Mercurial > libervia-backend

comparison src/test/test_plugin_text_syntaxes.py @ 780:9810f22ba733

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
test: store the constants in constants.py + better PEP8 compliance
author souliane <souliane@mailoo.org>
date Sat, 04 Jan 2014 15:45:08 +0100
parents 4284b6ad8aa3
children
comparison
equal deleted inserted replaced
779:a978c703bf57 780:9810f22ba733
27 27
28 def setUp(self): 28 def setUp(self):
29 self.host = helpers.FakeSAT() 29 self.host = helpers.FakeSAT()
30 self.text_syntaxes = plugin_misc_text_syntaxes.TextSyntaxes(self.host) 30 self.text_syntaxes = plugin_misc_text_syntaxes.TextSyntaxes(self.host)
31 31
32
33 def test_xhtml_sanitise(self): 32 def test_xhtml_sanitise(self):
34 evil_html = """ 33 evil_html = """
35 <html> 34 <html>
36 <head> 35 <head>
37 <script type="text/javascript" src="evil-site"></script> 36 <script type="text/javascript" src="evil-site"></script>
54 </form> 53 </form>
55 <blink>annoying EVIL!</blink> 54 <blink>annoying EVIL!</blink>
56 <a href="evil-site">spam spam SPAM!</a> 55 <a href="evil-site">spam spam SPAM!</a>
57 <image src="evil!"> 56 <image src="evil!">
58 </body> 57 </body>
59 </html>""" # example from lxml: /usr/share/doc/python-lxml-doc/html/lxmlhtml.html#cleaning-up-html 58 </html>""" # example from lxml: /usr/share/doc/python-lxml-doc/html/lxmlhtml.html#cleaning-up-html
60 59
61 expected = """<div> 60 expected = """<div>
62 <style>/* deleted */</style> 61 <style>/* deleted */</style>
63 <body> 62 <body>
64 <a href="">a link</a> 63 <a href="">a link</a>
75 74
76 d = self.text_syntaxes.clean_xhtml(evil_html) 75 d = self.text_syntaxes.clean_xhtml(evil_html)
77 d.addCallback(self.assertEqualXML, expected, ignore_blank=True) 76 d.addCallback(self.assertEqualXML, expected, ignore_blank=True)
78 return d 77 return d
79 78
80
81 def test_styles_sanitise(self): 79 def test_styles_sanitise(self):
82 evil_html = """<p style='display: None; test: blah; background: url(: alert()); color: blue;'>test <strong>retest</strong><br><span style="background-color: (alert('bouh')); titi; color: #cf2828; font-size: 3px; direction: !important; color: red; color: red !important; font-size: 100px !important; font-size: 100px ! important; font-size: 100%; font-size: 100ox; font-size: 100px; font-size: 100;;;; font-size: 100 %; color: 100 px 1.7em; color: rgba(0, 0, 0, 0.1); color: rgb(35,79,255); background-color: no-repeat; background-color: :alert(1); color: (alert('XSS')); color: (window.location='http://example.org/'); color: url(:window.location='http://example.org/'); "> toto </span></p>""" 80 evil_html = """<p style='display: None; test: blah; background: url(: alert()); color: blue;'>test <strong>retest</strong><br><span style="background-color: (alert('bouh')); titi; color: #cf2828; font-size: 3px; direction: !important; color: red; color: red !important; font-size: 100px !important; font-size: 100px ! important; font-size: 100%; font-size: 100ox; font-size: 100px; font-size: 100;;;; font-size: 100 %; color: 100 px 1.7em; color: rgba(0, 0, 0, 0.1); color: rgb(35,79,255); background-color: no-repeat; background-color: :alert(1); color: (alert('XSS')); color: (window.location='http://example.org/'); color: url(:window.location='http://example.org/'); "> toto </span></p>"""
83 81
84 expected = """<p style="color: blue">test <strong>retest</strong><br/><span style="color: #cf2828; font-size: 3px; color: red; color: red !important; font-size: 100px !important; font-size: 100%; font-size: 100px; font-size: 100; font-size: 100 %; color: rgba(0, 0, 0, 0.1); color: rgb(35,79,255); background-color: no-repeat"> toto </span></p>""" 82 expected = """<p style="color: blue">test <strong>retest</strong><br/><span style="color: #cf2828; font-size: 3px; color: red; color: red !important; font-size: 100px !important; font-size: 100%; font-size: 100px; font-size: 100; font-size: 100 %; color: rgba(0, 0, 0, 0.1); color: rgb(35,79,255); background-color: no-repeat"> toto </span></p>"""
85 83