|
@@ -974,6 +974,7 @@ describe("A Chat Message", function () {
|
|
|
expect(msg.textContent.trim()).toEqual('hello world');
|
|
|
expect(msg.querySelectorAll('img').length).toEqual(2);
|
|
|
|
|
|
+ // @XXX This test isn't really testing anything - needs revisiting
|
|
|
// Non-https images aren't rendered
|
|
|
message = base_url+"/logo/conversejs-filled.svg";
|
|
|
expect(view.content.querySelectorAll('img').length).toBe(4);
|
|
@@ -985,7 +986,31 @@ describe("A Chat Message", function () {
|
|
|
message = 'http://imgur.com/xxxxxxx';
|
|
|
mock.sendMessage(view, message);
|
|
|
await u.waitUntil(() => view.el.querySelectorAll('.chat-content .chat-image').length === 5, 1000);
|
|
|
- expect(view.content.querySelectorAll('img').length).toBe(5);
|
|
|
+ expect(view.content.querySelectorAll('.chat-content .chat-image').length).toBe(5);
|
|
|
+
|
|
|
+ done();
|
|
|
+ }));
|
|
|
+
|
|
|
+ it("will render images from approved URLs only",
|
|
|
+ mock.initConverse(
|
|
|
+ ['rosterGroupsFetched', 'chatBoxesFetched'], {},
|
|
|
+ async function (done, _converse) {
|
|
|
+
|
|
|
+ await mock.waitForRoster(_converse, 'current');
|
|
|
+ const base_url = 'https://conversejs.org';
|
|
|
+ let message = 'http://wrongdomain.com/xxxxxxx.png';
|
|
|
+ const contact_jid = mock.cur_names[0].replace(/ /g,'.').toLowerCase() + '@montague.lit';
|
|
|
+ await mock.openChatBoxFor(_converse, contact_jid);
|
|
|
+ _converse.api.settings.set('show_images_inline', ['conversejs.org']);
|
|
|
+ const view = _converse.api.chatviews.get(contact_jid);
|
|
|
+ spyOn(view.model, 'sendMessage').and.callThrough();
|
|
|
+ mock.sendMessage(view, message);
|
|
|
+ message = base_url+"/logo/conversejs-filled.svg";
|
|
|
+ mock.sendMessage(view, message);
|
|
|
+ await u.waitUntil(() => view.el.querySelectorAll('.chat-content .chat-msg').length === 2, 1000);
|
|
|
+ await u.waitUntil(() => view.el.querySelectorAll('.chat-content .chat-image').length === 1, 1000)
|
|
|
+ expect(view.content.querySelectorAll('.chat-content .chat-image').length).toBe(1);
|
|
|
+
|
|
|
done();
|
|
|
}));
|
|
|
|