Skip to content

Commit

Permalink
feat: html blocks! (#875)
Browse files Browse the repository at this point in the history 
[![PR App][icn]][demo] | Fix RM-9019
:-------------------:|:----------:

## 🧰 Changes

HTML for everyone!

## 🧬 QA & Testing

- [Broken on production][prod].
- [Working in this PR app][demo].


[demo]: https://markdown-pr-PR_NUMBER.herokuapp.com
[prod]: https://SUBDOMAIN.readme.io
[icn]:
https://user-images.githubusercontent.com/886627/160426047-1bee9488-305a-4145-bb2b-09d8b757d38a.svg
  • Loading branch information
@jennspencer
jennspencer committed May 14, 2024
1 parent e4e3417 commit 1761667
Show file tree
Hide file tree
Showing 19 changed files with 258 additions and 475 deletions.
Binary file added ...al-regression-tests-rdmd-syntax-renders-html-tests-without-surprises-1-snap.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
1 change: 1 addition & 0 deletions __tests__/browser/markdown.test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ describe('visual regression tests', () => {
//'features',
// 'headings',
'images',
'htmlTests',
// 'lists',
'mdxComponents',
'tables',
Expand Down
75 changes: 0 additions & 75 deletions __tests__/components/HTMLBlock.test.jsx
View file

This file was deleted.

64 changes: 64 additions & 0 deletions __tests__/components/HTMLBlock.test.tsx
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
import { render, screen, cleanup } from '@testing-library/react';
import React from 'react';
import { renderToStaticMarkup, renderToString } from 'react-dom/server';
import { vi } from 'vitest';

import HTMLBlock from '../../components/HTMLBlock';
import { compile, run } from '../../index';

describe('HTML Block', () => {
beforeEach(() => {
global.mockFn = vi.fn();
});

afterEach(() => {
cleanup();
vi.restoreAllMocks();
});

it('runs user scripts in compat mode', () => {
render(<HTMLBlock runScripts={true}>{`<script>mockFn()</script>`}</HTMLBlock>);
expect(global.mockFn).toHaveBeenCalledTimes(1);
});

it("doesn't run user scripts by default", () => {
render(<HTMLBlock>{`<script>mockFn()</script>`}</HTMLBlock>);
expect(global.mockFn).toHaveBeenCalledTimes(0);
});

it("doesn't render user scripts by default", () => {
render(<HTMLBlock>{`<script>mockFn()</script>`}</HTMLBlock>);
expect(screen.queryByText('mockFn()')).not.toBeInTheDocument();
});

it("doesn't render user scripts with weird endings", () => {
render(<HTMLBlock>{`<script>mockFn()</script foo='bar'>`}</HTMLBlock>);
expect(screen.queryByText('mockFn()')).not.toBeInTheDocument();
});

it("doesn't render user scripts with a malicious string", () => {
render(<HTMLBlock>{`<scrip<script></script>t>mockFn()</s<script></script>cript>`}</HTMLBlock>);
expect(screen.queryByText('mockFn()')).not.toBeInTheDocument();
});

it("doesn't run scripts on the server (even in compat mode)", () => {
const html = `
<h1>Hello World</h1>
<script>mockFn()</script>
`;
const elem = <HTMLBlock runScripts={true}>{html}</HTMLBlock>;
const view = renderToString(elem);
expect(elem.props.runScripts).toBe(true);
expect(view.indexOf('<script>')).toBeLessThan(0);
expect(view.indexOf('<h1>')).toBeGreaterThanOrEqual(0);
});

it('renders the html in a `<pre>` tag if safeMode={true}', async () => {
const md = '<HTMLBlock safeMode={true}>{`<button onload="alert(\'gotcha!\')"/>`}</HTMLBlock>';
const code = compile(md);
const Component = await run(code);
expect(renderToStaticMarkup(<Component />)).toMatchInlineSnapshot(
'"<pre class="html-unsafe"><code>&lt;button onload=&quot;alert(&#x27;gotcha!&#x27;)&quot;/&gt;</code></pre>"',
);
});
});
13 changes: 0 additions & 13 deletions __tests__/components/__snapshots__/test.js.snap
View file

This file was deleted.

230 changes: 0 additions & 230 deletions __tests__/components/test.js
View file

This file was deleted.

Loading

0 comments on commit 1761667

Please sign in to comment.