(ns utils.url-test (:require [cljs.test :refer-macros [deftest is testing]] [utils.url :as url])) (deftest url-sanitize-check (testing "https://storage.googleapis.com/ck-kitty-image/0x06012c8cf97bead5deae237070f9587f8e7a266d/818934.svg" (testing "it returns true" (is (url/url-sanitized? "https://storage.googleapis.com/ck-kitty-image/0x06012c8cf97bead5deae237070f9587f8e7a266d/818934.svg")))) (testing "https://www.cryptostrikers.com/assets/images/cards/017.svg" (testing "it returns true" (is (url/url-sanitized? "https://www.cryptostrikers.com/assets/images/cards/017.svg")))) (testing "https://www.etheremon.com/assets/images/mons_origin/025.png" (testing "it returns true" (is (url/url-sanitized? "https://www.etheremon.com/assets/images/mons_origin/025.png")))) (testing "http://www.etheremon.com/assets/images/mons_origin/025.png" (testing "it returns false" (is (not (url/url-sanitized? "http://www.etheremon.com/assets/images/mons_origin/025.png"))))) (testing "xxx:x \\\\x0Aonerror=javascript:alert(1)" (testing "it returns false" (is (not (url/url-sanitized? "xxx:x \\\\x0Aonerror=javascript:alert(1)"))))) (testing "https://www.etheremon.com/assets/images/mons_origin/025.png'<script>alert('123');</script>" (testing "it returns false" (is (not (url/url-sanitized? "https://www.etheremon.com/assets/images/mons_origin/025.png'<script>alert('123');</script>"))))) (testing "https://www.etheremon.com/assets/images/mons'<script>alert('123');</script>origin/025.png" (testing "it returns false" (is (not (url/url-sanitized? "https://www.etheremon.com/assets/images/mons'<script>alert('123');</script>origin/025.png"))))) (testing "https://www.etheremon.com/assets/images/mons_origin/025.png'><script>\\\\x3Bjavascript:alert(1)</script>" (testing "it returns false" (is (not (url/url-sanitized? "https://www.etheremon.com/assets/images/mons_origin/025.png'><script>\\\\x3Bjavascript:alert(1)</script>"))))) (testing "https://www.etheremon.com/assets/images/mons'><script>\\\\x3Bjavascript:alert(1)</script>origin/025.png" (testing "it returns false" (is (not (url/url-sanitized? "https://www.etheremon.com/assets/images/mons'><script>\\\\x3Bjavascript:alert(1)</script>origin/025.png")))))) (deftest url-host-check (testing "Extract host/domain from URL" (testing "Valid URL with endpoint" (is (= "status.im" (url/url-host "https://status.im/testing")))) (testing "Valid URL" (is (= "status.im" (url/url-host "http://status.im")))) (testing "Blank domainlocalhost" (is (nil? (url/url-host "localhost:3000/testing"))))) (testing "Return nil for Invalid URL" (testing "Bad scheme" (is (nil? (url/url-host "invalid//status.im/testing")))) (testing "No scheme" (is (nil? (url/url-host "status.im/testing"))))))