owncast/core/chat/messageRendering_test.go

package chat

import (
	"testing"

	"github.com/owncast/owncast/models"
)

// Test a bunch of arbitrary markup and markdown to make sure we get sanitized
// and fully rendered HTML out of it.
func TestRenderAndSanitize(t *testing.T) {
	messageContent := `
  Test one two three!  I go to http://yahoo.com and search for _sports_ and **answers**.
  Here is an iframe <iframe src="http://yahoo.com"></iframe>

  ## blah blah blah
  [test link](http://owncast.online)
  <img class="emoji" alt="bananadance.gif" width="600px" src="/img/emoji/bananadance.gif">
  <script src="http://hackers.org/hack.js"></script>
  `

	expected := `<p>Test one two three!  I go to <a href="http://yahoo.com" rel="nofollow noreferrer noopener" target="_blank">http://yahoo.com</a> and search for <em>sports</em> and <strong>answers</strong>.
Here is an iframe </p>
blah blah blah
<p><a href="http://owncast.online" rel="nofollow noreferrer noopener" target="_blank">test link</a>
<img class="emoji" src="/img/emoji/bananadance.gif"></p>`

	result := models.RenderAndSanitize(messageContent)
	if result != expected {
		t.Errorf("message rendering/sanitation does not match expected.  Got\n%s, \n\n want:\n%s", result, expected)
	}
}

// Test to make sure we block remote images in chat messages.
func TestBlockRemoteImages(t *testing.T) {
	messageContent := `<img src="https://via.placeholder.com/350x150"> test ![](https://via.placeholder.com/350x150)`
	expected := `<p> test </p>`
	result := models.RenderAndSanitize(messageContent)

	if result != expected {
		t.Errorf("message rendering/sanitation does not match expected.  Got\n%s, \n\n want:\n%s", result, expected)
	}
}

// Test to make sure emoji images are allowed in chat messages.
func TestAllowEmojiImages(t *testing.T) {
	messageContent := `<img src="/img/emoji/beerparrot.gif"> test ![](/img/emoji/beerparrot.gif)`
	expected := `<p><img src="/img/emoji/beerparrot.gif"> test <img src="/img/emoji/beerparrot.gif"></p>`
	result := models.RenderAndSanitize(messageContent)

	if result != expected {
		t.Errorf("message rendering/sanitation does not match expected.  Got\n%s, \n\n want:\n%s", result, expected)
	}
}

// Test to verify we can pass raw html and render markdown.
func TestAllowHTML(t *testing.T) {
	messageContent := `<img src="/img/emoji/beerparrot.gif"><ul><li>**test thing**</li></ul>`
	expected := "<p><img src=\"/img/emoji/beerparrot.gif\"><ul><li><strong>test thing</strong></li></ul></p>\n"
	result := models.RenderMarkdown(messageContent)

	if result != expected {
		t.Errorf("message rendering does not match expected.  Got\n%s, \n\n want:\n%s", result, expected)
	}
}
Render and sanitize chat messages server-side. (#237) * Render and sanitize chat messages server-side. Closes #235 * Render content.md server-side and return it in the client config * Remove showdown from web project * Update api spec * Move example user content file 2020-10-14 01:45:52 +02:00			`package chat`

			`import (`
			`"testing"`

			`"github.com/owncast/owncast/models"`
			`)`

			`// Test a bunch of arbitrary markup and markdown to make sure we get sanitized`
			`// and fully rendered HTML out of it.`
			`func TestRenderAndSanitize(t *testing.T) {`
			messageContent := `
			`Test one two three! I go to http://yahoo.com and search for _sports_ and answers.`
			`Here is an iframe <iframe src="http://yahoo.com"></iframe>`

			`## blah blah blah`
			`[test link](http://owncast.online)`
Gek/disable remote images (#800) * Disable images from anywhere but our emojis. Closes #756 * Add tests around images in chat messages * Update sanitizer + test 2021-03-09 08:20:15 +01:00			`<img class="emoji" alt="bananadance.gif" width="600px" src="/img/emoji/bananadance.gif">`
Render and sanitize chat messages server-side. (#237) * Render and sanitize chat messages server-side. Closes #235 * Render content.md server-side and return it in the client config * Remove showdown from web project * Update api spec * Move example user content file 2020-10-14 01:45:52 +02:00			`<script src="http://hackers.org/hack.js"></script>`
			`

			expected := `<p>Test one two three! I go to <a href="http://yahoo.com" rel="nofollow noreferrer noopener" target="_blank">http://yahoo.com</a> and search for <em>sports</em> and <strong>answers</strong>.
			`Here is an iframe </p>`
			`blah blah blah`
			`<p><a href="http://owncast.online" rel="nofollow noreferrer noopener" target="_blank">test link</a>`
Gek/disable remote images (#800) * Disable images from anywhere but our emojis. Closes #756 * Add tests around images in chat messages * Update sanitizer + test 2021-03-09 08:20:15 +01:00			<img class="emoji" src="/img/emoji/bananadance.gif"></p>`
Render and sanitize chat messages server-side. (#237) * Render and sanitize chat messages server-side. Closes #235 * Render content.md server-side and return it in the client config * Remove showdown from web project * Update api spec * Move example user content file 2020-10-14 01:45:52 +02:00
			`result := models.RenderAndSanitize(messageContent)`
			`if result != expected {`
			`t.Errorf("message rendering/sanitation does not match expected. Got\n%s, \n\n want:\n%s", result, expected)`
			`}`
Gek/disable remote images (#800) * Disable images from anywhere but our emojis. Closes #756 * Add tests around images in chat messages * Update sanitizer + test 2021-03-09 08:20:15 +01:00			`}`

			`// Test to make sure we block remote images in chat messages.`
			`func TestBlockRemoteImages(t *testing.T) {`
			messageContent := `<img src="https://via.placeholder.com/350x150"> test ![](https://via.placeholder.com/350x150)`
			expected := `<p> test </p>`
			`result := models.RenderAndSanitize(messageContent)`
Render and sanitize chat messages server-side. (#237) * Render and sanitize chat messages server-side. Closes #235 * Render content.md server-side and return it in the client config * Remove showdown from web project * Update api spec * Move example user content file 2020-10-14 01:45:52 +02:00
Gek/disable remote images (#800) * Disable images from anywhere but our emojis. Closes #756 * Add tests around images in chat messages * Update sanitizer + test 2021-03-09 08:20:15 +01:00			`if result != expected {`
			`t.Errorf("message rendering/sanitation does not match expected. Got\n%s, \n\n want:\n%s", result, expected)`
			`}`
			`}`

			`// Test to make sure emoji images are allowed in chat messages.`
			`func TestAllowEmojiImages(t *testing.T) {`
			messageContent := `<img src="/img/emoji/beerparrot.gif"> test ![](/img/emoji/beerparrot.gif)`
			expected := `<p><img src="/img/emoji/beerparrot.gif"> test <img src="/img/emoji/beerparrot.gif"></p>`
			`result := models.RenderAndSanitize(messageContent)`

			`if result != expected {`
			`t.Errorf("message rendering/sanitation does not match expected. Got\n%s, \n\n want:\n%s", result, expected)`
			`}`
Render and sanitize chat messages server-side. (#237) * Render and sanitize chat messages server-side. Closes #235 * Render content.md server-side and return it in the client config * Remove showdown from web project * Update api spec * Move example user content file 2020-10-14 01:45:52 +02:00			`}`
Support full html in system messages. Closes #747 (#814) 2021-03-12 09:43:10 +01:00
			`// Test to verify we can pass raw html and render markdown.`
			`func TestAllowHTML(t *testing.T) {`
			messageContent := `<img src="/img/emoji/beerparrot.gif"><ul><li>test thing</li></ul>`
			`expected := "<p><img src=\"/img/emoji/beerparrot.gif\"><ul><li><strong>test thing</strong></li></ul></p>\n"`
			`result := models.RenderMarkdown(messageContent)`

			`if result != expected {`
			`t.Errorf("message rendering does not match expected. Got\n%s, \n\n want:\n%s", result, expected)`
			`}`
			`}`