mirror of
https://github.com/superseriousbusiness/gotosocial.git
synced 2025-01-13 01:35:36 +00:00
Fix image description unnecessarily html-escaping innocent characters (#321)
* implement SanitizeCaption function * tidy up text test setup
This commit is contained in:
parent
1ded58b34b
commit
24f9e11221
9 changed files with 138 additions and 105 deletions
|
@ -56,7 +56,7 @@ func (p *processor) Create(ctx context.Context, account *gtsmodel.Account, form
|
||||||
CreatedAt: time.Now(),
|
CreatedAt: time.Now(),
|
||||||
UpdatedAt: time.Now(),
|
UpdatedAt: time.Now(),
|
||||||
AccountID: account.ID,
|
AccountID: account.ID,
|
||||||
Description: text.RemoveHTML(form.Description),
|
Description: text.SanitizeCaption(form.Description),
|
||||||
FileMeta: gtsmodel.FileMeta{
|
FileMeta: gtsmodel.FileMeta{
|
||||||
Focus: gtsmodel.Focus{
|
Focus: gtsmodel.Focus{
|
||||||
X: focusx,
|
X: focusx,
|
||||||
|
|
|
@ -45,7 +45,7 @@ func (p *processor) Update(ctx context.Context, account *gtsmodel.Account, media
|
||||||
}
|
}
|
||||||
|
|
||||||
if form.Description != nil {
|
if form.Description != nil {
|
||||||
attachment.Description = text.RemoveHTML(*form.Description)
|
attachment.Description = text.SanitizeCaption(*form.Description)
|
||||||
if err := p.db.UpdateByPrimaryKey(ctx, attachment); err != nil {
|
if err := p.db.UpdateByPrimaryKey(ctx, attachment); err != nil {
|
||||||
return nil, gtserror.NewErrorInternalError(fmt.Errorf("database error updating description: %s", err))
|
return nil, gtserror.NewErrorInternalError(fmt.Errorf("database error updating description: %s", err))
|
||||||
}
|
}
|
||||||
|
|
29
internal/text/caption.go
Normal file
29
internal/text/caption.go
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
/*
|
||||||
|
GoToSocial
|
||||||
|
Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU Affero General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU Affero General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU Affero General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package text
|
||||||
|
|
||||||
|
// SanitizeCaption runs image captions (or indeed any plain text) through basic sanitization.
|
||||||
|
// It returns plain text rather than HTML, in contrast to other functions in this package.
|
||||||
|
func SanitizeCaption(in string) string {
|
||||||
|
content := preformat(in)
|
||||||
|
|
||||||
|
content = RemoveHTML(content)
|
||||||
|
|
||||||
|
return postformat(content)
|
||||||
|
}
|
82
internal/text/caption_test.go
Normal file
82
internal/text/caption_test.go
Normal file
|
@ -0,0 +1,82 @@
|
||||||
|
/*
|
||||||
|
GoToSocial
|
||||||
|
Copyright (C) 2021 GoToSocial Authors admin@gotosocial.org
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU Affero General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU Affero General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU Affero General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package text_test
|
||||||
|
|
||||||
|
import (
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/stretchr/testify/suite"
|
||||||
|
"github.com/superseriousbusiness/gotosocial/internal/text"
|
||||||
|
)
|
||||||
|
|
||||||
|
type CaptionTestSuite struct {
|
||||||
|
suite.Suite
|
||||||
|
}
|
||||||
|
|
||||||
|
func (suite *CaptionTestSuite) TestSanitizeCaption1() {
|
||||||
|
dodgyCaption := "<script>console.log('haha!')</script>this is just a normal caption ;)"
|
||||||
|
sanitized := text.SanitizeCaption(dodgyCaption)
|
||||||
|
suite.Equal("this is just a normal caption ;)", sanitized)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (suite *CaptionTestSuite) TestSanitizeCaption2() {
|
||||||
|
dodgyCaption := "<em>here's a LOUD caption</em>"
|
||||||
|
sanitized := text.SanitizeCaption(dodgyCaption)
|
||||||
|
suite.Equal("here's a LOUD caption", sanitized)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (suite *CaptionTestSuite) TestSanitizeCaption3() {
|
||||||
|
dodgyCaption := ""
|
||||||
|
sanitized := text.SanitizeCaption(dodgyCaption)
|
||||||
|
suite.Equal("", sanitized)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (suite *CaptionTestSuite) TestSanitizeCaption4() {
|
||||||
|
dodgyCaption := `
|
||||||
|
|
||||||
|
|
||||||
|
here is
|
||||||
|
a multi line
|
||||||
|
caption
|
||||||
|
with some newlines
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
`
|
||||||
|
sanitized := text.SanitizeCaption(dodgyCaption)
|
||||||
|
suite.Equal("here is\na multi line\ncaption\nwith some newlines", sanitized)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (suite *CaptionTestSuite) TestSanitizeCaption5() {
|
||||||
|
// html-escaped: "<script>console.log('aha!')</script> hello world"
|
||||||
|
dodgyCaption := `<script>console.log('aha!')</script> hello world`
|
||||||
|
sanitized := text.SanitizeCaption(dodgyCaption)
|
||||||
|
suite.Equal("hello world", sanitized)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (suite *CaptionTestSuite) TestSanitizeCaption6() {
|
||||||
|
// html-encoded: "<script>console.log('aha!')</script> hello world"
|
||||||
|
dodgyCaption := `<script>console.log('aha!')</script> hello world`
|
||||||
|
sanitized := text.SanitizeCaption(dodgyCaption)
|
||||||
|
suite.Equal("hello world", sanitized)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestCaptionTestSuite(t *testing.T) {
|
||||||
|
suite.Run(t, new(CaptionTestSuite))
|
||||||
|
}
|
|
@ -25,8 +25,6 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/suite"
|
"github.com/stretchr/testify/suite"
|
||||||
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
||||||
"github.com/superseriousbusiness/gotosocial/internal/text"
|
|
||||||
"github.com/superseriousbusiness/gotosocial/testrig"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -74,30 +72,6 @@ type CommonTestSuite struct {
|
||||||
TextStandardTestSuite
|
TextStandardTestSuite
|
||||||
}
|
}
|
||||||
|
|
||||||
func (suite *CommonTestSuite) SetupSuite() {
|
|
||||||
suite.testTokens = testrig.NewTestTokens()
|
|
||||||
suite.testClients = testrig.NewTestClients()
|
|
||||||
suite.testApplications = testrig.NewTestApplications()
|
|
||||||
suite.testUsers = testrig.NewTestUsers()
|
|
||||||
suite.testAccounts = testrig.NewTestAccounts()
|
|
||||||
suite.testAttachments = testrig.NewTestAttachments()
|
|
||||||
suite.testStatuses = testrig.NewTestStatuses()
|
|
||||||
suite.testTags = testrig.NewTestTags()
|
|
||||||
suite.testMentions = testrig.NewTestMentions()
|
|
||||||
}
|
|
||||||
|
|
||||||
func (suite *CommonTestSuite) SetupTest() {
|
|
||||||
suite.config = testrig.NewTestConfig()
|
|
||||||
suite.db = testrig.NewTestDB()
|
|
||||||
suite.formatter = text.NewFormatter(suite.config, suite.db)
|
|
||||||
|
|
||||||
testrig.StandardDBSetup(suite.db, nil)
|
|
||||||
}
|
|
||||||
|
|
||||||
func (suite *CommonTestSuite) TearDownTest() {
|
|
||||||
testrig.StandardDBTeardown(suite.db)
|
|
||||||
}
|
|
||||||
|
|
||||||
func (suite *CommonTestSuite) TestReplaceMentions() {
|
func (suite *CommonTestSuite) TestReplaceMentions() {
|
||||||
foundMentions := []*gtsmodel.Mention{
|
foundMentions := []*gtsmodel.Mention{
|
||||||
suite.testMentions["zork_mention_foss_satan"],
|
suite.testMentions["zork_mention_foss_satan"],
|
||||||
|
|
|
@ -24,9 +24,9 @@ import (
|
||||||
"github.com/superseriousbusiness/gotosocial/internal/db"
|
"github.com/superseriousbusiness/gotosocial/internal/db"
|
||||||
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
||||||
"github.com/superseriousbusiness/gotosocial/internal/text"
|
"github.com/superseriousbusiness/gotosocial/internal/text"
|
||||||
|
"github.com/superseriousbusiness/gotosocial/testrig"
|
||||||
)
|
)
|
||||||
|
|
||||||
// nolint
|
|
||||||
type TextStandardTestSuite struct {
|
type TextStandardTestSuite struct {
|
||||||
// standard suite interfaces
|
// standard suite interfaces
|
||||||
suite.Suite
|
suite.Suite
|
||||||
|
@ -47,3 +47,27 @@ type TextStandardTestSuite struct {
|
||||||
// module being tested
|
// module being tested
|
||||||
formatter text.Formatter
|
formatter text.Formatter
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (suite *TextStandardTestSuite) SetupSuite() {
|
||||||
|
suite.testTokens = testrig.NewTestTokens()
|
||||||
|
suite.testClients = testrig.NewTestClients()
|
||||||
|
suite.testApplications = testrig.NewTestApplications()
|
||||||
|
suite.testUsers = testrig.NewTestUsers()
|
||||||
|
suite.testAccounts = testrig.NewTestAccounts()
|
||||||
|
suite.testAttachments = testrig.NewTestAttachments()
|
||||||
|
suite.testStatuses = testrig.NewTestStatuses()
|
||||||
|
suite.testTags = testrig.NewTestTags()
|
||||||
|
suite.testMentions = testrig.NewTestMentions()
|
||||||
|
}
|
||||||
|
|
||||||
|
func (suite *TextStandardTestSuite) SetupTest() {
|
||||||
|
suite.config = testrig.NewTestConfig()
|
||||||
|
suite.db = testrig.NewTestDB()
|
||||||
|
suite.formatter = text.NewFormatter(suite.config, suite.db)
|
||||||
|
|
||||||
|
testrig.StandardDBSetup(suite.db, nil)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (suite *TextStandardTestSuite) TearDownTest() {
|
||||||
|
testrig.StandardDBTeardown(suite.db)
|
||||||
|
}
|
||||||
|
|
|
@ -25,7 +25,6 @@ import (
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
"github.com/stretchr/testify/suite"
|
"github.com/stretchr/testify/suite"
|
||||||
"github.com/superseriousbusiness/gotosocial/internal/text"
|
"github.com/superseriousbusiness/gotosocial/internal/text"
|
||||||
"github.com/superseriousbusiness/gotosocial/testrig"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const text1 = `
|
const text1 = `
|
||||||
|
@ -70,29 +69,6 @@ type LinkTestSuite struct {
|
||||||
TextStandardTestSuite
|
TextStandardTestSuite
|
||||||
}
|
}
|
||||||
|
|
||||||
func (suite *LinkTestSuite) SetupSuite() {
|
|
||||||
suite.testTokens = testrig.NewTestTokens()
|
|
||||||
suite.testClients = testrig.NewTestClients()
|
|
||||||
suite.testApplications = testrig.NewTestApplications()
|
|
||||||
suite.testUsers = testrig.NewTestUsers()
|
|
||||||
suite.testAccounts = testrig.NewTestAccounts()
|
|
||||||
suite.testAttachments = testrig.NewTestAttachments()
|
|
||||||
suite.testStatuses = testrig.NewTestStatuses()
|
|
||||||
suite.testTags = testrig.NewTestTags()
|
|
||||||
}
|
|
||||||
|
|
||||||
func (suite *LinkTestSuite) SetupTest() {
|
|
||||||
suite.config = testrig.NewTestConfig()
|
|
||||||
suite.db = testrig.NewTestDB()
|
|
||||||
suite.formatter = text.NewFormatter(suite.config, suite.db)
|
|
||||||
|
|
||||||
testrig.StandardDBSetup(suite.db, nil)
|
|
||||||
}
|
|
||||||
|
|
||||||
func (suite *LinkTestSuite) TearDownTest() {
|
|
||||||
testrig.StandardDBTeardown(suite.db)
|
|
||||||
}
|
|
||||||
|
|
||||||
func (suite *LinkTestSuite) TestParseSimple() {
|
func (suite *LinkTestSuite) TestParseSimple() {
|
||||||
f := suite.formatter.FromPlain(context.Background(), simple, nil, nil)
|
f := suite.formatter.FromPlain(context.Background(), simple, nil, nil)
|
||||||
assert.Equal(suite.T(), simpleExpected, f)
|
assert.Equal(suite.T(), simpleExpected, f)
|
||||||
|
|
|
@ -25,8 +25,6 @@ import (
|
||||||
|
|
||||||
"github.com/stretchr/testify/suite"
|
"github.com/stretchr/testify/suite"
|
||||||
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
||||||
"github.com/superseriousbusiness/gotosocial/internal/text"
|
|
||||||
"github.com/superseriousbusiness/gotosocial/testrig"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -67,30 +65,6 @@ type MarkdownTestSuite struct {
|
||||||
TextStandardTestSuite
|
TextStandardTestSuite
|
||||||
}
|
}
|
||||||
|
|
||||||
func (suite *MarkdownTestSuite) SetupSuite() {
|
|
||||||
suite.testTokens = testrig.NewTestTokens()
|
|
||||||
suite.testClients = testrig.NewTestClients()
|
|
||||||
suite.testApplications = testrig.NewTestApplications()
|
|
||||||
suite.testUsers = testrig.NewTestUsers()
|
|
||||||
suite.testAccounts = testrig.NewTestAccounts()
|
|
||||||
suite.testAttachments = testrig.NewTestAttachments()
|
|
||||||
suite.testStatuses = testrig.NewTestStatuses()
|
|
||||||
suite.testTags = testrig.NewTestTags()
|
|
||||||
suite.testMentions = testrig.NewTestMentions()
|
|
||||||
}
|
|
||||||
|
|
||||||
func (suite *MarkdownTestSuite) SetupTest() {
|
|
||||||
suite.config = testrig.NewTestConfig()
|
|
||||||
suite.db = testrig.NewTestDB()
|
|
||||||
suite.formatter = text.NewFormatter(suite.config, suite.db)
|
|
||||||
|
|
||||||
testrig.StandardDBSetup(suite.db, suite.testAccounts)
|
|
||||||
}
|
|
||||||
|
|
||||||
func (suite *MarkdownTestSuite) TearDownTest() {
|
|
||||||
testrig.StandardDBTeardown(suite.db)
|
|
||||||
}
|
|
||||||
|
|
||||||
func (suite *MarkdownTestSuite) TestParseSimple() {
|
func (suite *MarkdownTestSuite) TestParseSimple() {
|
||||||
s := suite.formatter.FromMarkdown(context.Background(), simpleMarkdown, nil, nil)
|
s := suite.formatter.FromMarkdown(context.Background(), simpleMarkdown, nil, nil)
|
||||||
suite.Equal(simpleMarkdownExpected, s)
|
suite.Equal(simpleMarkdownExpected, s)
|
||||||
|
|
|
@ -26,8 +26,6 @@ import (
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
"github.com/stretchr/testify/suite"
|
"github.com/stretchr/testify/suite"
|
||||||
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
||||||
"github.com/superseriousbusiness/gotosocial/internal/text"
|
|
||||||
"github.com/superseriousbusiness/gotosocial/testrig"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -49,30 +47,6 @@ type PlainTestSuite struct {
|
||||||
TextStandardTestSuite
|
TextStandardTestSuite
|
||||||
}
|
}
|
||||||
|
|
||||||
func (suite *PlainTestSuite) SetupSuite() {
|
|
||||||
suite.testTokens = testrig.NewTestTokens()
|
|
||||||
suite.testClients = testrig.NewTestClients()
|
|
||||||
suite.testApplications = testrig.NewTestApplications()
|
|
||||||
suite.testUsers = testrig.NewTestUsers()
|
|
||||||
suite.testAccounts = testrig.NewTestAccounts()
|
|
||||||
suite.testAttachments = testrig.NewTestAttachments()
|
|
||||||
suite.testStatuses = testrig.NewTestStatuses()
|
|
||||||
suite.testTags = testrig.NewTestTags()
|
|
||||||
suite.testMentions = testrig.NewTestMentions()
|
|
||||||
}
|
|
||||||
|
|
||||||
func (suite *PlainTestSuite) SetupTest() {
|
|
||||||
suite.config = testrig.NewTestConfig()
|
|
||||||
suite.db = testrig.NewTestDB()
|
|
||||||
suite.formatter = text.NewFormatter(suite.config, suite.db)
|
|
||||||
|
|
||||||
testrig.StandardDBSetup(suite.db, nil)
|
|
||||||
}
|
|
||||||
|
|
||||||
func (suite *PlainTestSuite) TearDownTest() {
|
|
||||||
testrig.StandardDBTeardown(suite.db)
|
|
||||||
}
|
|
||||||
|
|
||||||
func (suite *PlainTestSuite) TestParseSimple() {
|
func (suite *PlainTestSuite) TestParseSimple() {
|
||||||
f := suite.formatter.FromPlain(context.Background(), simple, nil, nil)
|
f := suite.formatter.FromPlain(context.Background(), simple, nil, nil)
|
||||||
assert.Equal(suite.T(), simpleExpected, f)
|
assert.Equal(suite.T(), simpleExpected, f)
|
||||||
|
|
Loading…
Reference in a new issue