Skip to content

Commit 804e83c

Browse files
AnzhiZhangAnzhiZhang
committed
Update tests for DefaultUrlSanitizer
1 parent 79e1aed commit 804e83c

1 file changed

Lines changed: 34 additions & 0 deletions

File tree

commonmark/src/test/java/org/commonmark/test/HtmlRendererTest.java

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -93,13 +93,47 @@ public void sanitizedUrlsShouldSetRelNoFollow() {
9393
assertEquals("<p><a rel=\"nofollow\" href=\"https://google.com\"></a></p>\n", sanitizeUrlsRenderer().render(paragraph));
9494
}
9595

96+
@Test
97+
public void sanitizedUrlsShouldAllowSafeProtocols() {
98+
Paragraph paragraph = new Paragraph();
99+
Link link = new Link();
100+
link.setDestination("http://google.com");
101+
paragraph.appendChild(link);
102+
assertEquals("<p><a rel=\"nofollow\" href=\"http://google.com\"></a></p>\n", sanitizeUrlsRenderer().render(paragraph));
103+
104+
paragraph = new Paragraph();
105+
link = new Link();
106+
link.setDestination("https://google.com");
107+
paragraph.appendChild(link);
108+
assertEquals("<p><a rel=\"nofollow\" href=\"https://google.com\"></a></p>\n", sanitizeUrlsRenderer().render(paragraph));
109+
110+
paragraph = new Paragraph();
111+
link = new Link();
112+
link.setDestination("mailto:foo@bar.example.com");
113+
paragraph.appendChild(link);
114+
assertEquals("<p><a rel=\"nofollow\" href=\"mailto:foo@bar.example.com\"></a></p>\n", sanitizeUrlsRenderer().render(paragraph));
115+
116+
String image = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAFiUAABYlAUlSJPAAAAAQSURBVBhXY/iPBVBf8P9/AG8TY51nJdgkAAAAAElFTkSuQmCC";
117+
paragraph = new Paragraph();
118+
link = new Link();
119+
link.setDestination(image);
120+
paragraph.appendChild(link);
121+
assertEquals("<p><a rel=\"nofollow\" href=\"" + image + "\"></a></p>\n", sanitizeUrlsRenderer().render(paragraph));
122+
}
123+
96124
@Test
97125
public void sanitizedUrlsShouldFilterDangerousProtocols() {
98126
Paragraph paragraph = new Paragraph();
99127
Link link = new Link();
100128
link.setDestination("javascript:alert(5);");
101129
paragraph.appendChild(link);
102130
assertEquals("<p><a rel=\"nofollow\" href=\"\"></a></p>\n", sanitizeUrlsRenderer().render(paragraph));
131+
132+
paragraph = new Paragraph();
133+
link = new Link();
134+
link.setDestination("ftp://google.com");
135+
paragraph.appendChild(link);
136+
assertEquals("<p><a rel=\"nofollow\" href=\"\"></a></p>\n", sanitizeUrlsRenderer().render(paragraph));
103137
}
104138

105139
@Test

0 commit comments

Comments
 (0)