Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Fixed #11376: added some extra tests for autoescaping subtleties.

Thanks, Stephen Kelly.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13461 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit f40922609f6d8558773ec5004a1f974425596c6b 1 parent 2e3fdc6
Jacob Kaplan-Moss authored August 03, 2010

Showing 1 changed file with 20 additions and 2 deletions. Show diff stats Hide diff stats

  1. 22  tests/regressiontests/templates/tests.py
22  tests/regressiontests/templates/tests.py
@@ -603,7 +603,7 @@ def get_template_tests(self):
603 603
 
604 604
             #filters should accept empty string constants
605 605
             'filter-syntax20': ('{{ ""|default_if_none:"was none" }}', {}, ""),
606  
-
  606
+            
607 607
             ### COMMENT SYNTAX ########################################################
608 608
             'comment-syntax01': ("{# this is hidden #}hello", {}, "hello"),
609 609
             'comment-syntax02': ("{# this is hidden #}hello{# foo #}", {}, "hello"),
@@ -1296,7 +1296,8 @@ def get_template_tests(self):
1296 1296
 
1297 1297
             # Regression test for #11270.
1298 1298
             'cache17': ('{% load cache %}{% cache 10 long_cache_key poem %}Some Content{% endcache %}', {'poem': 'Oh freddled gruntbuggly/Thy micturations are to me/As plurdled gabbleblotchits/On a lurgid bee/That mordiously hath bitled out/Its earted jurtles/Into a rancid festering/Or else I shall rend thee in the gobberwarts with my blurglecruncheon/See if I dont.'}, 'Some Content'),
1299  
-
  1299
+                                    
  1300
+            
1300 1301
             ### AUTOESCAPE TAG ##############################################
1301 1302
             'autoescape-tag01': ("{% autoescape off %}hello{% endautoescape %}", {}, "hello"),
1302 1303
             'autoescape-tag02': ("{% autoescape off %}{{ first }}{% endautoescape %}", {"first": "<b>hello</b>"}, "<b>hello</b>"),
@@ -1325,6 +1326,23 @@ def get_template_tests(self):
1325 1326
             # implementation details (fortunately, the (no)autoescape block
1326 1327
             # tags can be used in those cases)
1327 1328
             'autoescape-filtertag01': ("{{ first }}{% filter safe %}{{ first }} x<y{% endfilter %}", {"first": "<a>"}, template.TemplateSyntaxError),
  1329
+        
  1330
+            # ifqeual compares unescaped vales.
  1331
+            'autoescape-ifequal01': ('{% ifequal var "this & that" %}yes{% endifequal %}', { "var": "this & that" }, "yes" ), 
  1332
+            
  1333
+            # Arguments to filters are 'safe' and manipulate their input unescaped. 
  1334
+            'autoescape-filters01': ('{{ var|cut:"&" }}', { "var": "this & that" }, "this  that" ), 
  1335
+            'autoescape-filters02': ('{{ var|join:" & \" }}', { "var": ("Tom", "Dick", "Harry") }, "Tom & Dick & Harry" ), 
  1336
+            
  1337
+            # Literal strings are safe. 
  1338
+            'autoescape-literals01': ('{{ "this & that" }}',{}, "this & that" ), 
  1339
+            
  1340
+            # Iterating over strings outputs safe characters. 
  1341
+            'autoescape-stringiterations01': ('{% for l in var %}{{ l }},{% endfor %}', {'var': 'K&R'}, "K,&amp;,R," ), 
  1342
+            
  1343
+            # Escape requirement survives lookup. 
  1344
+            'autoescape-lookup01': ('{{ var.key }}', { "var": {"key": "this & that" }}, "this &amp; that" ), 
  1345
+                    
1328 1346
         }
1329 1347
 
1330 1348
 

0 notes on commit f409226

Please sign in to comment.
Something went wrong with that request. Please try again.