def setUp(self): self.user = BlueBottleUserFactory.create() self.page1 = PageFactory.create(author=self.user, language = 'nl') placeholder1 = Placeholder.objects.create_for_object(self.page1, 'blog_contents') placeholder1.save() self.page2 = PageFactory.create(author=self.user, language = 'en') placeholder2 = Placeholder.objects.create_for_object(self.page2, 'blog_contents')
def setUp(self):
super(PageTestCase, self).setUp()
self.init_projects()
self.user = BlueBottleUserFactory.create()
self.page1 = PageFactory.create(author=self.user, language='nl')
placeholder1 = Placeholder.objects.create_for_object(self.page1,
'blog_contents')
placeholder1.save()
self.page2 = PageFactory.create(author=self.user, language='en')
Placeholder.objects.create_for_object(self.page2, 'blog_contents')
def test_upload_malicious_html(self):
page = PageFactory.create()
placeholder = Placeholder.objects.create_for_object(
page, 'blog_contents')
placeholder.save()
page_admin_url = reverse('admin:pages_page_change', args=(page.id, ))
response = self.client.get(page_admin_url)
csrf = self.get_csrf_token(response)
data = {
"csrfmiddlewaretoken":
csrf,
"slug":
page.slug,
"title":
page.title,
"language":
'en',
"auhtor":
page.author.id,
"status":
"published",
"publication_date_0":
"2013-07-05",
"publication_date_1":
"14:13:53",
"initial-publication_date_0":
"2013-07-05",
"initial-publication_date_1":
"14:13:53",
"publication_end_date_0":
"",
"publication_end_date_1":
"",
"placeholder-fs-TOTAL_FORMS":
1,
"placeholder-fs-INITIAL_FORMS":
1,
"placeholder-fs-MIN_NUM_FORMS":
0,
"placeholder-fs-MAX_NUM_FORMS":
1000,
"placeholder-fs-0-id":
placeholder.id,
"placeholder-fs-0-slot":
'blog_contents',
"placeholder-fs-0-role":
"m",
"placeholder-fs-0-title":
"Body",
"documentitem-TOTAL_FORMS":
1,
"documentitem-INITIAL_FORMS":
0,
"documentitem-MIN_NUM_FORMS":
0,
"documentitem-MAX_NUM_FORMS":
1000,
"documentitem-0-placeholder":
placeholder.id,
"documentitem-0-placeholder_slot":
"blog_contents",
"documentitem-0-sort_order":
0,
"documentitem-0-text":
"Link",
"documentitem-0-document":
open('./bluebottle/pages/tests/files/xss.html', "rb"),
"actionitem-TOTAL_FORMS":
"0",
"actionitem-INITIAL_FORMS":
"0",
"rawhtmlitem-TOTAL_FORMS":
"0",
"rawhtmlitem-INITIAL_FORMS":
"0",
"oembeditem-TOTAL_FORMS":
"0",
"oembeditem-INITIAL_FORMS":
"0",
"pictureitem-TOTAL_FORMS":
"0",
"pictureitem-INITIAL_FORMS":
"0",
"imagetextitem-TOTAL_FORMS":
"0",
"imagetextitem-INITIAL_FORMS":
"0",
"textitem-TOTAL_FORMS":
"0",
"textitem-INITIAL_FORMS":
"0",
"imagetextrounditem-TOTAL_FORMS":
"0",
"imagetextrounditem-INITIAL_FORMS":
"0",
"columnsitem-TOTAL_FORMS":
"0",
"columnsitem-INITIAL_FORMS":
"0",
'_continue':
'Save and continue editing',
}
response = self.client.post(page_admin_url, data)
self.assertEquals(response.status_code, 200)
self.assertContains(
response,
"Mime type 'application/pdf' doesn't match the filename extension '.html'."
)
self.assertEquals(page.content.contentitems.count(), 0)
self.assertEquals(DocumentItem.objects.count(), 0)
def setUp(self):
super(PageTestCase, self).setUp()
self.init_projects()
self.page = PageFactory.create(language='en', slug='about', title='About us')
self.placeholder = Placeholder.objects.create_for_object(self.page, slot='blog_contents')
self.url = reverse('page-detail', args=(self.page.slug, ))