urls must start with http or https

parslet
Jordan Orelli 9 years ago
parent dba23d2cdb
commit 0364c5f2c7

@ -9,3 +9,4 @@ gem "rspec", "~> 3.0"
gem "parslet" gem "parslet"
gem "guard" gem "guard"
gem "guard-rspec" gem "guard-rspec"
gem "sanitize"

@ -12,6 +12,7 @@ GEM
celluloid (0.15.2) celluloid (0.15.2)
timers (~> 1.1.0) timers (~> 1.1.0)
coderay (1.1.0) coderay (1.1.0)
crass (1.0.2)
daemons (1.2.3) daemons (1.2.3)
diff-lcs (1.2.5) diff-lcs (1.2.5)
eventmachine (1.0.8) eventmachine (1.0.8)
@ -34,7 +35,12 @@ GEM
rb-inotify (>= 0.9) rb-inotify (>= 0.9)
lumberjack (1.0.9) lumberjack (1.0.9)
method_source (0.8.2) method_source (0.8.2)
mini_portile (0.6.2)
minitest (5.8.2) minitest (5.8.2)
nokogiri (1.6.6.2)
mini_portile (~> 0.6.0)
nokogumbo (1.4.1)
nokogiri
parslet (1.7.1) parslet (1.7.1)
blankslate (>= 2.0, <= 4.0) blankslate (>= 2.0, <= 4.0)
pry (0.10.0) pry (0.10.0)
@ -61,6 +67,10 @@ GEM
rspec-support (3.1.0) rspec-support (3.1.0)
ruby-bbcode (2.0.0) ruby-bbcode (2.0.0)
activesupport (>= 3.2.3) activesupport (>= 3.2.3)
sanitize (4.0.0)
crass (~> 1.0.2)
nokogiri (>= 1.4.4)
nokogumbo (= 1.4.1)
sinatra (1.4.6) sinatra (1.4.6)
rack (~> 1.4) rack (~> 1.4)
rack-protection (~> 1.4) rack-protection (~> 1.4)
@ -91,6 +101,7 @@ DEPENDENCIES
parslet parslet
rspec (~> 3.0) rspec (~> 3.0)
ruby-bbcode ruby-bbcode
sanitize
sinatra sinatra
slim slim
thin thin

@ -1,4 +1,5 @@
require 'parslet' require 'parslet'
require 'sanitize'
module Bristlecode module Bristlecode
@ -125,6 +126,7 @@ module Bristlecode
def initialize(args) def initialize(args)
self.href = args[:href].to_str.strip self.href = args[:href].to_str.strip
check_href
if args.has_key? :title if args.has_key? :title
self.title = Doc.new(args[:title]) self.title = Doc.new(args[:title])
else else
@ -132,6 +134,12 @@ module Bristlecode
end end
end end
def check_href
unless href =~ /^(\/[^\/]|https?:\/\/)/
raise "href must start with /, http, or https"
end
end
def to_html def to_html
"<a href=\"#{href}\">#{title.to_html}</a>" "<a href=\"#{href}\">#{title.to_html}</a>"
end end

@ -56,24 +56,24 @@ module Bristlecode
end end
it 'can render simple links' do it 'can render simple links' do
input = '[url]example.com[/url]' input = '[url]http://example.com[/url]'
output = '<a href="example.com">example.com</a>' output = '<a href="http://example.com">http:&#x2F;&#x2F;example.com</a>'
expect(to_html(input)).to eq(output) expect(to_html(input)).to eq(output)
input = '[url] example.com [/url]' input = '[url] http://example.com [/url]'
output = '<a href="example.com">example.com</a>' output = '<a href="http://example.com">http:&#x2F;&#x2F;example.com</a>'
expect(to_html(input)).to eq(output) expect(to_html(input)).to eq(output)
end end
it 'passes simple url contents opaquely' do it 'passes simple url contents opaquely' do
input = '[url]x[b]y[/b]z[/url]' input = '[url]http://x[b]y[/b]z[/url]'
output = '<a href="x[b]y[/b]z">x[b]y[&#x2F;b]z</a>' output = '<a href="http://x[b]y[/b]z">http:&#x2F;&#x2F;x[b]y[&#x2F;b]z</a>'
expect(to_html(input)).to eq(output) expect(to_html(input)).to eq(output)
end end
it 'handles urls with titles' do it 'handles urls with titles' do
input = '[url=google.com]the google[/url]' input = '[url=http://google.com]the google[/url]'
output = '<a href="google.com">the google</a>' output = '<a href="http://google.com">the google</a>'
expect(to_html(input)).to eq(output) expect(to_html(input)).to eq(output)
end end

Loading…
Cancel
Save