Sha256: 8e81ce178e0277df437af5f5481693469ba23a6caf4ce36af4bbfbf83f8466ba

Contents?: true

Size: 1.86 KB

Versions: 10

Compression:

Stored size: 1.86 KB

Contents

# frozen_string_literal: true

shared_examples "having a rich text editor for field" do |selector, toolbar|
  it "has a rich text editor" do
    within selector do
      expect(page).to have_css("div.editor-container[data-toolbar='#{toolbar}']", visible: :all)
    end
  end
end

shared_examples "having a rich text editor" do |css, toolbar|
  it_behaves_like "having a rich text editor for field", "form.#{css}", toolbar
end

shared_context "with rich text editor content" do
  let(:content) { "<p>#{safe_tags}</p>#{script}" }
  let(:safe_tags) { em + u + strong }
  let(:em) { "<em>em</em>" }
  let(:u) { "<u>u</u>" }
  let(:strong) { "<strong>strong</strong>" }
  let(:script) { "<script>alert('SCRIPT')</script>" }
end

shared_examples "rendering safe content" do |css|
  include_context "with rich text editor content"

  it "renders potentially safe HTML tags unescaped" do
    within css do
      expect(page).to have_css("em", text: "em")
      expect(page).to have_css("u", text: "u")
      expect(page).to have_css("strong", text: "strong")
    end
  end

  it "sanitizes potentially malicious HTML tags" do
    within css do
      expect(page).to have_no_css("script", visible: :all)
      expect(page).to have_content("alert('SCRIPT')")
    end
  end
end

shared_examples "rendering unsafe content" do |css|
  include_context "with rich text editor content"

  it "sanitizes potentially safe HTML tags" do
    within css do
      expect(page).to have_no_css("em")
      expect(page).to have_content("em")
      expect(page).to have_no_css("u")
      expect(page).to have_content("u")
      expect(page).to have_no_css("strong")
      expect(page).to have_content("strong")
    end
  end

  it "strips potentially malicious HTML tags" do
    within css do
      expect(page).to have_no_css("script", visible: :all)
      expect(page).to have_no_content("alert('SCRIPT')")
    end
  end
end

Version data entries

10 entries across 10 versions & 1 rubygems

Version Path
decidim-core-0.30.0.rc3 lib/decidim/core/test/shared_examples/rich_text_editor_examples.rb
decidim-core-0.30.0.rc2 lib/decidim/core/test/shared_examples/rich_text_editor_examples.rb
decidim-core-0.30.0.rc1 lib/decidim/core/test/shared_examples/rich_text_editor_examples.rb
decidim-core-0.29.2 lib/decidim/core/test/shared_examples/rich_text_editor_examples.rb
decidim-core-0.29.1 lib/decidim/core/test/shared_examples/rich_text_editor_examples.rb
decidim-core-0.29.0 lib/decidim/core/test/shared_examples/rich_text_editor_examples.rb
decidim-core-0.29.0.rc4 lib/decidim/core/test/shared_examples/rich_text_editor_examples.rb
decidim-core-0.29.0.rc3 lib/decidim/core/test/shared_examples/rich_text_editor_examples.rb
decidim-core-0.29.0.rc2 lib/decidim/core/test/shared_examples/rich_text_editor_examples.rb
decidim-core-0.29.0.rc1 lib/decidim/core/test/shared_examples/rich_text_editor_examples.rb