ec3fc52a73
## Summary of Changes This pull request aligns all major interactive editor control elements in the Milkdown Crepe editor with the premium `SelectionAiPanel` / `IntelligenceToolbar` glassmorphism design. ### Changes: 1. **Selection Bubble Menu Unification:** Relocated the selection menu overrides from `Creator.razor.css` to `app.css` to resolve scoping bugs. Themed to match the Reader's selection popup 1:1. 2. **Editor Controls Theming:** Themed table cell drag handles, table actions popups, line insertion handles & add buttons, Notion-style paragraph drag handles, and slash commands menus with glassmorphic backgrounds, perimeter borders, hover transitions, and active accent states. 3. **Visibility Lifecycle Fixes:** Excluded `.cell-handle` and `.milkdown-block-handle` from explicit `display: none !important` rules when hidden, preserving their dimensions for correct JS positioning calculations and preventing handles from jumping/sliding. 4. **Table Margin Clipping Fix:** Set `overflow: visible !important` on `.tableWrapper` to allow table controls to draw cleanly into the editor canvas's padding zone without boundary clipping. Resolves #82. --------- Co-authored-by: Marek Jasiński <jasins.marek@gmail.com> Reviewed-on: #81 Co-authored-by: Antigravity <antigravity@google.com> Co-committed-by: Antigravity <antigravity@google.com>
55 lines
1.4 KiB
C#
55 lines
1.4 KiB
C#
using FluentAssertions;
|
|
using NexusReader.Infrastructure.Services;
|
|
using Xunit;
|
|
|
|
namespace NexusReader.Application.Tests.Services;
|
|
|
|
public class HtmlSanitizerServiceTests
|
|
{
|
|
[Fact]
|
|
public void Sanitize_WithSafeInput_ReturnsSameInput()
|
|
{
|
|
// Arrange
|
|
var service = new HtmlSanitizerService();
|
|
var input = "<p>This is a safe <strong>paragraph</strong>.</p>";
|
|
|
|
// Act
|
|
var result = service.Sanitize(input);
|
|
|
|
// Assert
|
|
result.Should().Be(input);
|
|
}
|
|
|
|
[Fact]
|
|
public void Sanitize_WithScriptTag_StripsScriptTag()
|
|
{
|
|
// Arrange
|
|
var service = new HtmlSanitizerService();
|
|
var input = "<p>Hello</p><script>alert('xss')</script>";
|
|
|
|
// Act
|
|
var result = service.Sanitize(input);
|
|
|
|
// Assert
|
|
result.Should().NotContain("<script>");
|
|
result.Should().NotContain("alert");
|
|
result.Should().Be("<p>Hello</p>");
|
|
}
|
|
|
|
[Fact]
|
|
public void Sanitize_WithOnEventHandlerAttribute_StripsOnError()
|
|
{
|
|
// Arrange
|
|
var service = new HtmlSanitizerService();
|
|
var input = "<img src=\"x\" onerror=\"alert(1)\" />";
|
|
|
|
// Act
|
|
var result = service.Sanitize(input);
|
|
|
|
// Assert
|
|
result.Should().NotContain("onerror");
|
|
result.Should().NotContain("alert");
|
|
result.Should().Contain("<img src=\"x\">");
|
|
}
|
|
}
|