commit e30623316670cfe466caaa6b085f6b76ecda6610
parent b8879ac68a30e8bccd1c96cc4630da791d8996c4
Author: tobi <31960611+tsmethurst@users.noreply.github.com>
Date: Sun, 13 Mar 2022 16:37:45 +0100
[bugfix] Fix html-escaped characters in content warnings (#426)
* test status create with odd CWs
* use SanitizeCaption for content warning escaping
Diffstat:
2 files changed, 104 insertions(+), 1 deletion(-)
diff --git a/internal/processing/status/create.go b/internal/processing/status/create.go
@@ -51,7 +51,7 @@ func (p *processor) Create(ctx context.Context, account *gtsmodel.Account, appli
Local: true,
AccountID: account.ID,
AccountURI: account.URI,
- ContentWarning: text.RemoveHTML(form.SpoilerText),
+ ContentWarning: text.SanitizeCaption(form.SpoilerText),
ActivityStreamsType: ap.ObjectNote,
Sensitive: form.Sensitive,
Language: form.Language,
diff --git a/internal/processing/status/create_test.go b/internal/processing/status/create_test.go
@@ -0,0 +1,103 @@
+/*
+ GoToSocial
+ Copyright (C) 2021-2022 GoToSocial Authors admin@gotosocial.org
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Affero General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package status_test
+
+import (
+ "context"
+ "testing"
+
+ "github.com/stretchr/testify/suite"
+ "github.com/superseriousbusiness/gotosocial/internal/api/model"
+)
+
+type StatusCreateTestSuite struct {
+ StatusStandardTestSuite
+}
+
+func (suite *StatusCreateTestSuite) TestProcessContentWarningWithQuotationMarks() {
+ ctx := context.Background()
+
+ creatingAccount := suite.testAccounts["local_account_1"]
+ creatingApplication := suite.testApplications["application_1"]
+
+ statusCreateForm := &model.AdvancedStatusCreateForm{
+ StatusCreateRequest: model.StatusCreateRequest{
+ Status: "poopoo peepee",
+ MediaIDs: []string{},
+ Poll: nil,
+ InReplyToID: "",
+ Sensitive: false,
+ SpoilerText: "\"test\"", // these should not be html-escaped when the final text is rendered
+ Visibility: model.VisibilityPublic,
+ ScheduledAt: "",
+ Language: "en",
+ Format: model.StatusFormatPlain,
+ },
+ AdvancedVisibilityFlagsForm: model.AdvancedVisibilityFlagsForm{
+ Federated: nil,
+ Boostable: nil,
+ Replyable: nil,
+ Likeable: nil,
+ },
+ }
+
+ apiStatus, err := suite.status.Create(ctx, creatingAccount, creatingApplication, statusCreateForm)
+ suite.NoError(err)
+ suite.NotNil(apiStatus)
+
+ suite.Equal("\"test\"", apiStatus.SpoilerText)
+}
+
+func (suite *StatusCreateTestSuite) TestProcessContentWarningWithHTMLEscapedQuotationMarks() {
+ ctx := context.Background()
+
+ creatingAccount := suite.testAccounts["local_account_1"]
+ creatingApplication := suite.testApplications["application_1"]
+
+ statusCreateForm := &model.AdvancedStatusCreateForm{
+ StatusCreateRequest: model.StatusCreateRequest{
+ Status: "poopoo peepee",
+ MediaIDs: []string{},
+ Poll: nil,
+ InReplyToID: "",
+ Sensitive: false,
+ SpoilerText: ""test"", // the html-escaped quotation marks should appear as normal quotation marks in the finished text
+ Visibility: model.VisibilityPublic,
+ ScheduledAt: "",
+ Language: "en",
+ Format: model.StatusFormatPlain,
+ },
+ AdvancedVisibilityFlagsForm: model.AdvancedVisibilityFlagsForm{
+ Federated: nil,
+ Boostable: nil,
+ Replyable: nil,
+ Likeable: nil,
+ },
+ }
+
+ apiStatus, err := suite.status.Create(ctx, creatingAccount, creatingApplication, statusCreateForm)
+ suite.NoError(err)
+ suite.NotNil(apiStatus)
+
+ suite.Equal("\"test\"", apiStatus.SpoilerText)
+}
+
+func TestStatusCreateTestSuite(t *testing.T) {
+ suite.Run(t, new(StatusCreateTestSuite))
+}
