##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
files: fixed breadcrumbs tests and escape of copy path
dan -
r3741:1c4e7f27 new-ui
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -219,6 +219,7 b' class _ToolTip(object):'
219
219
220 tooltip = _ToolTip()
220 tooltip = _ToolTip()
221
221
222 files_icon = icon = '<i class="file-breadcrumb-copy tooltip icon-clipboard clipboard-action" data-clipboard-text="{}" title="Copy the full path"></i>'
222
223
223 def files_breadcrumbs(repo_name, commit_id, file_path, at_ref=None, limit_items=False):
224 def files_breadcrumbs(repo_name, commit_id, file_path, at_ref=None, limit_items=False):
224 if isinstance(file_path, str):
225 if isinstance(file_path, str):
@@ -265,7 +266,7 b' def files_breadcrumbs(repo_name, commit_'
265 url_segments = limited_url_segments
266 url_segments = limited_url_segments
266
267
267 full_path = file_path
268 full_path = file_path
268 icon = '<i class="file-breadcrumb-copy tooltip icon-clipboard clipboard-action" data-clipboard-text="{}" title="Copy the full path"></i>'.format(full_path)
269 icon = files_icon.format(escape(full_path))
269 if file_path == '':
270 if file_path == '':
270 return root_name
271 return root_name
271 else:
272 else:
Show file before | Show file after | Hide comments
@@ -40,27 +40,52 b' def test_urlify_text(url, expected_url):'
40
40
41
41
42 @pytest.mark.parametrize('repo_name, commit_id, path, expected_result', [
42 @pytest.mark.parametrize('repo_name, commit_id, path, expected_result', [
43 # Simple case 1
44 ('repo', 'commit', 'a/b',
45 '<a href="/repo/files/commit/"><i class="icon-home"></i></a>'
46 ' / '
47 '<a href="/repo/files/commit/a">a</a>'
48 ' / '
49 'b'),
50
51 # Simple case
43 ('rX<X', 'cX<X', 'pX<X/aX<X/bX<X',
52 ('rX<X', 'cX<X', 'pX<X/aX<X/bX<X',
44 '<a href="/rX%3CX/files/cX%3CX/">rX&lt;X</a>/'
53 '<a href="/rX%3CX/files/cX%3CX/"><i class="icon-home"></i></a>'
45 '<a href="/rX%3CX/files/cX%3CX/pX%3CX">pX&lt;X</a>/'
54 ' / '
46 '<a href="/rX%3CX/files/cX%3CX/pX%3CX/aX%3CX">aX&lt;X'
55 '<a href="/rX%3CX/files/cX%3CX/pX%3CX">pX&lt;X</a>'
47 '</a>/bX&lt;X'),
56 ' / '
57 '<a href="/rX%3CX/files/cX%3CX/pX%3CX/aX%3CX">aX&lt;X</a>'
58 ' / '
59 'bX&lt;X'),
60
48 # Path with only one segment
61 # Path with only one segment
49 ('rX<X', 'cX<X', 'pX<X',
62 ('rX<X', 'cX<X', 'pX<X',
50 '<a href="/rX%3CX/files/cX%3CX/">rX&lt;X</a>/pX&lt;X'),
63 '<a href="/rX%3CX/files/cX%3CX/"><i class="icon-home"></i></a>'
64 ' / '
65 'pX&lt;X'),
66
51 # Empty path
67 # Empty path
52 ('rX<X', 'cX<X', '', 'rX&lt;X'),
68 ('rX<X', 'cX<X', '',
69 '<i class="icon-home"></i>'),
70
71 # simple quote
53 ('rX"X', 'cX"X', 'pX"X/aX"X/bX"X',
72 ('rX"X', 'cX"X', 'pX"X/aX"X/bX"X',
54 '<a href="/rX%22X/files/cX%22X/">rX&#34;X</a>/'
73 '<a href="/rX%22X/files/cX%22X/"><i class="icon-home"></i></a>'
55 '<a href="/rX%22X/files/cX%22X/pX%22X">pX&#34;X</a>/'
74 ' / '
56 '<a href="/rX%22X/files/cX%22X/pX%22X/aX%22X">aX&#34;X'
75 '<a href="/rX%22X/files/cX%22X/pX%22X">pX&#34;X</a>'
57 '</a>/bX&#34;X'),
76 ' / '
58 ], ids=['simple', 'one_segment', 'empty_path', 'simple_quote'])
77 '<a href="/rX%22X/files/cX%22X/pX%22X/aX%22X">aX&#34;X</a>'
78 ' / '
79 'bX&#34;X'),
80
81 ], ids=['simple1', 'simple2', 'one_segment', 'empty_path', 'simple_quote'])
59 def test_files_breadcrumbs_xss(
82 def test_files_breadcrumbs_xss(
60 repo_name, commit_id, path, app, expected_result):
83 repo_name, commit_id, path, app, expected_result):
61 result = helpers.files_breadcrumbs(repo_name, commit_id, path)
84 result = helpers.files_breadcrumbs(repo_name, commit_id, path)
62 # Expect it to encode all path fragments properly. This is important
85 # Expect it to encode all path fragments properly. This is important
63 # because it returns an instance of `literal`.
86 # because it returns an instance of `literal`.
87 if path != '':
88 expected_result = expected_result + helpers.files_icon.format(helpers.escape(path))
64 assert result == expected_result
89 assert result == expected_result
65
90
66
91
General Comments 0
You need to be logged in to leave comments. Login now