Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also compare across forks.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also compare across forks.
base fork: mozilla/kuma
...
head fork: mozilla/kuma
  • 6 commits
  • 4 files changed
  • 0 commit comments
  • 5 contributors
View
2  README.rst
@@ -12,4 +12,4 @@ It is a Django_ application.
.. _Django: http://www.djangoproject.com/
-You can access the staging site at https:/developer.allizom.org/
+You can access the staging site at https://developer.allizom.org/
View
3  apps/wiki/models.py
@@ -374,8 +374,7 @@ def clean_content(self, content_in, use_constance_bleach_whitelists=False):
styles = ALLOWED_STYLES
out = bleach.clean(out, attributes=attributes, tags=tags,
- styles=styles, strip_comments=False,
- skip_gauntlet=True)
+ styles=styles, skip_gauntlet=True)
return out
def get_by_natural_key(self, locale, slug):
View
15 apps/wiki/tests/test_content.py
@@ -777,6 +777,21 @@ def test_allowed_attributes(self):
eq_(html_str, bleach.clean(html_str, attributes=ALLOWED_ATTRIBUTES,
tags=ALLOWED_TAGS))
+ def test_stripped_ie_comment(self):
+ """bug 801046: strip IE conditional comments"""
+ content = """
+ <p>Hi there.</p>
+ <!--[if]><script>alert(1)</script -->
+ <!--[if<img src=x onerror=alert(2)//]> -->
+ <p>Goodbye</p>
+ """
+ expected = """
+ <p>Hi there.</p>
+ <p>Goodbye</p>
+ """
+ result = Document.objects.clean_content(content)
+ eq_(normalize_html(expected), normalize_html(result))
+
class GetSEODescriptionTests(TestCase):
View
6 media/syntaxhighlighter/styles/shThemeDefault.css
@@ -36,10 +36,10 @@
color: #afafaf !important;
}
.syntaxhighlighter .gutter .line {
- border-right: 3px solid #6ce26c !important;
+ border-right: 3px solid #e5e5e5 !important;
}
.syntaxhighlighter .gutter .line.highlighted {
- background-color: #6ce26c !important;
+ background-color: #e5e5e5 !important;
color: white !important;
}
.syntaxhighlighter.printing .line .content {
@@ -51,7 +51,7 @@
.syntaxhighlighter.collapsed .toolbar {
color: blue !important;
background: white !important;
- border: 1px solid #6ce26c !important;
+ border: 1px solid #e5e5e5 !important;
}
.syntaxhighlighter.collapsed .toolbar a {
color: blue !important;

No commit comments for this range

Something went wrong with that request. Please try again.