hamlab/mobilizon-frontend
2
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Drop HTMLSanitizeEx and fix title sanitizing

Browse Source 
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel
2020-06-24 16:33:59 +02:00
parent 0f489757f7
commit 83aa005faf
12 changed files with 40 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
test/graphql/resolvers/event_test.exs
View File

@@ -193,7 +193,7 @@ defmodule Mobilizon.Web.Resolvers.EventTest do
)
end
test "create_event/3 creates an event and escapes title and description", %{
test "create_event/3 creates an event and escapes title", %{
conn: conn,
actor: actor,
user: user
@@ -214,7 +214,9 @@ defmodule Mobilizon.Web.Resolvers.EventTest do
)
assert res["errors"] == nil
assert res["data"]["createEvent"]["title"] == "My Event title"
assert res["data"]["createEvent"]["title"] ==
"My Event title <img src=\"http://placekitten.com/g/200/300\" onclick=\"alert('aaa')\" >"
assert res["data"]["createEvent"]["description"] ==
"<b>My description</b> <img src=\"http://placekitten.com/g/200/300\"/>"