Whitelist some more tags and add extra tests

2024-11-27 09:36:19 -05:00 · 2016-07-26 11:02:09 -04:00 · 2016-07-26 11:02:09 -04:00 · fbfd3124a0
commit fbfd3124a0
parent 2242568507
2 changed files with 52 additions and 43 deletions
--- a/app/assets/javascripts/pretty-text/white-lister.js.es6
+++ b/app/assets/javascripts/pretty-text/white-lister.js.es6
@ -99,63 +99,66 @@ export function whiteListFeature(feature, info) {
 // Only add to `default` when you always want your whitelist to occur. In other words,
 // don't change this for a plugin or a feature that can be disabled
 whiteListFeature('default', [
-  'br',
-  'p',
-  'strong',
-  'em',
-  'ins',
-  'del',
-  'abbr[title]',
-  'dl',
-  'dt',
-  'dd',
-  'blockquote',
-  'div',
-  'div.title',
-  'div.quote-controls',
-  'div[align]',
-  'i',
-  'b',
-  'ul',
-  'ol',
-  'li',
-  'small',
-  'code',
-  'span.mention',
-  'span.hashtag',
-  'span.excerpt',
-  'aside.quote',
-  'aside[data-*]',
-  'a[name]',
-  'a[target=_blank]',
-  'a[rel=nofollow]',
  'a.attachment',
-  'a.onebox',
+  'a.hashtag',
  'a.mention',
  'a.mention-group',
-  'a.hashtag',
-  'a[name]',
+  'a.onebox',
  'a[data-bbcode]',
+  'a[name]',
+  'a[name]',
+  'a[rel=nofollow]',
+  'a[target=_blank]',
  'a[title]',
-  'img[class]',
-  'img[alt]',
-  'img[title]',
-  'img[width]',
-  'img[height]',
-  'pre',
-  'hr',
+  'abbr[title]',
+  'aside.quote',
+  'aside[data-*]',
+  'b',
+  'blockquote',
+  'br',
+  'code',
+  'dd',
+  'del',
+  'div',
+  'div.quote-controls',
+  'div.title',
+  'div[align]',
+  'dl',
+  'dt',
+  'em',
  'h1[id]',
  'h2[id]',
  'h3[id]',
  'h4[id]',
  'h5[id]',
  'h6[id]',
+  'hr',
+  'i',
  'iframe',
-  'iframe[height]',
-  'iframe[width]',
  'iframe[frameborder]',
+  'iframe[height]',
  'iframe[marginheight]',
  'iframe[marginwidth]',
+  'iframe[width]',
+  'img[alt]',
+  'img[class]',
+  'img[height]',
+  'img[title]',
+  'img[width]',
+  'ins',
  'kbd',
-  'strike'
+  'li',
+  'ol',
+  'p',
+  'pre',
+  's',
+  'small',
+  'span.excerpt',
+  'span.hashtag',
+  'span.mention',
+  'strike',
+  'strong',
+  'sub',
+  'sup',
+  'ul',
 ]);
--- a/test/javascripts/lib/sanitizer-test.js.es6
+++ b/test/javascripts/lib/sanitizer-test.js.es6
@ -48,8 +48,14 @@ test("sanitize", function() {

  cooked("<kbd>Ctrl</kbd>+<kbd>C</kbd>", "<p><kbd>Ctrl</kbd>+<kbd>C</kbd></p>");
  cooked("it has been <strike>1 day</strike> 0 days since our last test failure", "<p>it has been <strike>1 day</strike> 0 days since our last test failure</p>");
+  cooked(`it has been <s>1 day</s> 0 days since our last test failure`, `<p>it has been <s>1 day</s> 0 days since our last test failure</p>`);

  cooked(`<div align="center">hello</div>`, `<div align="center">hello</div>`);
+
+  cooked(`1 + 1 is <del>3</del> <ins>2</ins>`, `<p>1 + 1 is <del>3</del> <ins>2</ins></p>`);
+  cooked(`<abbr title="JavaScript">JS</abbr>`, `<p><abbr title="JavaScript">JS</abbr></p>`);
+  cooked(`<dl><dt>Forum</dt><dd>Software</dd></dl>`, `<dl><dt>Forum</dt><dd>Software</dd></dl>`);
+  cooked(`<sup>high</sup> <sub>low</sub>`, `<p><sup>high</sup> <sub>low</sub></p>`);
 });

 test("ids on headings", () => {