This is a link www.example.org
' + fill_in 'debate_captcha', with: correct_captcha_text + check 'debate_terms_of_service' + + click_button 'Start a debate' + + expect(page).to have_content 'Debate was successfully created.' + expect(page).to have_content 'Testing auto link' + expect(page).to have_link('www.example.org', href: 'http://www.example.org') + end + + scenario 'JS injection is prevented but autolinking is respected' do + author = create(:user) + login_as(author) + + visit new_debate_path + fill_in 'debate_title', with: 'Testing auto link' + fill_in 'debate_description', with: " click me http://example.org" + fill_in 'debate_captcha', with: correct_captcha_text + check 'debate_terms_of_service' + + click_button 'Start a debate' + + expect(page).to have_content 'Debate was successfully created.' + expect(page).to have_content 'Testing auto link' + expect(page).to have_link('http://example.org', href: 'http://example.org') + expect(page).not_to have_link('click me') + expect(page.html).to_not include "" + + click_link 'Edit' + + expect(current_path).to eq edit_debate_path(Debate.last) + expect(page).not_to have_link('click me') + expect(page.html).to_not include "" + end + context 'Tagging debates' do let(:author) { create(:user) }