[Erp5-report] r33439 nicolas - /erp5/trunk/products/ERP5OOo/tests/testDms.py
nobody at svn.erp5.org
nobody at svn.erp5.org
Fri Mar 5 12:08:08 CET 2010
Author: nicolas
Date: Fri Mar 5 12:08:06 2010
New Revision: 33439
URL: http://svn.erp5.org?rev=33439&view=rev
Log:
Test asSafeHTML output of documents.
Modified:
erp5/trunk/products/ERP5OOo/tests/testDms.py
Modified: erp5/trunk/products/ERP5OOo/tests/testDms.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5OOo/tests/testDms.py?rev=33439&r1=33438&r2=33439&view=diff
==============================================================================
--- erp5/trunk/products/ERP5OOo/tests/testDms.py [utf8] (original)
+++ erp5/trunk/products/ERP5OOo/tests/testDms.py [utf8] Fri Mar 5 12:08:06 2010
@@ -1405,6 +1405,79 @@
self.assertSameSet([person1, person2],
doc.getContributorValueList())
+ def test_safeHTML_conversion(self):
+ """This test create a Web Page and test asSafeHTML conversion.
+ Test also with a very non well-formed html document
+ to stress conversion engine.
+ """
+ # create web page
+ web_page_portal_type = 'Web Page'
+ module = self.portal.getDefaultModule(web_page_portal_type)
+ web_page = module.newContent(portal_type=web_page_portal_type)
+
+ html_content = """<html>
+ <head>
+ <title>My dirty title</title>
+ </head>
+ <body>
+ <div>
+ <h1>My splendid title</h1>
+ </div>
+ <script type="text/javascript" src="http://example.com/something.js"/>
+ </body>
+ </html>
+ """
+ web_page.edit(text_content=html_content)
+
+ # convert web_page into safe-html
+ format = 'text/x-html-safe'
+ safe_html = web_page.asSafeHTML()
+ self.assertTrue('My splendid title' in safe_html)
+ self.assertTrue('script' not in safe_html, safe_html)
+ self.assertTrue('something.js' not in safe_html, safe_html)
+
+ # now check converted value is stored in cache
+ self.assertTrue(web_page.hasConversion(format=format))
+ web_page.edit(text_content=None)
+ self.assertFalse(web_page.hasConversion(format=format))
+
+ # test with not well-formed html document
+ html_content = """
+ <HTML dir=3Dltr><HEAD>=0A=
+<META http-equiv=3DContent-Type content=3D"text/html; charset=3Dunicode">=0A=
+<META content=3D"DIRTYHTML 6.00.2900.2722" name=3DGENERATOR></HEAD>=0A=
+
+<BODY>=0A=
+<DIV><FONT face=3D"Times New Roman" color=3D#000000 size=3D3>blablalba</FONT></DIV>=0A=
+<DIV> </DIV>=0A=
+<DIV></DIV>=0A=
+<DIV> </DIV>=0A=
+<DIV> </DIV>=0A=
+<DIV> </DIV>=0A=
+<br>=
+<!DOCTYPE html PUBLIC \\\"-//W3C//DTD XHTML 1.0 Transitional//EN\\\\=
+" \\\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\\\">=
+=0A<html xmlns=3D\\\"http://www.w3.org/1999/xhtml\\\">=0A<head>=0A<m=
+eta http-equiv=3D\\\"Content-Type\\\" content=3D\\\"text/html; c=
+harset=3Diso-8859-1\\\" />=0A<style type=3D\\\"text/css\\\">=0A<=
+!--=0A.style1 {font-size: 8px}=0A.style2 {font-family: Arial, Helvetica, san=
+s-serif}=0A.style3 {font-size: 8px; font-family: Arial, Helvetica, sans-seri=
+f; }=0A-->=0A</style>=0A</head>=0A=0A<body>=0A<div>=0A <p><span class=3D\\=
+\\"style1\\\"><span class=3D\\\"style2\\\"><strong>I'm inside very broken HTML code</strong><br />=0A ERP5<br />=0A
+ERP5
+<br />=0A =
+</span></span></p>=0A <p class=3D\\\"sty=
+le3\\\">ERP5:<br />=0A </p>=0A <p class=3D\\\"style3\\\"><strong>ERP5</strong>=
+
+<br />=0A ERP5</p>=0A</di=
+v>=0A</body>=0A</html>=0A
+<br>=
+</BODY></HTML>
+ """
+ web_page.edit(text_content=html_content)
+ safe_html = web_page.asSafeHTML()
+ self.assertTrue('inside very broken HTML code' in html_content)
+
class TestDocumentWithSecurity(ERP5TypeTestCase):
username = 'yusei'
More information about the Erp5-report
mailing list