Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ensure data-module is a valid attribute for buttons, Don't match button for inline or indentations #116

Merged
merged 2 commits into from
Nov 21, 2017
Merged

Ensure data-module is a valid attribute for buttons, Don't match button for inline or indentations #116

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
60dc1f8
Ensure data-module is a valid attribute for buttons
NickColley Nov 20, 2017
0134447
Remove ability to inline buttons and render with indentation
NickColley Nov 21, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions lib/govspeak.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -136,6 +136,7 @@ def insert_strong_inside_p(body, parser=Govspeak::Document)
end

extension('button', %r{
^ # Match start of line only, allows for indenting code examples
{button(.*?)} # match opening bracket and capture attributes
\s* # any whitespace between opening bracket and link
\[ # match start of link markdown
Expand All @@ -146,6 +147,7 @@ def insert_strong_inside_p(body, parser=Govspeak::Document)
\) # match end of link text markdown
\s* # any whitespace between opening bracket and link
{\/button} # match ending bracket
$ # Match end of line only, allows for indenting code examples
}x) { |attributes, text, href|
button_classes = "button"
button_classes << " button-start" if attributes =~ /start/
Expand Down
2 changes: 1 addition & 1 deletion lib/govspeak/html_sanitizer.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ def sanitize_without_images

def button_sanitize_config
[
"data-module='cross-domain-tracking'",
"data-module",
"data-tracking-code",
"data-tracking-name"
]
Expand Down
19 changes: 8 additions & 11 deletions test/govspeak_button_test.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,17 +45,6 @@ class GovspeakTest < Minitest::Test
assert_html_output '<p>{button}I shouldn’t render a button{/button}</p>'
end

test_given_govspeak "Text before the button {button}[Start Now](http://www.gov.uk){/button} test after the button" do
# rubocop:disable Layout/TrailingWhitespace
assert_html_output %{
<p>Text before the button
<a role="button" class="button" href="http://www.gov.uk">Start Now</a>
test after the button</p>
}
# rubocop:enable Layout/TrailingWhitespace
assert_text_output "Text before the button Start Now test after the button"
end

test_given_govspeak "Text before the button with line breaks \n\n\n{button}[Start Now](http://www.gov.uk){/button}\n\n\n test after the button" do
assert_html_output %{
<p>Text before the button with line breaks</p>
Expand All @@ -82,4 +71,12 @@ class GovspeakTest < Minitest::Test
assert_html_output '<p><a role="button" class="button button-start" href="https://example.com/external-service/start-now" data-module="cross-domain-tracking" data-tracking-code="UA-XXXXXX-Y" data-tracking-name="govspeakButtonTracker">Start Now</a></p>'
assert_text_output "Start Now"
end

# Test indenting button govspeak results in no render, useful in guides
test_given_govspeak " {button start cross-domain-tracking:UA-XXXXXX-Y}[Example](https://example.com/external-service/start-now){/button}" do
assert_html_output %{
<pre><code>{button start cross-domain-tracking:UA-XXXXXX-Y}[Example](https://example.com/external-service/start-now){/button}
</code></pre>
}
end
end
8 changes: 8 additions & 0 deletions test/html_sanitizer_test.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,14 @@ class HtmlSanitizerTest < Minitest::Test
assert_equal "Fortnum &amp; Mason", Govspeak::HtmlSanitizer.new(html).sanitize
end

test "allow govspeak button markup" do
html = "<a href='#' data-module='cross-domain-tracking' data-tracking-code='UA-XXXXXX-Y' data-tracking-name='govspeakButtonTracker'></a>"
assert_equal(
"<a href=\"#\" data-module=\"cross-domain-tracking\" data-tracking-code=\"UA-XXXXXX-Y\" data-tracking-name=\"govspeakButtonTracker\"></a>",
Govspeak::HtmlSanitizer.new(html).sanitize
)
end

test "allows images on whitelisted domains" do
html = "<img src='http://allowed.com/image.jgp'>"
sanitized_html = Govspeak::HtmlSanitizer.new(html, allowed_image_hosts: ['allowed.com']).sanitize
Expand Down
6 changes: 6 additions & 0 deletions test/html_validator_test.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,4 +95,10 @@ class HtmlValidatorTest < Minitest::Test
html = "<div class=\"govspeak\"><h2 id=\"some-title\">\n<span class=\"number\">1. </span> Some title</h2>\n\n<p>Some text</p>\n</div>"
assert Govspeak::HtmlValidator.new(html).valid?
end

test "allow govspeak button" do
assert Govspeak::HtmlValidator.new("{button}[Start now](https://gov.uk){/button}").valid?
assert Govspeak::HtmlValidator.new("{button start}[Start now](https://gov.uk){/button}").valid?
assert Govspeak::HtmlValidator.new("{button start cross-domain-tracking:UA-XXXXXX-Y}[Start now](https://gov.uk){/button}").valid?
end
end