# -*- coding: utf-8 -*- from __future__ import unicode_literals from datetime import datetime import os from unittest import TestCase from django.utils import html, safestring from django.utils._os import upath from django.utils.encoding import force_text class TestUtilsHtml(TestCase): def check_output(self, function, value, output=None): """ Check that function(value) equals output. If output is None, check that function(value) equals value. """ if output is None: output = value self.assertEqual(function(value), output) def test_escape(self): f = html.escape items = ( ('&','&'), ('<', '<'), ('>', '>'), ('"', '"'), ("'", '''), ) # Substitution patterns for testing the above items. patterns = ("%s", "asdf%sfdsa", "%s1", "1%sb") for value, output in items: for pattern in patterns: self.check_output(f, pattern % value, pattern % output) # Check repeated values. self.check_output(f, value * 2, output * 2) # Verify it doesn't double replace &. self.check_output(f, '<&', '<&') def test_format_html(self): self.assertEqual( html.format_html("{0} {1} {third} {fourth}", "< Dangerous >", html.mark_safe("safe"), third="< dangerous again", fourth=html.mark_safe("safe again") ), "< Dangerous > safe < dangerous again safe again" ) def test_linebreaks(self): f = html.linebreaks items = ( ("para1\n\npara2\r\rpara3", "
para1
\n\npara2
\n\npara3
"), ("para1\nsub1\rsub2\n\npara2", "para1
sub1
sub2
para2
"), ("para1\r\n\r\npara2\rsub1\r\rpara4", "para1
\n\npara2
sub1
para4
"), ("para1\tmore\n\npara2", "para1\tmore
\n\npara2
"), ) for value, output in items: self.check_output(f, value, output) def test_strip_tags(self): f = html.strip_tags items = ( ('See: 'é is an apostrophe followed by e acute
', 'See: 'é is an apostrophe followed by e acute'), ('b
c', 'abc'), ('ab
c', 'abc'), ('dhello
\nworld
', 'hello
world
'), ('\n\t
\n\n', '\n\n'), ) for value, output in items: self.check_output(f, value, output) def test_strip_entities(self): f = html.strip_entities # Strings that should come out untouched. values = ("&", "&a", "&a", "aa") for value in values: self.check_output(f, value) # Valid entities that should be stripped from the patterns. entities = ("", "", "&a;", "&fdasdfasdfasdf;") patterns = ( ("asdf %(entity)s ", "asdf "), ("%(entity)s%(entity)s", ""), ("&%(entity)s%(entity)s", "&"), ("%(entity)s3", "3"), ) for entity in entities: for in_pattern, output in patterns: self.check_output(f, in_pattern % {'entity': entity}, output) def test_fix_ampersands(self): f = html.fix_ampersands # Strings without ampersands or with ampersands already encoded. values = ("a", "b", "&a;", "& &x; ", "asdf") patterns = ( ("%s", "%s"), ("&%s", "&%s"), ("&%s&", "&%s&"), ) for value in values: for in_pattern, out_pattern in patterns: self.check_output(f, in_pattern % value, out_pattern % value) # Strings with ampersands that need encoding. items = ( ("", "&#;"), ("ͫ ;", "ͫ ;"), ("abc;", "abc;"), ) for value, output in items: self.check_output(f, value, output) def test_escapejs(self): f = html.escapejs items = ( ('"double quotes" and \'single quotes\'', '\\u0022double quotes\\u0022 and \\u0027single quotes\\u0027'), (r'\ : backslashes, too', '\\u005C : backslashes, too'), ('and lots of whitespace: \r\n\t\v\f\b', 'and lots of whitespace: \\u000D\\u000A\\u0009\\u000B\\u000C\\u0008'), (r'', '\\u003Cscript\\u003Eand this\\u003C/script\\u003E'), ('paragraph separator:\u2029and line separator:\u2028', 'paragraph separator:\\u2029and line separator:\\u2028'), ) for value, output in items: self.check_output(f, value, output) def test_clean_html(self): f = html.clean_html items = ( ('
I believe in semantic markup!
', 'I believe in semantic markup!
'), ('I escape & I don\'t target', 'I escape & I don\'t target'), ('I kill whitespace
', '
I kill whitespace
'), # also a regression test for #7267: this used to raise an UnicodeDecodeError ('* foo
* bar
', 'y
", "a b", "xy
"), ) for value, tags, output in items: self.assertEqual(f(value, tags), output) def test_smart_urlquote(self): quote = html.smart_urlquote # Ensure that IDNs are properly quoted self.assertEqual(quote('http://öäü.com/'), 'http://xn--4ca9at.com/') self.assertEqual(quote('http://öäü.com/öäü/'), 'http://xn--4ca9at.com/%C3%B6%C3%A4%C3%BC/') # Ensure that everything unsafe is quoted, !*'();:@&=+$,/?#[]~ is considered safe as per RFC self.assertEqual(quote('http://example.com/path/öäü/'), 'http://example.com/path/%C3%B6%C3%A4%C3%BC/') self.assertEqual(quote('http://example.com/%C3%B6/ä/'), 'http://example.com/%C3%B6/%C3%A4/') self.assertEqual(quote('http://example.com/?x=1&y=2'), 'http://example.com/?x=1&y=2') def test_conditional_escape(self): s = '