Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: html blocks! #875

Merged
merged 7 commits into from
May 14, 2024
Merged

feat: html blocks! #875

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
3ca6ecc
setting html DANGEROUSLY
jennspencer May 9, 2024
e447442
UX fixes
jennspencer May 9, 2024
ec7af0d
updates
jennspencer May 9, 2024
175589e
tests & tests & tests
jennspencer May 10, 2024
88055d7
ugh
jennspencer May 10, 2024
af85883
Update __tests__/browser/markdown.test.js
jennspencer May 10, 2024
433e733
Merge branch 'beta' into jenn/rm-9019-convert-html-blocks-to-mdx
jennspencer May 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added ...al-regression-tests-rdmd-syntax-renders-html-tests-without-surprises-1-snap.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
2 changes: 1 addition & 1 deletion __tests__/browser/markdown.test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ describe('visual regression tests', () => {
//'features',
// 'headings',
'images',
// 'lists',
'htmlTests',
jennspencer marked this conversation as resolved.
Show resolved Hide resolved
// 'tables',
// 'tablesTests',
'codeBlockTests',
Expand Down
75 changes: 0 additions & 75 deletions __tests__/components/HTMLBlock.test.jsx
View file
Open in desktop

This file was deleted.

64 changes: 64 additions & 0 deletions __tests__/components/HTMLBlock.test.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
import { render, screen, cleanup } from '@testing-library/react';
import React from 'react';
import { renderToStaticMarkup, renderToString } from 'react-dom/server';
import { vi } from 'vitest';

import HTMLBlock from '../../components/HTMLBlock';
import { compile, run } from '../../index';

describe('HTML Block', () => {
beforeEach(() => {
global.mockFn = vi.fn();
});

afterEach(() => {
cleanup();
vi.restoreAllMocks();
});

it('runs user scripts in compat mode', () => {
render(<HTMLBlock runScripts={true}>{`<script>mockFn()</script>`}</HTMLBlock>);
expect(global.mockFn).toHaveBeenCalledTimes(1);
});

it("doesn't run user scripts by default", () => {
render(<HTMLBlock>{`<script>mockFn()</script>`}</HTMLBlock>);
expect(global.mockFn).toHaveBeenCalledTimes(0);
});

it("doesn't render user scripts by default", () => {
render(<HTMLBlock>{`<script>mockFn()</script>`}</HTMLBlock>);
expect(screen.queryByText('mockFn()')).not.toBeInTheDocument();
});

it("doesn't render user scripts with weird endings", () => {
render(<HTMLBlock>{`<script>mockFn()</script foo='bar'>`}</HTMLBlock>);
expect(screen.queryByText('mockFn()')).not.toBeInTheDocument();
});

it("doesn't render user scripts with a malicious string", () => {
render(<HTMLBlock>{`<scrip<script></script>t>mockFn()</s<script></script>cript>`}</HTMLBlock>);
expect(screen.queryByText('mockFn()')).not.toBeInTheDocument();
});

it("doesn't run scripts on the server (even in compat mode)", () => {
const html = `
<h1>Hello World</h1>
<script>mockFn()</script>
`;
const elem = <HTMLBlock runScripts={true}>{html}</HTMLBlock>;
const view = renderToString(elem);
expect(elem.props.runScripts).toBe(true);
expect(view.indexOf('<script>')).toBeLessThan(0);
expect(view.indexOf('<h1>')).toBeGreaterThanOrEqual(0);
});

it('renders the html in a `<pre>` tag if safeMode={true}', async () => {
const md = '<HTMLBlock safeMode={true}>{`<button onload="alert(\'gotcha!\')"/>`}</HTMLBlock>';
const code = compile(md);
const Component = await run(code);
expect(renderToStaticMarkup(<Component />)).toMatchInlineSnapshot(
'"<pre class="html-unsafe"><code>&lt;button onload=&quot;alert(&#x27;gotcha!&#x27;)&quot;/&gt;</code></pre>"',
);
});
Comment on lines +19 to +63
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we can scrap all these safety features now that all of the doc is executable?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lol honestly all these tests helped me dial the component in. i didn't realize i had swapped the "cleaned" vs "dirty" html until i got to the veeeery last test

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Keep whatever tests, but I think we can wholesale remove safeMode and runScripts

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i was actually going to ask you about that -- runScripts is a component prop, but safeMode and lazyImages are both processor options/settings for the user. we still need to support these in a similar way, yeah? i tried making the components basically HOC and passing args that way, but useMDXComponents was Not Having It

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of HOC's we should probably create a context for the options?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Really disappointed in myself that I didn't do that 2 years ago.

});
13 changes: 0 additions & 13 deletions __tests__/components/__snapshots__/test.js.snap
View file
Open in desktop

This file was deleted.

230 changes: 0 additions & 230 deletions __tests__/components/test.js
View file
Open in desktop

This file was deleted.

Loading
Loading