From b42469e4e06d82a0e458b94379e226257ba3ca6c Mon Sep 17 00:00:00 2001
From: tobi <31960611+tsmethurst@users.noreply.github.com>
Date: Mon, 12 Sep 2022 13:14:29 +0200
Subject: [feature] Allow users to set custom css for their profiles + threads
(#808)
* add custom css account property + db func to fetch
* allow account to get/set custom css
* serve custom css for an account
* go fmt
* use monospace for customcss, add link
* add custom css to account cache
* fix broken field
* add custom css docs to user guide
* add `accounts-allow-custom-css` config flag
* add allow custom css to /api/v1/instance response
* only show/set custom css if allowed to do so
* only set/serve custom account css if enabled
* update swagger docs
* chain promise
* make bool a bit clearer
* use cache for GetAccountCustomCSSByUsername
---
internal/text/sanitize_test.go | 29 +++++++++++++++++++++++++++++
1 file changed, 29 insertions(+)
(limited to 'internal/text')
diff --git a/internal/text/sanitize_test.go b/internal/text/sanitize_test.go
index eea5daadb..727da6f35 100644
--- a/internal/text/sanitize_test.go
+++ b/internal/text/sanitize_test.go
@@ -94,6 +94,35 @@ func (suite *SanitizeTestSuite) TestSanitizeCaption6() {
suite.Equal("hello world", sanitized)
}
+func (suite *SanitizeTestSuite) TestSanitizeCustomCSS() {
+ customCSS := `.toot .username {
+ color: var(--link_fg);
+ line-height: 2rem;
+ margin-top: -0.5rem;
+ align-self: start;
+
+ white-space: nowrap;
+ overflow: hidden;
+ text-overflow: ellipsis;
+}`
+ sanitized := text.SanitizePlaintext(customCSS)
+ suite.Equal(customCSS, sanitized) // should be the same as it was before
+}
+
+func (suite *SanitizeTestSuite) TestSanitizeNaughtyCustomCSS1() {
+ // try to break out of pee pee poo poo