Fix test and add nasty tags to valid_elements in TinyMCE,

we want to drop the tags in the backenend, so TinyMCE shouldn't touch it.
plone · Jul 28, 2017 · 6dd64f5 · 6dd64f5
1 parent 7d9cb36
commit 6dd64f5
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 3 deletions.
diff --git a/Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_filter.py b/Products/CMFPlone/controlpanel/tests/test_controlpanel_browser_filter.py
@@ -86,6 +86,11 @@ def test_nasty_tags(self):
         self.browser.getControl(
             name='form.widgets.nasty_tags'
         ).value = 'div\r\na'
+        valid_tags = self.browser.getControl(
+            name='form.widgets.valid_tags').value
+        valid_tags = valid_tags.replace('a\r\n', '')
+        valid_tags = self.browser.getControl(
+            name='form.widgets.valid_tags').value = valid_tags
         self.browser.getControl('Save').click()
 
         # test that <a> is filtered
@@ -94,5 +99,5 @@ def test_nasty_tags(self):
         ds = datastream('dummy_name')
         self.assertEqual(
             str(self.safe_html.convert(good_html, ds)),
-            ''
+            '<p/>'
         )
diff --git a/Products/CMFPlone/patterns/tinymce.py b/Products/CMFPlone/patterns/tinymce.py
@@ -207,6 +207,7 @@ def get_tiny_config(self):
         # add safe_html settings, which are useed in backend for filtering:
         if not self.filter_settings.disable_filtering:
             valid_tags = self.filter_settings.valid_tags
+            nasty_tags = self.filter_settings.nasty_tags
             custom_attributes = self.filter_settings.custom_attributes
             safe_attributes = [attr.decode() for attr in html.defs.safe_attrs]
             valid_attributes = safe_attributes + custom_attributes
@@ -215,6 +216,11 @@ def get_tiny_config(self):
             for tag in valid_tags:
                 tag_str = "%s[%s]" % (tag, "|".join(valid_attributes))
                 tiny_valid_elements.append(tag_str)
+            # We want to remove the nasty tag including the content in the
+            # backend, so TinyMCE should allow them here.
+            for tag in nasty_tags:
+                tag_str = "%s[%s]" % (tag, "|".join(valid_attributes))
+                tiny_valid_elements.append(tag_str)
             tiny_config['valid_elements'] = ",".join(tiny_valid_elements)
 
         if settings.other_settings:

diff --git a/Products/CMFPlone/tests/robot/test_controlpanel_filter.robot b/Products/CMFPlone/tests/robot/test_controlpanel_filter.robot
@@ -27,7 +27,7 @@ Test Teardown  Run keywords  Plone Test Teardown
 Scenario: Configure Filter Control Panel to filter out nasty tags
   Given a logged-in site administrator
     and the filter control panel
-   When I add 'h1' to the nasty tags list
+   When I add 'h1' to the nasty tags list and remove it from the valid tags list
    Then the 'h1' tag is filtered out when a document is saved
 
 Scenario: Configure Filter Control Panel to strip out tags
@@ -72,8 +72,9 @@ Input RichText
 
 # --- WHEN -------------------------------------------------------------------
 
-I add '${tag}' to the nasty tags list
+I add '${tag}' to the nasty tags list and remove it from the valid tags list
   Input Text  name=form.widgets.nasty_tags  ${tag}
+  Remove line from textarea  form.widgets.valid_tags  ${tag}
   Click Button  Save
   Wait until page contains  Changes saved