0001-wcs-display-richtext-field-as-safe-69271.patch

Lauréline Guérin, 19 septembre 2022 16:46

Voir les différences: en ligne côte à côte

Subject: [PATCH] wcs: display richtext field as safe (#69271)

 .../templates/combo/wcs/card-field-value.html |  2 ++
 tests/wcs/test_card.py                        | 25 ++++++++++++++++---
 tests/wcs/utils.py                            |  2 ++
 3 files changed, 26 insertions(+), 3 deletions(-)

       {% else %}
         <a href="{% make_public_url url=value.url %}" download="{{ value.filename }}">{{ value.filename }}</a>
       {% endif %}
     {% elif field.type == "richtext" %}
       {{ value|safe }}
     {% else %}
       {{ value|default:""|urlize }}
     {% endif %}

             {'varname': 'fieldf'},
             {'varname': 'fieldg'},
             {'varname': 'fieldh'},
             {'varname': 'fieldi'},
             {'varname': 'unknown'},
             {'varname': 'user:name'},
             {'varname': 'user:email'},
-...
         result = cell.render(context)
         assert PyQuery(result).find('ul li') == []
         assert len(PyQuery(result).find('table tr td')) == 13 * 3
         assert len(PyQuery(result).find('table tr td')) == 14 * 3
         assert [PyQuery(td).text() for td in PyQuery(result).find('table tr:first-child td')] == [
             '<i>a</i>',
             'yes',
-...
             "lorem<strong>ipsum hello world",
             'test@localhost',
             'https://www.example.net/',
             "loremipsum\nhello'world",
             'User Foo Bar',
             'foo@bar.com',
             'User',
-...
             PyQuery(result).find('table tr:first-child td:nth-child(9) a').attr['href']
             == 'https://www.example.net/'
+        )
         assert PyQuery(result).find('table tr:first-child td:nth-child(11) a').text().strip() == 'foo@bar.com'
         assert PyQuery(result).find('table tr:first-child td:nth-child(10) p:first-child').text() == 'loremipsum'
         assert (
             PyQuery(result).find('table tr:first-child td:nth-child(11) a').attr['href'] == 'mailto:foo@bar.com'
             PyQuery(result).find('table tr:first-child td:nth-child(10) p:first-child strong').text() == 'ipsum'
+        )
         assert PyQuery(result).find('table tr:first-child td:nth-child(10) p:last-child').text() == "hello'world"
         assert PyQuery(result).find('table tr:first-child td:nth-child(12) a').text().strip() == 'foo@bar.com'
         assert (
             PyQuery(result).find('table tr:first-child td:nth-child(12) a').attr['href'] == 'mailto:foo@bar.com'
+        )
-...
         assert PyQuery(result).find('.label').text() == 'Field F'
         assert PyQuery(result).find('.value pre').text() == 'lorem<strong>ipsum hello world'
         cell.custom_schema['cells'][0] = {
             'varname': 'fieldi',
             'field_content': 'label-and-value',
             'display_mode': 'text',
+        }
         cell.save()
         result = cell.render(context)
         assert PyQuery(result).find('.label').text() == 'Field I'
         assert PyQuery(result).find('.value p:first-child').text() == 'loremipsum'
         assert PyQuery(result).find('.value p:first-child strong').text() == 'ipsum'
         assert PyQuery(result).find('.value p:last-child').text() == "hello'world"
         cell.custom_schema['cells'][0] = {
             'varname': 'fieldg',
             'field_content': 'label-and-value',

                     'fieldf': 'lorem<strong>ipsum\n\nhello world',
                     'fieldg': 'test@localhost',
                     'fieldh': 'https://www.example.net/',
                     'fieldi': "<p>lorem<strong>ipsum</p><p>hello'world</p>",
                     'related': 'Foo Bar',
                     'related_raw': 42,
                     'related_structured': {'id': 42, 'text': 'blah'},
-...
                 {'label': 'Field F', 'varname': 'fieldf', 'type': 'text', 'pre': True},
                 {'label': 'Field G', 'varname': 'fieldg', 'type': 'email'},
                 {'label': 'Field H', 'varname': 'fieldh', 'type': 'string'},
                 {'label': 'Field I', 'varname': 'fieldi', 'type': 'richtext'},
                 {'label': 'Empty', 'varname': 'empty', 'type': 'string'},
                 {'label': 'Related', 'varname': 'related', 'type': 'item'},
                 {'label': 'Page', 'type': 'page'},
+    -

Projet

Général

Profil

Produits Entr'ouvert » Combo

0001-wcs-display-richtext-field-as-safe-69271.patch