#!/usr/bin/env python
# -*- coding: utf-8 -*-
"""
Test the openslides forms.
:copyright: 2011, 2012, 2013 by the OpenSlides team, see AUTHORS.
:license: GNU GPL, see LICENSE for more details.
"""
from django import forms
from openslides.utils.forms import CleanHtmlFormMixin
from openslides.utils.test import TestCase
class HtmlTestForm(CleanHtmlFormMixin, forms.Form):
text = forms.CharField()
text2 = forms.CharField()
clean_html_fields = ('text',)
class CleanHtmlTest(TestCase):
def clean_html(self, dirty='', clean=False):
form = HtmlTestForm({'text': dirty, 'text2': dirty})
form.is_valid()
# No forbidden HTML-tags, nothing should change
if not clean:
self.assertEqual(form.cleaned_data['text'], dirty)
# Something was removed
else:
self.assertEqual(form.cleaned_data['text'], clean)
# Field text2 has the same content, but is never passed through the
# HTML-cleanup and should never change
self.assertEqual(form.cleaned_data['text2'], dirty)
def test_clean_html(self):
"""
Test that the correct HTML tags and attributes are removed
"""
# Forbidden tags and attributes
self.clean_html('', 'do_evil();')
self.clean_html('evil', 'evil')
self.clean_html('good?
', 'good?
')
self.clean_html('Not evil
', 'Not evil
')
self.clean_html('evil
', 'evil')
self.clean_html('bad
', 'bad
')
self.clean_html('', 'OK')
self.clean_html('OK
', 'OK')
self.clean_html('OK
', 'OK
')
# Allowed tags and attributes
self.clean_html('good?')
self.clean_html('OK
')
self.clean_html('OK
')
self.clean_html('OK
')
self.clean_html('')