diff options
Diffstat (limited to 'tests/admin_docs')
| -rw-r--r-- | tests/admin_docs/evilfile.txt | 0 | ||||
| -rw-r--r-- | tests/admin_docs/models.py | 6 | ||||
| -rw-r--r-- | tests/admin_docs/tests.py | 6 |
3 files changed, 12 insertions, 0 deletions
diff --git a/tests/admin_docs/evilfile.txt b/tests/admin_docs/evilfile.txt new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/tests/admin_docs/evilfile.txt diff --git a/tests/admin_docs/models.py b/tests/admin_docs/models.py index 7e8b6c37e8..89a9e8c98e 100644 --- a/tests/admin_docs/models.py +++ b/tests/admin_docs/models.py @@ -29,6 +29,12 @@ class Person(models.Model): Field storing :model:`myapp.Company` where the person works. (DESCRIPTION) + + .. raw:: html + :file: admin_docs/evilfile.txt + + .. include:: admin_docs/evilfile.txt + """ first_name = models.CharField(max_length=200, help_text="The person's first name") last_name = models.CharField(max_length=200, help_text="The person's last name") diff --git a/tests/admin_docs/tests.py b/tests/admin_docs/tests.py index b4f78477df..a59443adf4 100644 --- a/tests/admin_docs/tests.py +++ b/tests/admin_docs/tests.py @@ -290,6 +290,12 @@ class TestModelDetailView(TestDataMixin, AdminDocsTestCase): "all related %s objects" % (link % ("admin_docs.group", "admin_docs.Group")) ) + # "raw" and "include" directives are disabled + self.assertContains(self.response, '<p>"raw" directive disabled.</p>',) + self.assertContains(self.response, '.. raw:: html\n :file: admin_docs/evilfile.txt') + self.assertContains(self.response, '<p>"include" directive disabled.</p>',) + self.assertContains(self.response, '.. include:: admin_docs/evilfile.txt') + def test_model_with_many_to_one(self): link = '<a class="reference external" href="/admindocs/models/%s/">%s</a>' response = self.client.get( |