diff options
| author | Marin Jankovski <marin@gitlab.com> | 2014-05-30 17:09:31 +0200 |
|---|---|---|
| committer | Marin Jankovski <marin@gitlab.com> | 2014-05-30 17:09:31 +0200 |
| commit | 4a03bbe4831399381a45cde7fd19ecfb67895bd4 (patch) | |
| tree | 292355575d9f0656de5ea84d8461fcdd331202a6 | |
| parent | 3910b5917c84875f94f8b15594e4c506a3de39cc (diff) | |
| download | gitlab-ce-4a03bbe4831399381a45cde7fd19ecfb67895bd4.tar.gz | |
Add nofollow to all internal links.
| -rw-r--r-- | app/helpers/application_helper.rb | 27 | ||||
| -rw-r--r-- | spec/helpers/application_helper_spec.rb | 23 |
2 files changed, 43 insertions, 7 deletions
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 4a3b345bdfe..198ca76545c 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -233,16 +233,29 @@ module ApplicationHelper end def link_to(name = nil, options = nil, html_options = nil, &block) - if html_options - if html_options[:rel] - html_options[:rel] << " noreferrer" + begin + uri = URI(options) + host = uri.host + absolute_uri = uri.absolute? + rescue URI::InvalidURIError, ArgumentError + host = nil + absolute_uri = nil + end + + # Add "nofollow" only to external links + if host && host != Gitlab.config.gitlab.host && absolute_uri + if html_options + if html_options[:rel] + html_options[:rel] << " nofollow" + else + html_options.merge!(rel: "nofollow") + end else - html_options.merge(rel: "noreferrer") + html_options = Hash.new + html_options[:rel] = "nofollow" end - else - html_options = Hash.new - html_options[:rel] = "noreferrer" end + super end end diff --git a/spec/helpers/application_helper_spec.rb b/spec/helpers/application_helper_spec.rb index 0376e0aadf0..10c5617d245 100644 --- a/spec/helpers/application_helper_spec.rb +++ b/spec/helpers/application_helper_spec.rb @@ -195,4 +195,27 @@ describe ApplicationHelper do simple_sanitize(input).should == a_tag end end + + describe "link_to" do + + it "should not include rel=nofollow for internal links" do + expect(link_to("Home", root_path)).to eq("<a href=\"/\">Home</a>") + end + + it "should include rel=nofollow for external links" do + expect(link_to("Example", "http://www.example.com")).to eq("<a href=\"http://www.example.com\" rel=\"nofollow\">Example</a>") + end + + it "should include re=nofollow for external links and honor existing html_options" do + expect( + link_to("Example", "http://www.example.com", class: "toggle", data: {toggle: "dropdown"}) + ).to eq("<a class=\"toggle\" data-toggle=\"dropdown\" href=\"http://www.example.com\" rel=\"nofollow\">Example</a>") + end + + it "should include rel=nofollow for external links and preserver other rel values" do + expect( + link_to("Example", "http://www.example.com", rel: "noreferrer") + ).to eq("<a href=\"http://www.example.com\" rel=\"noreferrer nofollow\">Example</a>") + end + end end |