Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
zulip/zerver/tests
History
Tim Abbott a920544bc3
invite emails: Ensure user-controlled input is always in links. 
Popular email clients like Gmail will automatically linkify link-like
content present in an HTML email they receive, even if it doesn't have
links in it.  This made it possible to include what in Gmail will be a
user-controlled link in invitation emails that Zulip sends, which a
spammer/phisher could try to take advantage of to send really bad spam
(the limitation of having the rest of the invitation email HTML there
makes it hard to do something compelling here).

We close this opportunity by structuring our emails to always show the
user's name inside an existing link, so that Gmail won't do new
linkification, and add a test to help ensure we don't remove this
structure in a future design change.

Co-authored-by: Anders Kaseorg <andersk@mit.edu>
 		2020-05-08 14:02:41 -07:00
..
fixtures bugdown: Support hanging_lists preprocessor for indented lists. 2020-04-30 17:54:40 -07:00
images emoji: Only resize custom emoji that need it. 2019-01-29 10:33:50 -08:00
__init__.py
test_alert_words.py alert_words: Change test_alert_words to use actions.do_*(). 2020-04-27 22:53:25 -07:00
test_archive.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_attachments.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_audit_log.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_auth_backends.py test_auth_backends: Add documentation for the main test interface. 2020-05-02 14:41:21 -07:00
test_bots.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_bugdown.py markdown: Set default code block language for quotes and latex as well. 2020-04-23 17:51:01 -07:00
test_cache.py logging: Pass format arguments to logging. 2020-05-02 10:18:02 -07:00
test_camo.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_compatibility.py version: Update for Zulip Desktop v5.2.0. 2020-05-07 11:25:15 -07:00
test_create_video_call.py tests: Limit email-based logins. 2020-03-11 17:10:22 -07:00
test_custom_profile_data.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_decorators.py logging: Pass format arguments to logging. 2020-05-02 10:18:02 -07:00
test_digest.py streams: Remove dependency of streams on actions. 2020-04-18 16:56:59 -07:00
test_docs.py test_docs: Update a string for verifying docs. 2020-05-05 17:26:22 -07:00
test_email_change.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_email_log.py emails: Don't log emails while running test suite. 2018-10-11 15:12:08 -07:00
test_email_mirror.py logging: Pass format arguments to logging. 2020-05-02 10:18:02 -07:00
test_email_notifications.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_embedded_bot_system.py logging: Pass format arguments to logging. 2020-05-02 10:18:02 -07:00
test_event_queue.py python: Whitespace fixes from autopep8. 2020-04-21 17:58:09 -07:00
test_events.py data exports: Keep deleted export in UI table. 2020-04-30 13:00:59 -07:00
test_external.py logging: Pass format arguments to logging. 2020-05-02 10:18:02 -07:00
test_gitter_importer.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_hipchat_importer.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_home.py settings: Offer hiding presence info from other users. 2020-05-02 15:09:05 -07:00
test_hotspots.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_i18n.py i18n: Update translation data from Transifex. 2020-05-07 16:09:16 -07:00
test_import_export.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_integrations.py tools: Allow specifying more options when capturing screenshot. 2020-04-28 13:00:09 -07:00
test_integrations_dev_panel.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_internet.py tests: Replace httpretty with responses. 2020-01-22 11:56:15 -08:00
test_legacy_subject.py tests: Limit email-based logins. 2020-03-11 17:10:22 -07:00
test_link_embed.py url_preview: Discard url in oembed if server returns invalid json. 2020-04-11 11:54:54 -07:00
test_logging_handlers.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_management_commands.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_mattermost_importer.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_message_edit_notifications.py tests: Cleanup test_message_edit_notifications. 2020-04-29 17:15:51 -07:00
test_messages.py api: Improve consistency of reactions API. 2020-04-26 10:35:55 -07:00
test_middleware.py streams: Remove dependency of streams on actions. 2020-04-18 16:56:59 -07:00
test_migrations.py test_migrations: Disable migrations test. 2019-05-12 22:06:17 -07:00
test_muting.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_narrow.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_new_users.py tests: Use email/delivery_email more explicitly. 2020-03-19 16:04:03 -07:00
test_onboarding.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_openapi.py urls: Migrate urls to use modern django pattern. 2020-05-07 16:28:58 -07:00
test_outgoing_webhook_interfaces.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_outgoing_webhook_system.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_populate_db.py models: Migration of Message.pub_date to date_sent, part 2. 2019-10-05 19:01:34 -07:00
test_presence.py settings: Offer hiding presence info from other users. 2020-05-02 15:09:05 -07:00
test_push_notifications.py logging: Pass format arguments to logging. 2020-05-02 10:18:02 -07:00
test_queue.py Upgrade pika to 1.1.*. 2019-10-29 17:01:12 -07:00
test_queue_worker.py logging: Pass format arguments to logging. 2020-05-02 10:18:02 -07:00
test_rate_limiter.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_reactions.py api: Guess emoji_type when adding a reaction. 2020-04-28 20:49:39 -07:00
test_realm.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_realm_domains.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_realm_emoji.py emoji_name: Raise correct exception if emoji_name is missing. 2020-04-12 11:52:45 -07:00
test_realm_export.py tests: Limit email-based logins. 2020-03-11 17:10:22 -07:00
test_realm_filters.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_redis_utils.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_report.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_retention.py retention: Optimize fetching of realms and streams with retention policy. 2020-05-07 16:28:05 -07:00
test_service_bot_system.py mypy: Add specific codes to type: ignore annotations. 2020-04-22 10:46:33 -07:00
test_sessions.py tests: Limit email-based logins. 2020-03-11 17:10:22 -07:00
test_settings.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_signup.py invite emails: Ensure user-controlled input is always in links. 2020-05-08 14:02:41 -07:00
test_slack_importer.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_slack_message_conversion.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_soft_deactivation.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_subdomains.py cleanup: Delete leading newlines. 2019-08-06 23:29:11 -07:00
test_submessage.py tests: Limit email-based logins. 2020-03-11 17:10:22 -07:00
test_subs.py actions: Remove deactivated stream from default stream groups. 2020-05-01 17:45:06 -07:00
test_templates.py requirements: Upgrade Python-Markdown from 3.1.1 to 3.2.1. 2020-04-18 13:09:51 -07:00
test_thumbnail.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_timestamp.py cleanup: Delete leading newlines. 2019-08-06 23:29:11 -07:00
test_tornado.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_transfer.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_tutorial.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_type_debug.py cleanup: Delete leading newlines. 2019-08-06 23:29:11 -07:00
test_typing.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_unread.py test_unread: Remove test for removed mobile hack. 2020-04-26 23:41:53 -07:00
test_upload.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_urls.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_user_groups.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_user_status.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_users.py user_name: Prevent users from setting name ending with |number. 2020-04-30 15:59:12 -07:00
test_webhooks_common.py mypy: Add specific codes to type: ignore annotations. 2020-04-22 10:46:33 -07:00
test_widgets.py python: Convert assignment type annotations to Python 3.6 style. 2020-04-22 11:02:32 -07:00
test_zcommand.py python: Modernize legacy Python 2 syntax with pyupgrade. 2020-04-09 16:43:22 -07:00
test_zephyr.py tests: Limit email-based logins. 2020-03-11 17:10:22 -07:00