23 строки
767 B
Python
23 строки
767 B
Python
from amo.messages import _make_message
|
|
|
|
def test_xss():
|
|
|
|
title = "<script>alert(1)</script>"
|
|
message = "<script>alert(2)</script>"
|
|
|
|
r = _make_message(title)
|
|
assert "<script>alert(1)</script>" in r
|
|
r = _make_message(None, message)
|
|
assert "<script>alert(2)</script>" in r
|
|
|
|
r = _make_message(title, title_safe=True)
|
|
assert "<script>alert(1)</script>" in r
|
|
r = _make_message(None, message, message_safe=True)
|
|
assert "<script>alert(2)</script>" in r
|
|
|
|
# Make sure safe flags are independent
|
|
r = _make_message(title, message_safe=True)
|
|
assert "<script>alert(1)</script>" in r
|
|
r = _make_message(None, message, title_safe=True)
|
|
assert "<script>alert(2)</script>" in r
|