add autolinking
This commit is contained in:
Jason Bau
@@ -2,6 +2,7 @@ import json
|
||||
import logging
|
||||
import re
|
||||
import bleach
|
||||
from html5lib.tokenizer import HTMLTokenizer
|
||||
from xmodule.progress import Progress
|
||||
import capa.xqueue_interface as xqueue_interface
|
||||
from capa.util import *
|
||||
@@ -53,7 +54,7 @@ def upload_to_s3(file_to_upload, keyname, s3_interface):
|
||||
# Used by sanitize_html
|
||||
ALLOWED_HTML_ATTRS = {
|
||||
'*': ['id', 'class', 'height', 'width', 'alt'],
|
||||
'a': ['href', 'title', 'rel'],
|
||||
'a': ['href', 'title', 'rel', 'target'],
|
||||
'embed': ['src'],
|
||||
'iframe': ['src'],
|
||||
'img': ['src'],
|
||||
@@ -222,7 +223,11 @@ class OpenEndedChild(object):
|
||||
tags=['embed', 'iframe', 'a', 'img', 'br'],
|
||||
attributes=ALLOWED_HTML_ATTRS,
|
||||
strip=True)
|
||||
return OpenEndedChild.replace_newlines(clean_html)
|
||||
autolinked = bleach.linkify(clean_html,
|
||||
callbacks=[bleach.callbacks.target_blank],
|
||||
skip_pre=True,
|
||||
tokenizer=HTMLTokenizer)
|
||||
return OpenEndedChild.replace_newlines(autolinked)
|
||||
|
||||
@staticmethod
|
||||
def replace_newlines(html):
|
||||
|
||||
@@ -1011,10 +1011,10 @@ class OpenEndedModuleUtilTest(unittest.TestCase):
|
||||
script_clean = u'alert("xss!")'
|
||||
img_dirty = u'<img alt="cats" height="200" onclick="eval()" src="http://example.com/lolcats.jpg" width="200">'
|
||||
img_clean = u'<img alt="cats" height="200" src="http://example.com/lolcats.jpg" width="200">'
|
||||
embed_dirty = u'<embed height="200" id="cats" onhover="eval()" src="http://example.com/lolcats.swf" width="200">'
|
||||
embed_dirty = u'<embed height="200" id="cats" onhover="eval()" src="http://example.com/lolcats.swf" width="200"/>'
|
||||
embed_clean = u'<embed height="200" id="cats" src="http://example.com/lolcats.swf" width="200">'
|
||||
iframe_dirty = u'<img class="cats" height="200" onerror="eval()" src="http://example.com/lolcats" width="200">'
|
||||
iframe_clean = u'<img class="cats" height="200" src="http://example.com/lolcats" width="200">'
|
||||
iframe_dirty = u'<iframe class="cats" height="200" onerror="eval()" src="http://example.com/lolcats" width="200"/>'
|
||||
iframe_clean = u'<iframe class="cats" height="200" src="http://example.com/lolcats" width="200"></iframe>'
|
||||
|
||||
text = u'I am a \u201c\xfcber student\u201d'
|
||||
text_lessthan_noencd = u'This used to be broken < by the other parser. 3>5'
|
||||
@@ -1022,6 +1022,9 @@ class OpenEndedModuleUtilTest(unittest.TestCase):
|
||||
text_linebreaks = u"St\xfcdent submission:\nI like lamp."
|
||||
text_brs = u"St\xfcdent submission:<br/>I like lamp."
|
||||
|
||||
link_text = u'I love going to www.lolcatz.com'
|
||||
link_atag = u'I love going to <a href="http://www.lolcatz.com" target="_blank">www.lolcatz.com</a>'
|
||||
|
||||
def test_script(self):
|
||||
"""
|
||||
Basic test for stripping <script>
|
||||
@@ -1063,3 +1066,27 @@ class OpenEndedModuleUtilTest(unittest.TestCase):
|
||||
tests the replace_newlines function
|
||||
"""
|
||||
self.assertEqual(OpenEndedChild.replace_newlines(self.text_linebreaks), self.text_brs)
|
||||
|
||||
def test_linkify(self):
|
||||
"""
|
||||
tests the replace_newlines function
|
||||
"""
|
||||
self.assertEqual(OpenEndedChild.sanitize_html(self.link_text), self.link_atag)
|
||||
|
||||
def test_combined(self):
|
||||
"""
|
||||
tests a combination of inputs
|
||||
"""
|
||||
test_input = u"{}\n{}\n{}\n\n{}{}\n{}".format(self.link_text,
|
||||
self.text,
|
||||
self.script_dirty,
|
||||
self.embed_dirty,
|
||||
self.text_lessthan_noencd,
|
||||
self.img_dirty)
|
||||
test_output = u"{}<br/>{}<br/>{}<br/><br/>{}{}<br/>{}".format(self.link_atag,
|
||||
self.text,
|
||||
self.script_clean,
|
||||
self.embed_clean,
|
||||
self.text_lessthan_encode,
|
||||
self.img_clean)
|
||||
self.assertEqual(OpenEndedChild.sanitize_html(test_input), test_output)
|
||||
|
||||
Reference in New Issue
Block a user