Fix test.

celo-org · Dec 7, 2023 · 83daba8 · 83daba8
1 parent 7a9c098
commit 83daba8
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 4 deletions.
diff --git a/.../block_scout_web/lib/block_scout_web/templates/tokens/instance/overview/_details.html.eex b/.../block_scout_web/lib/block_scout_web/templates/tokens/instance/overview/_details.html.eex
@@ -41,7 +41,7 @@
             <div class="d-flex flex-row justify-content-start text-muted">
               <%= if external_url(@token_instance.instance) do %>
                 <span class="mr-4">
-                  <a data-test="external_url" href=<%=external_url(@token_instance.instance) %> target="_blank">
+                  <a data-test="external_url" href=<%= external_url(@token_instance.instance) %> target="_blank">
                   View In App <span class="external-token-icon"><%= render BlockScoutWeb.IconsView, "_external_link.html" %></span>
                   </a>
                 </span>

diff --git a/apps/block_scout_web/lib/block_scout_web/views/tokens/instance/overview_view.ex b/apps/block_scout_web/lib/block_scout_web/views/tokens/instance/overview_view.ex
@@ -102,10 +102,14 @@ defmodule BlockScoutWeb.Tokens.Instance.OverviewView do
 
   def external_url(nil), do: nil
 
+  def external_url("http" <> _rest = external_url), do: external_url
+
+  def external_url(string) when is_binary(string), do: external_url(nil)
+
   def external_url(instance) do
     result =
       if instance.metadata && instance.metadata["external_url"] do
-        instance.metadata["external_url"]
+        instance.metadata["external_url"] |> external_url()
       else
         external_url(nil)
       end

diff --git a/apps/block_scout_web/test/block_scout_web/views/tokens/instance/overview_view_test.exs b/apps/block_scout_web/test/block_scout_web/views/tokens/instance/overview_view_test.exs
@@ -127,15 +127,32 @@ defmodule BlockScoutWeb.Tokens.Instance.OverviewViewTest do
           "name": "CELO XSS",
           "image": "https://0-a.nl/nft/nft.jpg",
           "description": "CELO XSS",
-          "external_url": "javascript:eval(atob('YWxlcnQoZG9jdW1lbnQuZG9tYW'))"
+          "external_url": "javascript:eval(atob('YWxlcnQoIndoYXRzdXAgaXQncyB5YSBib3l5Iik'))"
         }
       """
 
       data = Jason.decode!(json)
 
       result = OverviewView.external_url(%{metadata: data})
 
-      refute String.starts_with?(result, "javascript"), "non http url schemes should be stripped from external_url"
+      assert result == nil, "non http url schemes should be stripped from external_url and treated as missing"
+    end
+
+    test "Returns valid uri scheme" do
+      json = """
+        {
+          "name": "CELO NFT test",
+          "image": "https://0-a.nl/nft/nft.jpg",
+          "description": "CELO NFT test",
+          "external_url": "https://happyland.nft"
+        }
+      """
+
+      data = Jason.decode!(json)
+
+      result = OverviewView.external_url(%{metadata: data})
+
+      assert String.starts_with?(result, "http"), "Valid url should be returned"
     end
   end
 end