From f2b2614d0a3852259f21f7969a946fb3d8b7e96d Mon Sep 17 00:00:00 2001 From: Claire Date: Mon, 11 Apr 2022 08:40:18 +0200 Subject: [PATCH] Fix link sanitization for outgoing text/html and text/markdown toots Fixes #1739 --- lib/sanitize_ext/sanitize_config.rb | 4 ++-- spec/lib/advanced_text_formatter_spec.rb | 8 ++++++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/lib/sanitize_ext/sanitize_config.rb b/lib/sanitize_ext/sanitize_config.rb index 935e1f4f612..946543868a5 100644 --- a/lib/sanitize_ext/sanitize_config.rb +++ b/lib/sanitize_ext/sanitize_config.rb @@ -133,7 +133,7 @@ class Sanitize rel += ['nofollow', 'noopener', 'noreferrer'] unless TagManager.instance.local_url?(node['href']) if rel.empty? - node['rel']&.delete + node.remove_attribute('rel') else node['rel'] = rel.join(' ') end @@ -144,7 +144,7 @@ class Sanitize node = env[:node] if node['target'] != '_blank' && TagManager.instance.local_url?(node['href']) - node['target']&.delete + node.remove_attribute('target') else node['target'] = '_blank' end diff --git a/spec/lib/advanced_text_formatter_spec.rb b/spec/lib/advanced_text_formatter_spec.rb index 4e859c93c3a..ea1a9570d0c 100644 --- a/spec/lib/advanced_text_formatter_spec.rb +++ b/spec/lib/advanced_text_formatter_spec.rb @@ -50,6 +50,14 @@ RSpec.describe AdvancedTextFormatter do end end + context 'given text with a local-domain mention' do + let(:text) { 'foo https://cb6e6126.ngrok.io/about/more' } + + it 'creates a link' do + is_expected.to include '