def _get_readme_from_cache(key): readme_data = None readme_file = None log.debug('Fetching readme file') try: cs = repo.get_changeset() # fetches TIP renderer = MarkupRenderer() for f in README_FILES: try: readme = cs.get_node(f) readme_file = f readme_data = renderer.render(readme.content, f) log.debug('Found readme %s' % readme_file) break except NodeDoesNotExistError: continue except ChangesetError: log.error(traceback.format_exc()) pass except EmptyRepositoryError: pass except Exception: log.error(traceback.format_exc()) return readme_data, readme_file
def _get_readme_from_cache(key): readme_data = None readme_file = None log.debug('Looking for README file') try: # get's the landing revision! or tip if fails cs = db_repo.get_landing_changeset() if isinstance(cs, EmptyChangeset): raise EmptyRepositoryError() renderer = MarkupRenderer() for f in README_FILES: try: readme = cs.get_node(f) if not isinstance(readme, FileNode): continue readme_file = f log.debug('Found README file `%s` rendering...' % readme_file) readme_data = renderer.render(readme.content, f) break except NodeDoesNotExistError: continue except ChangesetError: log.error(traceback.format_exc()) pass except EmptyRepositoryError: pass except Exception: log.error(traceback.format_exc()) return readme_data, readme_file
def _generate_readme(cache_key): readme_data = None readme_file = None try: # gets the landing revision or tip if fails commit = db_repo.get_landing_commit() if isinstance(commit, EmptyCommit): raise EmptyRepositoryError() renderer = MarkupRenderer() for f in README_FILES: try: node = commit.get_node(f) except NodeDoesNotExistError: continue if not node.is_file(): continue readme_file = f log.debug('Found README file `%s` rendering...', readme_file) readme_data = renderer.render(node.content, filename=f) break except CommitError: log.exception("Problem getting commit") pass except EmptyRepositoryError: pass except Exception: log.exception("General failure") return readme_data, readme_file
def test_rst_xss_raw_directive(): xss_rst = '\n'.join([ '.. raw:: html', '', ' <a href="javascript:alert(\'XSS: pwned!\')">link</a>' ]) rendered_html = MarkupRenderer.rst(xss_rst) assert 'href="javascript:alert(' not in rendered_html
def rst_w_mentions(source): """ Wrapped rst renderer with @mention highlighting :param source: """ return literal('<div class="rst-block">%s</div>' % MarkupRenderer.rst_with_mentions(source))
def rst(source): return literal('<div class="rst-block">%s</div>' % MarkupRenderer.rst(source))
def test_rst_xss_inline_html(): xss_rst = '<a href="javascript:alert(\'XSS: pwned!\')">link</a>' rendered_html = MarkupRenderer.rst(xss_rst) assert 'href="javascript:alert(' not in rendered_html
def test_rst_xss_link(): xss_rst = "`Link<javascript:alert('XSS: pwned!')>`_" rendered_html = MarkupRenderer.rst(xss_rst) assert "href=javascript:alert('XSS: pwned!')" not in rendered_html
def test_markdown_inline_html(): xss_md = '\n'.join( ['> <a name="n"', '> href="https://rhodecode.com">link</a>']) rendered_html = MarkupRenderer.markdown(xss_md) assert '[HTML_REMOVED]link[HTML_REMOVED]' in rendered_html
def test_markdown_xss_inline_html(): xss_md = '\n'.join([ '> <a name="n"', '> href="javascript:alert(\'XSS: pwned!\')">link</a>' ]) rendered_html = MarkupRenderer.markdown(xss_md) assert 'href="javascript:alert(\'XSS: pwned!\')">' not in rendered_html
def test_markdown_xss_link(): xss_md = "[link](javascript:alert('XSS: pwned!'))" rendered_html = MarkupRenderer.markdown(xss_md) assert 'href="javascript:alert(\'XSS: pwned!\')"' not in rendered_html
def test_detect_renderer(filename, expected_renderer): detected_renderer = MarkupRenderer()._detect_renderer( '', filename=filename).__name__ assert expected_renderer == detected_renderer