aboutsummaryrefslogtreecommitdiffhomepage
path: root/tests/plugins/resources
diff options
context:
space:
mode:
authorArthurHoaro <arthur@hoa.ro>2017-05-25 14:52:42 +0200
committerArthurHoaro <arthur@hoa.ro>2017-05-25 14:58:34 +0200
commit86ceea054f5f85157b04473bac5bfb6ff86ca31f (patch)
treee8216f2f36952818427e633b641a54a6ff26379a /tests/plugins/resources
parent61c15aa5554431893ea5ebe800a9a625dca5aff9 (diff)
downloadShaarli-86ceea054f5f85157b04473bac5bfb6ff86ca31f.tar.gz
Shaarli-86ceea054f5f85157b04473bac5bfb6ff86ca31f.tar.zst
Shaarli-86ceea054f5f85157b04473bac5bfb6ff86ca31f.zip
Add a whitelist of protocols for URLs
- for Shaare - for markdown description links and images Not whitelisted protocols will be replaced by `http://`
Diffstat (limited to 'tests/plugins/resources')
-rw-r--r--tests/plugins/resources/markdown.html11
-rw-r--r--tests/plugins/resources/markdown.md12
2 files changed, 21 insertions, 2 deletions
diff --git a/tests/plugins/resources/markdown.html b/tests/plugins/resources/markdown.html
index 07a5a32e..844a6f31 100644
--- a/tests/plugins/resources/markdown.html
+++ b/tests/plugins/resources/markdown.html
@@ -21,4 +21,13 @@
21next #foo</code></pre> 21next #foo</code></pre>
22<p>Block:</p> 22<p>Block:</p>
23<pre><code>lorem ipsum #foobar http://link.tld 23<pre><code>lorem ipsum #foobar http://link.tld
24#foobar http://link.tld</code></pre></div> \ No newline at end of file 24#foobar http://link.tld</code></pre>
25<p><a href="?123456">link</a><br />
26<img src="/img/train.png" alt="link" /><br />
27<a href="http://test.tld/path/?query=value#hash">link</a><br />
28<a href="http://test.tld/path/?query=value#hash">link</a><br />
29<a href="https://test.tld/path/?query=value#hash">link</a><br />
30<a href="ftp://test.tld/path/?query=value#hash">link</a><br />
31<a href="magnet:test.tld/path/?query=value#hash">link</a><br />
32<a href="http://alert('xss')">link</a><br />
33<a href="http://test.tld/path/?query=value#hash">link</a></p></div> \ No newline at end of file
diff --git a/tests/plugins/resources/markdown.md b/tests/plugins/resources/markdown.md
index 0b8be7c5..b8ebd934 100644
--- a/tests/plugins/resources/markdown.md
+++ b/tests/plugins/resources/markdown.md
@@ -21,4 +21,14 @@ Block:
21``` 21```
22lorem ipsum #foobar http://link.tld 22lorem ipsum #foobar http://link.tld
23#foobar http://link.tld 23#foobar http://link.tld
24``` \ No newline at end of file 24```
25
26[link](?123456)
27![link](/img/train.png)
28[link](test.tld/path/?query=value#hash)
29[link](http://test.tld/path/?query=value#hash)
30[link](https://test.tld/path/?query=value#hash)
31[link](ftp://test.tld/path/?query=value#hash)
32[link](magnet:test.tld/path/?query=value#hash)
33[link](javascript:alert('xss'))
34[link](other://test.tld/path/?query=value#hash) \ No newline at end of file