Permalink
Browse files

Add and use bleach_tags filter and fix tests

Add bleach and upgraded html5lib submodules
Replace all instances of strip_tags|safe with bleach_tags|safe
Fix tests
  • Loading branch information...
1 parent 016fc02 commit a683548ce43afa7635eb2c291c41fed550faf4d4 @jgmize jgmize committed Jan 10, 2015
View
@@ -64,3 +64,9 @@
[submodule "vendor-local/src/django"]
path = vendor-local/src/django
url = git://github.com/django/django.git
+[submodule "vendor-local/src/bleach"]
+ path = vendor-local/src/bleach
+ url = https://github.com/jsocol/bleach.git
+[submodule "vendor-local/src/html5lib"]
+ path = vendor-local/src/html5lib
+ url = https://github.com/html5lib/html5lib-python
@@ -10,13 +10,13 @@ A new violating website report has been submitted with the following information
{{ input_product }}
+ Specific product
-{{ input_specific_product|strip_tags|safe }}
+{{ input_specific_product|bleach_tags|safe }}
+ Other details...
-{{ input_details|strip_tags|safe }}
+{{ input_details|bleach_tags|safe }}
+ Attachments...
-{{ input_attachment_desc|strip_tags|safe }}
+{{ input_attachment_desc|bleach_tags|safe }}
+ Email
{{ input_email }}
@@ -1,4 +1,4 @@
-# -*- coding: utf8 -*-
+# -*- coding: utf-8 -*-
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
@@ -228,7 +228,7 @@ def test_emails_not_escaped(self):
"""
STRING1 = u"<em>J'adore Citröns</em> & <Piñatas> so there"
- EXPECTED1 = u"J'adore Citröns & <Piñatas> so there"
+ EXPECTED1 = u"J'adore Citröns & so there"
STRING2 = u"<em>J'adore Piñatas</em> & <fromage> so here"
EXPECTED2 = u"J'adore Piñatas & so here"
@@ -5,6 +5,7 @@
from django.conf import settings
from django.template.defaultfilters import slugify as django_slugify
+import bleach
import jingo
import jinja2
from funfactory.settings_base import path as base_path
@@ -517,3 +518,8 @@ def slugify(text):
trailing whitespace.
"""
return django_slugify(text)
+
+
+@jingo.register.filter
+def bleach_tags(text):
+ return bleach.clean(text, tags=[], strip=True).replace('&amp;', '&')
@@ -1,4 +1,4 @@
Email: {{ email }}
Area of Interest: {{ interest }}
Language: {{ request.locale }}
-Comment: {{ comments|strip_tags|safe }}
+Comment: {{ comments|bleach_tags|safe }}
@@ -424,7 +424,7 @@ def test_emails_not_escaped(self):
Tags are still stripped, though.
"""
STRING = u"<strong>J'adore Citröns</strong> & <Piñatas> so there"
- EXPECTED = u"J'adore Citröns & <Piñatas> so there"
+ EXPECTED = u"J'adore Citröns & so there"
self.data.update(comments=STRING)
self.client.post(self.url_en, self.data)
eq_(len(mail.outbox), 2)
@@ -593,7 +593,7 @@ def test_emails_not_escaped(self):
Tags are still stripped, though.
"""
STRING = u"<em>J'adore Citröns</em> & <Piñatas> so there"
- EXPECTED = u"J'adore Citröns & <Piñatas> so there"
+ EXPECTED = u"J'adore Citröns & so there"
self.data.update(comments=STRING)
self.client.post(self.url_en, self.data)
eq_(len(mail.outbox), 2)
@@ -1,7 +1,7 @@
A new speaker request form has been submitted with the following information:
+ Event Name
-{{ sr_event_name|strip_tags|safe }}
+{{ sr_event_name|bleach_tags|safe }}
+ Event URL
{{ sr_event_url }}
@@ -15,29 +15,29 @@ Guest Speaker
{% if sr_guest_speaker1 %}
+ Choice 1
-{{ sr_guest_speaker1|strip_tags|safe }}
+{{ sr_guest_speaker1|bleach_tags|safe }}
{% endif %}
{% if sr_guest_speaker2 %}
+ Choice 2
-{{ sr_guest_speaker2|strip_tags|safe }}
+{{ sr_guest_speaker2|bleach_tags|safe }}
{% endif %}
{% endif %}
------------------------------------
Contact Information
+ Name
-{{ sr_contact_name|strip_tags|safe }}
+{{ sr_contact_name|bleach_tags|safe }}
{% if sr_contact_title %}
+ Title
-{{ sr_contact_title|strip_tags|safe }}
+{{ sr_contact_title|bleach_tags|safe }}
{% endif %}
{% if sr_contact_company %}
+ Company
-{{ sr_contact_company|strip_tags|safe }}
+{{ sr_contact_company|bleach_tags|safe }}
{% endif %}
{% if sr_contact_phone %}
@@ -58,22 +58,22 @@ Event Details
{% if sr_event_venue %}
+ Venue
-{{ sr_event_venue|strip_tags|safe }}
+{{ sr_event_venue|bleach_tags|safe }}
{% endif %}
{% if sr_event_theme %}
+ Theme
-{{ sr_event_theme|strip_tags|safe }}
+{{ sr_event_theme|bleach_tags|safe }}
{% endif %}
{% if sr_event_goal %}
+ Goal
-{{ sr_event_goal|strip_tags|safe }}
+{{ sr_event_goal|bleach_tags|safe }}
{% endif %}
{% if sr_event_format %}
+ Format
-{{ sr_event_format|strip_tags|safe }}
+{{ sr_event_format|bleach_tags|safe }}
{% endif %}
{% if sr_event_audience_size %}
@@ -83,32 +83,32 @@ Event Details
{% if sr_event_audience_demographics %}
+ Audience Demographics
-{{ sr_event_audience_demographics|strip_tags|safe }}
+{{ sr_event_audience_demographics|bleach_tags|safe }}
{% endif %}
{% if sr_event_speakers_confirmed %}
+ Confirmed Speakers
-{{ sr_event_speakers_confirmed|strip_tags|safe }}
+{{ sr_event_speakers_confirmed|bleach_tags|safe }}
{% endif %}
{% if sr_event_speakers_invited %}
+ Invited Speakers
-{{ sr_event_speakers_invited|strip_tags|safe }}
+{{ sr_event_speakers_invited|bleach_tags|safe }}
{% endif %}
{% if sr_event_speakers_past %}
+ Past Speakers
-{{ sr_event_speakers_past|strip_tags|safe }}
+{{ sr_event_speakers_past|bleach_tags|safe }}
{% endif %}
{% if sr_event_media_coverage %}
+ Media Coverage
-{{ sr_event_media_coverage|strip_tags|safe }}
+{{ sr_event_media_coverage|bleach_tags|safe }}
{% endif %}
{% if sr_event_sponsors %}
+ Event Sponsors
-{{ sr_event_sponsors|strip_tags|safe }}
+{{ sr_event_sponsors|bleach_tags|safe }}
{% endif %}
{% if sr_event_confirmation_deadline %}
@@ -126,12 +126,12 @@ Presentation Details
{% if sr_presentation_panelists %}
+ Other Panelists
-{{ sr_presentation_panelists|strip_tags|safe }}
+{{ sr_presentation_panelists|bleach_tags|safe }}
{% endif %}
{% if sr_presentation_topic %}
+ Topic of Presentation
-{{ sr_presentation_topic|strip_tags|safe }}
+{{ sr_presentation_topic|bleach_tags|safe }}
{% endif %}
{% if sr_presentation_length %}
@@ -1,4 +1,4 @@
-# -*- coding: utf8 -*-
+# -*- coding: utf-8 -*-
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
@@ -245,7 +245,7 @@ def test_emails_not_escaped(self):
"""
STRING1 = u"<blink>J'adore Citröns</blink> & <Piñatas> so there"
- EXPECTED1 = u"J'adore Citröns & <Piñatas> so there"
+ EXPECTED1 = u"J'adore Citröns & so there"
STRING2 = u"J'adore Piñatas & <fromage> so here"
EXPECTED2 = u"J'adore Piñatas & so here"
Submodule bleach added at f9fc1c
Submodule html5lib added at 3b3c10
@@ -5,6 +5,7 @@ packages/python-memcached
packages/pytz
packages/PyYAML/lib
src/basket-client
+src/bleach
src/chkcrontab
src/django
src/django-dnt
@@ -16,6 +17,7 @@ src/django-rest-framework
src/django-statsd
src/django-waffle
src/feedparser/feedparser
+src/html5lib
src/icalendar/src
src/jingo-markdown
src/legal-docs

0 comments on commit a683548

Please sign in to comment.