Home Explore Help
Sign In
RISCI_ATOM
/
mastodon
mirror of https://github.com/tootsuite/mastodon.git
1
0
Fork 0
Files Issues 8 Wiki
Tree: 17445e368e
Branches Tags
mastodon
/
spec
/
views
/
admin
/
trends
/
links
/
_preview_card.html.haml_spec.rb

_preview_card.html.haml_spec.rb 668 B
History Raw

1234567891011121314151617181920 
  1. # frozen_string_literal: true
    2. 

  2. 

  3. require 'rails_helper'
    4. 

  4. 

  5. RSpec.describe 'admin/trends/links/_preview_card.html.haml' do
    6. 

  6.   it 'correctly escapes user supplied url values' do
    7. 

  7.     form = instance_double(ActionView::Helpers::FormHelper, check_box: nil)
    8. 

  8.     trend = PreviewCardTrend.new(allowed: false)
    9. 

  9.     preview_card = Fabricate.build(
    10. 

  10.       :preview_card,
    11. 

  11.       url: 'https://host.example/path?query=<script>',
    12. 

  12.       trend: trend,
    13. 

  13.       title: 'Fun'
    14. 

  14.     )
    15. 

  15. 

  16.     render partial: 'admin/trends/links/preview_card', locals: { preview_card: preview_card, f: form }
    17. 

  17. 

  18.     expect(rendered).to include('<a href="https://host.example/path?query=&lt;script&gt;">Fun</a>')
    19. 

  19.   end
    20. 

  20. end
    21.