def test_xss_arguments_and_escaping(self):
addon = Addon.objects.get()
addon.name = 'Delicious <script src="x.js">Bookmarks'
addon.save()
addon = addon.reload()
au = AddonUser(addon=addon, user=self.user)
amo.log(amo.LOG.CHANGE_USER_WITH_ROLE, au.user, au.get_role_display(),
addon)
log = ActivityLog.objects.get()
log_expected = ('yolo role changed to Owner for <a href="/en-US/'
'firefox/addon/a3615/">Delicious <script src='
'"x.js">Bookmarks</a>.')
eq_(log.to_string(), log_expected)
eq_(jingo.env.from_string('<p>{{ log }}</p>').render({'log': log}),
'<p>%s</p>' % log_expected)
def test_xss_arguments_and_escaping(self):
addon = Addon.objects.get()
addon.name = 'Delicious <script src="x.js">Bookmarks'
addon.save()
addon = addon.reload()
au = AddonUser(addon=addon, user=self.user)
ActivityLog.create(amo.LOG.CHANGE_USER_WITH_ROLE, au.user,
six.text_type(au.get_role_display()), addon)
log = ActivityLog.objects.get()
log_expected = ('Yolo role changed to Owner for <a href="/en-US/'
'firefox/addon/a3615/">Delicious <script src='
'"x.js">Bookmarks</a>.')
assert log.to_string() == log_expected
rendered = amo.utils.from_string('<p>{{ log }}</p>').render(
{'log': log})
assert rendered == '<p>%s</p>' % log_expected
def test_xss_arguments_and_escaping(self):
addon = Addon.objects.get()
addon.name = 'Delicious <script src="x.js">Bookmarks'
addon.save()
addon = addon.reload()
au = AddonUser(addon=addon, user=self.user)
ActivityLog.create(
amo.LOG.CHANGE_USER_WITH_ROLE, au.user,
six.text_type(au.get_role_display()), addon)
log = ActivityLog.objects.get()
log_expected = ('Yolo role changed to Owner for <a href="/en-US/'
'firefox/addon/a3615/">Delicious <script src='
'"x.js">Bookmarks</a>.')
assert log.to_string() == log_expected
rendered = amo.utils.from_string('<p>{{ log }}</p>').render(
{'log': log})
assert rendered == '<p>%s</p>' % log_expected