mirror of
https://github.com/excalidraw/excalidraw.git
synced 2025-04-14 16:40:58 -04:00
432a46ef9e
Some checks failed
Auto release excalidraw next / Auto-release-excalidraw-next (push) Failing after 2m36s
Build Docker image / build-docker (push) Failing after 6s
Cancel previous runs / cancel (push) Failing after 1s
Publish Docker / publish-docker (push) Failing after 31s
New Sentry production release / sentry (push) Failing after 2m3s
31 lines
1.2 KiB
TypeScript
31 lines
1.2 KiB
TypeScript
import { normalizeLink } from "../src/url";
|
|
|
|
describe("normalizeLink", () => {
|
|
// NOTE not an extensive XSS test suite, just to check if we're not
|
|
// regressing in sanitization
|
|
it("should sanitize links", () => {
|
|
expect(
|
|
// eslint-disable-next-line no-script-url
|
|
normalizeLink(`javascript://%0aalert(document.domain)`).startsWith(
|
|
// eslint-disable-next-line no-script-url
|
|
`javascript:`,
|
|
),
|
|
).toBe(false);
|
|
expect(normalizeLink("ola")).toBe("ola");
|
|
expect(normalizeLink(" ola")).toBe("ola");
|
|
|
|
expect(normalizeLink("https://www.excalidraw.com")).toBe(
|
|
"https://www.excalidraw.com",
|
|
);
|
|
expect(normalizeLink("www.excalidraw.com")).toBe("www.excalidraw.com");
|
|
expect(normalizeLink("/ola")).toBe("/ola");
|
|
expect(normalizeLink("http://test")).toBe("http://test");
|
|
expect(normalizeLink("ftp://test")).toBe("ftp://test");
|
|
expect(normalizeLink("file://")).toBe("file://");
|
|
expect(normalizeLink("file://")).toBe("file://");
|
|
expect(normalizeLink("[test](https://test)")).toBe("[test](https://test)");
|
|
expect(normalizeLink("[[test]]")).toBe("[[test]]");
|
|
expect(normalizeLink("<test>")).toBe("<test>");
|
|
expect(normalizeLink("test&")).toBe("test&");
|
|
});
|
|
});
|