Prevent remote image injection with /img/emoji/ in url (#1245)

* test remote img blocking with /img/emoji/ in url * fix emoji filter prevent injection of remote img with /img/emoji in url
2021-07-23 20:00:04 +02:00
parent ae78283caf
commit a8e93de134
2 changed files with 2 additions and 2 deletions
--- a/core/chat/messageRendering_test.go
+++ b/core/chat/messageRendering_test.go
@@ -33,7 +33,7 @@ blah blah blah

 // Test to make sure we block remote images in chat messages.
 func TestBlockRemoteImages(t *testing.T) {
-	messageContent := `<img src="https://via.placeholder.com/350x150"> test ![](https://via.placeholder.com/350x150)`
+	messageContent := `<img src="https://via.placeholder.com/img/emoji/350x150"> test ![](https://via.placeholder.com/img/emoji/350x150)`
 	expected := `<p> test </p>`
 	result := events.RenderAndSanitize(messageContent)