mirror of
https://github.com/discourse/discourse.git
synced 2024-11-24 18:54:13 +08:00
283b08d45f
* Move onebox gem in core library * Update template file path * Remove warning for onebox gem caching * Remove onebox version file * Remove onebox gem * Add sanitize gem * Require onebox library in lazy-yt plugin * Remove onebox web specific code This code was used in standalone onebox Sinatra application * Merge Discourse specific AllowlistedGenericOnebox engine in core * Fix onebox engine filenames to match class name casing * Move onebox specs from gem into core * DEV: Rename `response` helper to `onebox_response` Fixes a naming collision. * Require rails_helper * Don't use `before/after(:all)` * Whitespace * Remove fakeweb * Remove poor unit tests * DEV: Re-add fakeweb, plugins are using it * Move onebox helpers * Stub Instagram API * FIX: Follow additional redirect status codes (#476) Don’t throw errors if we encounter 303, 307 or 308 HTTP status codes in responses * Remove an empty file * DEV: Update the license file Using the copy from https://choosealicense.com/licenses/gpl-2.0/# Hopefully this will enable GitHub to show the license UI? * DEV: Update embedded copyrights * DEV: Add Onebox copyright notice * DEV: Add MIT license, convert COPYRIGHT.txt to md * DEV: Remove an incorrect copyright claim Co-authored-by: Jarek Radosz <jradosz@gmail.com> Co-authored-by: jbrw <jamie@goatforce5.org>
106 lines
3.6 KiB
Ruby
106 lines
3.6 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require "rails_helper"
|
|
|
|
class TestEngine
|
|
def self.===(uri)
|
|
true
|
|
end
|
|
|
|
def self.iframe_origins
|
|
["https://example.com", "https://example2.com"]
|
|
end
|
|
end
|
|
|
|
describe Onebox::Matcher do
|
|
let(:opts) { { allowed_iframe_regexes: [/.*/] } }
|
|
|
|
describe "oneboxed" do
|
|
describe "with a path" do
|
|
let(:url) { "http://party.time.made.up-url.com/beep/boop" }
|
|
let(:matcher) { Onebox::Matcher.new(url, opts) }
|
|
|
|
it "finds an engine" do
|
|
matcher.stubs(:ordered_engines).returns([TestEngine])
|
|
expect(matcher.oneboxed).not_to be_nil
|
|
end
|
|
end
|
|
|
|
describe "without a path" do
|
|
let(:url) { "http://party.time.made.up-url.com/" }
|
|
let(:matcher) { Onebox::Matcher.new(url, opts) }
|
|
|
|
it "doesn't find an engine" do
|
|
matcher.stubs(:ordered_engines).returns([TestEngine])
|
|
expect(matcher.oneboxed).not_to be_nil
|
|
end
|
|
end
|
|
|
|
describe "without a path but has a query string" do
|
|
let(:url) { "http://party.time.made.up-url.com/?article_id=1234" }
|
|
let(:matcher) { Onebox::Matcher.new(url, opts) }
|
|
|
|
it "finds an engine" do
|
|
matcher.stubs(:ordered_engines).returns([TestEngine])
|
|
expect(matcher.oneboxed).not_to be_nil
|
|
end
|
|
end
|
|
|
|
describe "without a path but has a fragment string" do
|
|
let(:url) { "http://party.time.made.up-url.com/#article_id=1234" }
|
|
let(:matcher) { Onebox::Matcher.new(url, opts) }
|
|
|
|
it "finds an engine" do
|
|
matcher.stubs(:ordered_engines).returns([TestEngine])
|
|
expect(matcher.oneboxed).not_to be_nil
|
|
end
|
|
end
|
|
|
|
describe "with a allowlisted port/scheme" do
|
|
%w{http://example.com https://example.com http://example.com:80 //example.com}.each do |url|
|
|
it "finds an engine for '#{url}'" do
|
|
matcher = Onebox::Matcher.new(url, opts)
|
|
matcher.stubs(:ordered_engines).returns([TestEngine])
|
|
expect(matcher.oneboxed).not_to be_nil
|
|
end
|
|
end
|
|
end
|
|
|
|
describe "without a allowlisted port/scheme" do
|
|
%w{http://example.com:21 ftp://example.com}.each do |url|
|
|
it "doesn't find an engine for '#{url}'" do
|
|
matcher = Onebox::Matcher.new(url, opts)
|
|
matcher.stubs(:ordered_engines).returns([TestEngine])
|
|
expect(matcher.oneboxed).to be_nil
|
|
end
|
|
end
|
|
end
|
|
|
|
describe "with restricted iframe domains" do
|
|
it "finds an engine when wildcard allowed" do
|
|
matcher = Onebox::Matcher.new("https://example.com", allowed_iframe_regexes: [/.*/])
|
|
matcher.stubs(:ordered_engines).returns([TestEngine])
|
|
expect(matcher.oneboxed).not_to be_nil
|
|
end
|
|
|
|
it "doesn't find an engine when nothing allowed" do
|
|
matcher = Onebox::Matcher.new("https://example.com", allowed_iframe_regexes: [])
|
|
matcher.stubs(:ordered_engines).returns([TestEngine])
|
|
expect(matcher.oneboxed).to be_nil
|
|
end
|
|
|
|
it "doesn't find an engine when only some subdomains are allowed" do
|
|
matcher = Onebox::Matcher.new("https://example.com", allowed_iframe_regexes: Onebox::Engine.origins_to_regexes(["https://example.com"]))
|
|
matcher.stubs(:ordered_engines).returns([TestEngine])
|
|
expect(matcher.oneboxed).to be_nil
|
|
end
|
|
|
|
it "finds an engine when all required domains are allowed" do
|
|
matcher = Onebox::Matcher.new("https://example.com", allowed_iframe_regexes: Onebox::Engine.origins_to_regexes(["https://example.com", "https://example2.com"]))
|
|
matcher.stubs(:ordered_engines).returns([TestEngine])
|
|
expect(matcher.oneboxed).not_to be_nil
|
|
end
|
|
end
|
|
end
|
|
end
|