mirrors/signal-desktop
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 2 Wiki Activity Actions

Auto-link urls in message bodies

Browse source 
And watch out for xss.

Closes #187
This commit is contained in:
lilia 2015-03-06 17:01:04 -08:00
parent 8ee282b1aa
commit dc1b09f59d
3 changed files with 32 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

20
test/views/message_view_test.js
View file

@ -44,4 +44,24 @@ describe('MessageView', function() {
message.destroy();
assert.strictEqual(div.find(view.$el).length, 0);
});
it('allows links', function() {
var url = 'http://example.com';
message.set('body', url);
var view = new Whisper.MessageView({model: message});
view.render();
var link = view.$el.find('.content a');
assert.strictEqual(link.length, 1);
assert.strictEqual(link.text(), url);
assert.strictEqual(link.attr('href'), url);
});
it('disallows xss', function() {
var xss = '<script>alert("pwnd")</script>';
message.set('body', xss);
var view = new Whisper.MessageView({model: message});
view.render();
assert.include(view.$el.text(), xss); // should appear as escaped text
assert.strictEqual(view.$el.find('script').length, 0); // should not appear as html
});
});