p15693087
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Refs #7697 -- Tested escaping of safe strings in the technical 500 debug view. 

Tests were omitted in the original commit: a56a226241.
This commit is contained in:
Tim Graham 2017-08-02 15:56:47 -04:00 committed by GitHub
parent 293608a2e0
commit d70432deae
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
tests/view_tests/tests/test_debug.py
View File

@ -354,7 +354,7 @@ class ExceptionReporterTests(SimpleTestCase):
try: try:
raise ValueError('Second exception') from explicit raise ValueError('Second exception') from explicit
except ValueError: except ValueError:
raise IndexError('Final exception') raise IndexError(mark_safe('<p>Final exception</p>'))
except Exception: except Exception:
# Custom exception handler, just pass it into ExceptionReporter # Custom exception handler, just pass it into ExceptionReporter
exc_type, exc_value, tb = sys.exc_info() exc_type, exc_value, tb = sys.exc_info()
@ -368,10 +368,12 @@ class ExceptionReporterTests(SimpleTestCase):
# one as plain text (for pastebin) # one as plain text (for pastebin)
self.assertEqual(2, html.count(explicit_exc.format("Top level"))) self.assertEqual(2, html.count(explicit_exc.format("Top level")))
self.assertEqual(2, html.count(implicit_exc.format("Second exception"))) self.assertEqual(2, html.count(implicit_exc.format("Second exception")))
self.assertEqual(10, html.count('&lt;p&gt;Final exception&lt;/p&gt;'))
text = reporter.get_traceback_text() text = reporter.get_traceback_text()
self.assertIn(explicit_exc.format("Top level"), text) self.assertIn(explicit_exc.format("Top level"), text)
self.assertIn(implicit_exc.format("Second exception"), text) self.assertIn(implicit_exc.format("Second exception"), text)
self.assertEqual(3, text.count('<p>Final exception</p>'))
def test_request_and_message(self): def test_request_and_message(self):
"A message can be provided in addition to a request" "A message can be provided in addition to a request"
@ -416,6 +418,16 @@ class ExceptionReporterTests(SimpleTestCase):
self.assertIn('VAL\\xe9VAL', html) self.assertIn('VAL\\xe9VAL', html)
self.assertIn('EXC\\xe9EXC', html) self.assertIn('EXC\\xe9EXC', html)
def test_local_variable_escaping(self):
"""Safe strings in local variables are escaped."""
try:
local = mark_safe('<p>Local variable</p>')
raise ValueError(local)
except Exception:
exc_type, exc_value, tb = sys.exc_info()
html = ExceptionReporter(None, exc_type, exc_value, tb).get_traceback_html()
self.assertIn('<td class="code"><pre>&#39;&lt;p&gt;Local variable&lt;/p&gt;&#39;</pre></td>', html)
def test_unprintable_values_handling(self): def test_unprintable_values_handling(self):
"Unprintable values should not make the output generation choke." "Unprintable values should not make the output generation choke."
try: try: