Discourse/discourse
Discourse/discourse
0
0
Fork 0
mirror of https://gh.wpcy.net/https://github.com/discourse/discourse.git synced 2026-05-05 08:41:11 +08:00
Code Packages Activity Actions
discourse/spec/lib/onebox/engine/audioboom_onebox_spec.rb
Blake Erickson 17116c440b
SECURITY: Restrict allowed URL patterns 
Restrict allowed URL patterns for oneboxes.
2025-02-04 13:32:34 -03:00

25 lines
809 B
Ruby
Raw Permalink Blame History

# frozen_string_literal: true
RSpec.describe Onebox::Engine::AudioboomOnebox do
describe ".===" do
it "matches valid Audioboom URL" do
valid_url = URI("https://audioboom.com/posts/12345")
expect(described_class === valid_url).to eq(true)
end
it "does not match invalid domain" do
invalid_url = URI("https://audioboom.com.malicious.com/posts/12345")
expect(described_class === invalid_url).to eq(false)
end
it "does not match invalid path" do
invalid_url = URI("https://audioboom.com/somethingelse/12345")
expect(described_class === invalid_url).to eq(false)
end
it "does not match unrelated URL" do
unrelated_url = URI("https://example.com/posts/12345")
expect(described_class === unrelated_url).to eq(false)
end
end
end
View git blame Copy permalink