alert('XSS is evil')
\n" end it 'strips onClick handlers from links' do omghax = '[XSS](http://joindiaspora.com/" onClick="$\(\'a\'\).remove\(\))' markdownify(omghax).should_not match(/ onClick/i) end end it 'does not barf if message is nil' do markdownify(nil).should == '' end it 'autolinks standard url links' do markdownified = markdownify("http://joindiaspora.com/") doc = Nokogiri.parse(markdownified) link = doc.css("a") link.attr("href").value.should == "http://joindiaspora.com/" end context 'when formatting status messages' do it "should leave tags intact" do message = Factory.create(:status_message, :author => alice.person, :text => "I love #markdown") formatted = markdownify(message) formatted.should =~ %r{#markdown} end it 'should leave multi-underscore tags intact' do message = Factory.create( :status_message, :author => alice.person, :text => "Here is a #multi_word tag" ) formatted = markdownify(message) formatted.should =~ %r{Here is a #multi_word tag} message = Factory.create( :status_message, :author => alice.person, :text => "Here is a #multi_word_tag yo" ) formatted = markdownify(message) formatted.should =~ %r{Here is a #multi_word_tag yo} end it "should leave mentions intact" do message = Factory.create(:status_message, :author => alice.person, :text => "Hey @{Bob; #{bob.diaspora_handle}}!") formatted = markdownify(message) formatted.should =~ /hovercard/ end it "should leave mentions intact for real diaspora handles" do new_person = Factory(:person, :diaspora_handle => 'maxwell@joindiaspora.com') message = Factory.create(:status_message, :author => alice.person, :text => "Hey @{maxwell@joindiaspora.com; #{new_person.diaspora_handle}}!") formatted = markdownify(message) formatted.should =~ /hovercard/ end it 'should process text with both a hashtag and a link' do message = Factory.create(:status_message, :author => alice.person, :text => "Test #tag?\nhttps://joindiaspora.com\n") formatted = markdownify(message) formatted.should == %{Test #tag?
\nhttps://joindiaspora.com