From 1f2abf784a9fe550959de242d91963b2ad6f7e9c Mon Sep 17 00:00:00 2001 From: Moritz Sichert Date: Wed, 18 Mar 2015 21:42:59 +0100 Subject: Fixed #24469 -- Refined escaping of Django's form elements in non-Django templates. --- tests/utils_tests/test_html.py | 71 +++++++++++++++++++++++++++++++++++++++--- 1 file changed, 67 insertions(+), 4 deletions(-) (limited to 'tests/utils_tests/test_html.py') diff --git a/tests/utils_tests/test_html.py b/tests/utils_tests/test_html.py index 7456b67d50..58a4d48753 100644 --- a/tests/utils_tests/test_html.py +++ b/tests/utils_tests/test_html.py @@ -3,16 +3,15 @@ from __future__ import unicode_literals import os from datetime import datetime -from unittest import TestCase -from django.test import ignore_warnings -from django.utils import html, safestring +from django.test import SimpleTestCase, ignore_warnings +from django.utils import html, safestring, six from django.utils._os import upath from django.utils.deprecation import RemovedInDjango20Warning from django.utils.encoding import force_text -class TestUtilsHtml(TestCase): +class TestUtilsHtml(SimpleTestCase): def check_output(self, function, value, output=None): """ @@ -185,3 +184,67 @@ class TestUtilsHtml(TestCase): self.assertEqual(html.conditional_escape(s), '<h1>interop</h1>') self.assertEqual(html.conditional_escape(safestring.mark_safe(s)), s) + + def test_html_safe(self): + @html.html_safe + class HtmlClass(object): + if six.PY2: + def __unicode__(self): + return "

I'm a html class!

" + else: + def __str__(self): + return "

I'm a html class!

" + + html_obj = HtmlClass() + self.assertTrue(hasattr(HtmlClass, '__html__')) + self.assertTrue(hasattr(html_obj, '__html__')) + self.assertEqual(force_text(html_obj), html_obj.__html__()) + + def test_html_safe_subclass(self): + if six.PY2: + class BaseClass(object): + def __html__(self): + # defines __html__ on its own + return 'some html content' + + def __unicode__(self): + return 'some non html content' + + @html.html_safe + class Subclass(BaseClass): + def __unicode__(self): + # overrides __unicode__ and is marked as html_safe + return 'some html safe content' + else: + class BaseClass(object): + def __html__(self): + # defines __html__ on its own + return 'some html content' + + def __str__(self): + return 'some non html content' + + @html.html_safe + class Subclass(BaseClass): + def __str__(self): + # overrides __str__ and is marked as html_safe + return 'some html safe content' + + subclass_obj = Subclass() + self.assertEqual(force_text(subclass_obj), subclass_obj.__html__()) + + def test_html_safe_defines_html_error(self): + msg = "can't apply @html_safe to HtmlClass because it defines __html__()." + with self.assertRaisesMessage(ValueError, msg): + @html.html_safe + class HtmlClass(object): + def __html__(self): + return "

I'm a html class!

" + + def test_html_safe_doesnt_define_str(self): + method_name = '__unicode__()' if six.PY2 else '__str__()' + msg = "can't apply @html_safe to HtmlClass because it doesn't define %s." % method_name + with self.assertRaisesMessage(ValueError, msg): + @html.html_safe + class HtmlClass(object): + pass -- cgit v1.3