def test_html_sanitization(self): for markup in DANGEROUS_MARKUP: self.assertNotRegexpMatches(descriptify(markup), 'javascript|xss|alert') for markup in SAFE_MARKUP: self.assertEqual(descriptify(markup), markup)
def test_xss(self): base = "https://x.es/home/about.html?query=1" for link in LINKS: for url in JAVASCRIPT_URLS: self.assertNotRegexpMatches(descriptify(link % url), 'javascript|xss|alert') for relurl, absolute in VALID_URLS: self.assertEqual(descriptify(link % relurl, base=base), '<a href="%s">Click me :)</a>' % absolute)
def clean(html, url): return insert_base_url(descriptify(html, url), url)