From c69e2adf76cac483c143bc9aa7d7e38e67b42c11 Mon Sep 17 00:00:00 2001 From: Go MAEDA Date: Mon, 18 Sep 2023 06:40:00 +0000 Subject: [PATCH] Merged r22298 from trunk to 4.2-stable (#38806). git-svn-id: https://svn.redmine.org/redmine/branches/4.2-stable@22301 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- .../wiki_formatting/markdown/formatter.rb | 17 +++- .../markdown_formatter_test.rb | 79 ++++++++++++++++++- 2 files changed, 93 insertions(+), 3 deletions(-) diff --git a/lib/redmine/wiki_formatting/markdown/formatter.rb b/lib/redmine/wiki_formatting/markdown/formatter.rb index 616949cdf..60b7c1f3d 100644 --- a/lib/redmine/wiki_formatting/markdown/formatter.rb +++ b/lib/redmine/wiki_formatting/markdown/formatter.rb @@ -26,11 +26,24 @@ module Redmine include ActionView::Helpers::TagHelper include Redmine::Helpers::URL + def autolink(link, link_type) + if link_type == :email + link("mailto:#{link}", nil, link) || CGI.escapeHTML(link) + else + content = link + # Pretty printing: if we get an email address as an actual URI, e.g. + # `mailto:foo@bar.com`, we don't want to print the `mailto:` prefix + content = link[7..-1] if link.start_with?('mailto:') + + link(link, nil, content) || CGI.escapeHTML(link) + end + end + def link(link, title, content) - return nil unless uri_with_safe_scheme?(link) + return nil unless uri_with_link_safe_scheme?(link) css = nil - unless link && link.starts_with?('/') + unless link&.starts_with?('/') || link&.starts_with?('mailto:') css = 'external' end content_tag('a', content.to_s.html_safe, :href => link, :title => title, :class => css) diff --git a/test/unit/lib/redmine/wiki_formatting/markdown_formatter_test.rb b/test/unit/lib/redmine/wiki_formatting/markdown_formatter_test.rb index e1b630941..65ba7eb21 100644 --- a/test/unit/lib/redmine/wiki_formatting/markdown_formatter_test.rb +++ b/test/unit/lib/redmine/wiki_formatting/markdown_formatter_test.rb @@ -251,11 +251,88 @@ class Redmine::WikiFormatting::MarkdownFormatterTest < ActionView::TestCase def test_should_support_underlined_text text = 'This _text_ should be underlined' - assert_equal '

This text should be underlined

', @formatter.new(text).to_html.strip + assert_equal '

This text should be underlined

', format(text) + end + + def test_should_autolink_mails + input = "foo@example.org" + assert_equal %(

foo@example.org

), format(input) + + # The redcloth autolinker parses "plain" mailto links a bit unfortunately. + # We do the best we can here... + input = "mailto:foo@example.org" + assert_equal %(

mailto:foo@example.org

), format(input) + end + + def test_should_fixup_mailto_links + input = "" + assert_equal %(

foo@example.org

), format(input) + end + + def test_should_fixup_autolinked_user_references + text = "user:user@example.org" + assert_equal "

#{text}

", format(text) + + text = "@user@example.org" + assert_equal "

#{text}

", format(text) + end + + def test_should_fixup_autolinked_hires_files + text = "printscreen@2x.png" + assert_equal "

#{text}

", format(text).strip + end + + def test_should_allow_links_with_safe_url_schemes + safe_schemes = %w(http https ftp) + link_safe_schemes = %w(ssh foo) + + (safe_schemes + link_safe_schemes).each do |scheme| + input = "[#{scheme}](#{scheme}://example.com)" + expected = %(

#{scheme}

) + + assert_equal expected, format(input) + end + end + + def test_should_not_allow_links_with_unsafe_url_schemes + unsafe_schemes = %w(data javascript vbscript) + + unsafe_schemes.each do |scheme| + input = "[#{scheme}](#{scheme}:something)" + assert_equal "

#{input}

", format(input) + end + end + + def test_should_allow_autolinks_with_safe_url_schemes + safe_schemes = %w(http https ftp) + link_safe_schemes = %w(ssh foo) + + (safe_schemes + link_safe_schemes).each do |scheme| + input = "#{scheme}://example.org" + expected = %(

#{input}

) + + assert_equal expected, format(input) if safe_schemes.include?(scheme) + assert_equal expected, format("<#{input}>") + end + end + + def test_should_not_autolink_unsafe_schemes + unsafe_schemes = %w(data javascript vbscript) + + unsafe_schemes.each do |scheme| + link = "#{scheme}:something" + + assert_equal "

#{link}

", format(link) + assert_equal "

#{link}

", format("<#{link}>") + end end private + def format(text) + @formatter.new(text).to_html.strip + end + def assert_section_with_hash(expected, text, index) result = @formatter.new(text).get_section(index) -- 2.39.5