a post with local status' do
+    context 'when status is local' do
      let(:status) { Fabricate(:status, text: '<p>a text by a nerd who uses an HTML tag in text</p>', uri: nil) }

      it 'returns the raw text' do
@ -14,12 +14,63 @@ RSpec.describe PlainTextFormatter do
      end
    end

-    context 'given a post with remote status' do
+    context 'when status is remote' do
      let(:remote_account) { Fabricate(:account, domain: 'remote.test', username: 'bob', url: 'https://remote.test/') }
-      let(:status) { Fabricate(:status, account: remote_account, text: '<p>Hello</p><script>alert("Hello")</script>') }

-      it 'returns tag-stripped text' do
-        expect(subject).to eq 'Hello'
+      context 'when text contains inline HTML tags' do
+        let(:status) { Fabricate(:status, account: remote_account, text: '<b>Lorem</b> <em>ipsum</em>') }
+
+        it 'strips the tags' do
+          expect(subject).to eq 'Lorem ipsum'
+        end
+      end
+
+      context 'when text contains <p> tags' do
+        let(:status) { Fabricate(:status, account: remote_account, text: '<p>Lorem</p><p>ipsum</p>') }
+
+        it 'inserts a newline' do
+          expect(subject).to eq "Lorem\nipsum"
+        end
+      end
+
+      context 'when text contains a single <br> tag' do
+        let(:status) { Fabricate(:status, account: remote_account, text: 'Lorem<br>ipsum') }
+
+        it 'inserts a newline' do
+          expect(subject).to eq "Lorem\nipsum"
+        end
+      end
+
+      context 'when text contains consecutive <br> tag' do
+        let(:status) { Fabricate(:status, account: remote_account, text: 'Lorem<br><br><br>ipsum') }
+
+        it 'inserts a single newline' do
+          expect(subject).to eq "Lorem\nipsum"
+        end
+      end
+
+      context 'when text contains HTML entity' do
+        let(:status) { Fabricate(:status, account: remote_account, text: 'Lorem &amp; ipsum &#x2764;') }
+
+        it 'unescapes the entity' do
+          expect(subject).to eq 'Lorem & ipsum ❤'
+        end
+      end
+
+      context 'when text contains <script> tag' do
+        let(:status) { Fabricate(:status, account: remote_account, text: 'Lorem <script> alert("Booh!") </script>ipsum') }
+
+        it 'strips the tag and its contents' do
+          expect(subject).to eq 'Lorem ipsum'
+        end
+      end
+
+      context 'when text contains an HTML comment tags' do
+        let(:status) { Fabricate(:status, account: remote_account, text: 'Lorem <!-- Booh! -->ipsum') }
+
+        it 'strips the comment' do
+          expect(subject).to eq 'Lorem ipsum'
+        end
      end
    end
  end