From 80f08dbdbc1f9c8b4ed75298955016feb697c4a1 Mon Sep 17 00:00:00 2001 From: Claude Paroz Date: Thu, 20 Mar 2014 16:50:50 +0100 Subject: [1.7.x] Improved strip_tags and clarified documentation The fact that strip_tags cannot guarantee to really strip all non-safe HTML content was not clear enough. Also see: https://www.djangoproject.com/weblog/2014/mar/22/strip-tags-advisory/ Backport of 6ca6c36f82b from master. --- tests/utils_tests/test_html.py | 2 ++ 1 file changed, 2 insertions(+) (limited to 'tests') diff --git a/tests/utils_tests/test_html.py b/tests/utils_tests/test_html.py index 51ff38d190..5cf2992ac4 100644 --- a/tests/utils_tests/test_html.py +++ b/tests/utils_tests/test_html.py @@ -82,6 +82,8 @@ class TestUtilsHtml(TestCase): ('a

b

c', 'abc'), ('de

f', 'def'), ('foobar', 'foobar'), + ('ript>test</script>', 'test'), + ('&h', 'alert()&h'), ) for value, output in items: self.check_output(f, value, output) -- cgit v1.3