Commit 255de8b0 authored by Nicolas Delaby's avatar Nicolas Delaby

Typo: replace html_content by safe_html in checks.

Add explanation about style nodes.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@33628 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent f08b1254
......@@ -1505,8 +1505,13 @@ style=3D'color:black'>05D65812<o:p></o:p></span></p>
"""
web_page.edit(text_content=html_content)
safe_html = web_page.asSafeHTML()
self.assertTrue('inside very broken HTML code' in html_content)
self.assertTrue('AZERTYY' not in html_content)
self.assertTrue('inside very broken HTML code' in safe_html)
# http://www.w3.org/TR/REC-html40/present/styles.html#edef-STYLE
# according to the HTML spec, style nodes contains only
# CDATA, so comments nodes are serialised as Text.
# The parser is not able to remove these pseudo comments nodes.
# Anyway style nodes should be stripped.
self.assertTrue('AZERTYY' not in safe_html)
class TestDocumentWithSecurity(ERP5TypeTestCase):
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment