Coverage for src/mesh/tests/test_ckeditor

1from django.test import override_settings

3from mesh.views.components.ckeditor_config import CKEditorConfig, sanitize_html_input

4from mesh.views.forms.fields import CKEditorFormField

6tags = {"a", "span"}

7tag_attributes = {"*": {"id", "class", "style"}, "a": {"href"}}

8tag_attribute_values = {"*": {"style": {"text-align: center"}}}

9url_schemes = {"https"}

10styles = {"*": {"text-align"}}

12sanitizer_tests = [

13 {

14 "html": """<a id="span" class="span" style="text-align: center" href="https://link.test" rel="noopener noreferrer">My a</a>""",

15 "expected": """<a id="span" class="span" style="text-align: center" href="https://link.test" rel="noopener noreferrer">My a</a>""",

16 },

17 {

18 "html": """<a id="a" class="a" style="text-align: center;" href="javascript:get_link()" rel="noopener noreferrer" onchange="Evil()">My a</a>""",

19 "expected": """<a id="a" class="a" style="text-align: center;" rel="noopener noreferrer">My a</a>""",

20 },

21 {

22 "html": """  \n <a rel="noopener noreferrer"><span class="my-span">My link</span><script src="https://evil.test"></script></a>  \n """,

23 "expected": """<a rel="noopener noreferrer"><span class="my-span">My link</span></a>""",

24 },

25]

28def test_sanitize_html_input():

29 """

30 Basic testing of the HTML sanitizer.

31 """

32 for test in sanitizer_tests:

33 assert (

34 sanitize_html_input(

35 test["html"], tags, tag_attributes, tag_attribute_values, url_schemes

36 )

37 == test["expected"]

38 )

41def test_ckeditor_sanitizer():

42 """

43 Test correct forwarding of editor config to the sanitizing function.

44 """

45 ckeditor_config = CKEditorConfig(

46 id="mesh",

47 allowed_tags=tags,

48 allowed_attributes=tag_attributes,

49 allowed_attributes_values=tag_attribute_values,

50 allowed_url_schemes=url_schemes,

51 )

53 for test in sanitizer_tests:

54 assert ckeditor_config.sanitize_value(test["html"]) == test["expected"]

57def test_ckeditor_allowed_content():

58 """

59 Test the correct generation of the allowed content used by the CKEditor library.

60 `tag [attrs]{styles}(classes)`

61 """

62 ckeditor_config = CKEditorConfig(

63 id="mesh",

64 allowed_tags=tags,

65 allowed_attributes=tag_attributes,

66 allowed_attributes_values=tag_attribute_values,

67 allowed_url_schemes=url_schemes,

68 allowed_styles=styles,

69 )

71 expected = "a[class,href,id,style]{text-align}(*);span[class,id,style]{text-align}(*)"

72 assert ckeditor_config.allowed_content() == expected

74 assert ckeditor_config.javascript_config()["allowedContent"] == expected

76 ckeditor_config.allowed_tags = {"a", "b", "span"}

77 expected = "a[class,href,id,style]{text-align}(*);b[class,id,style]{text-align}(*);span[class,id,style]{text-align}(*)"

78 assert ckeditor_config.allowed_content() == expected

81def test_ckeditor_form_field():

82 """

83 Test the auto-sanitization of the form field.

84 """

85 ckeditor_config = CKEditorConfig(

86 id="mesh",

87 allowed_tags=tags,

88 allowed_attributes=tag_attributes,

89 allowed_attributes_values=tag_attribute_values,

90 allowed_url_schemes=url_schemes,

91 )

93 with override_settings(CKEDITOR_CONFIGS={"mesh": ckeditor_config.javascript_config()}):

94 field = CKEditorFormField(editor_config=ckeditor_config)

95 for test in sanitizer_tests:

96 assert field.clean(test["html"]) == test["expected"]

Coverage for src/mesh/tests/test_ckeditor_related.py: 100%

30 statements