--- a/entities/test/unittest_base.py Wed Sep 11 18:04:05 2013 +0200
+++ b/entities/test/unittest_base.py Tue Jan 21 15:11:16 2014 +0100
@@ -133,6 +133,27 @@
self.request().create_entity('CWGroup', name=u'logilab', reverse_in_group=e)
+class HTMLtransformTC(BaseEntityTC):
+
+ def test_sanitized_html(self):
+ r = self.request()
+ c = r.create_entity('Company', name=u'Babar',
+ description=u"""
+Title
+=====
+
+Elephant management best practices.
+
+.. raw:: html
+
+ <script>alert("coucou")</script>
+""", description_format=u'text/rest')
+ self.commit()
+ c.cw_clear_all_caches()
+ self.assertIn('alert', c.printable_value('description', format='text/plain'))
+ self.assertNotIn('alert', c.printable_value('description', format='text/html'))
+
+
class SpecializedEntityClassesTC(CubicWebTC):
def select_eclass(self, etype):