Fixed XSS in admin's add/change related popup.

This is a security fix.
author: Tim Graham <timograham@gmail.com> 2016-07-06 15:41:06 -0400
committer: Tim Graham <timograham@gmail.com> 2016-07-18 11:17:01 -0400
commit: 93c538694e6b14a29cb0f52b784a3bfed604fda6 (patch)
tree: f075545736aec4ea866a60313eae2eae45349ec8 /tests/admin_views
parent: 767849b765e881ee905f2bc1175d1c1f47445554 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/tests/admin_views/tests.py b/tests/admin_views/tests.py
index 2886c94bd5..8f12fcd068 100644
--- a/tests/admin_views/tests.py
+++ b/tests/admin_views/tests.py
@@ -4475,11 +4475,11 @@ class SeleniumTests(AdminSeleniumTestCase):
         self.wait_for_text('#content h1', 'Change section')
         name_input = self.selenium.find_element_by_id('id_name')
         name_input.clear()
-        name_input.send_keys('edited section')
+        name_input.send_keys('<i>edited section</i>')
         self.selenium.find_element_by_xpath('//input[@value="Save"]').click()
         self.selenium.switch_to.window(self.selenium.window_handles[0])
         select = Select(self.selenium.find_element_by_id('id_form-0-section'))
-        self.assertEqual(select.first_selected_option.text, 'edited section')
+        self.assertEqual(select.first_selected_option.text, '<i>edited section</i>')
 
         # Add popup
         self.selenium.find_element_by_id('add_id_form-0-section').click()
author	Tim Graham <timograham@gmail.com>	2016-07-06 15:41:06 -0400
committer	Tim Graham <timograham@gmail.com>	2016-07-18 11:17:01 -0400
commit	93c538694e6b14a29cb0f52b784a3bfed604fda6 (patch)
tree	f075545736aec4ea866a60313eae2eae45349ec8 /tests/admin_views
parent	767849b765e881ee905f2bc1175d1c1f47445554 (diff)