diff options
author | Alvin Lindstam <alvin.lindstam@gmail.com> | 2018-01-03 01:51:06 +0100 |
---|---|---|
committer | Tim Graham <timograham@gmail.com> | 2018-01-02 19:51:06 -0500 |
commit | 2cb6b7732dc7b172797cebb1e8f19be2de89e264 (patch) | |
tree | 6528306d87bf35bfde9bf1f5d970c2baca1aeb52 /tests/auth_tests/test_validators.py | |
parent | c86e9b5847bc2853fc6a3fcfbf8daa56786d3210 (diff) | |
download | django-2cb6b7732dc7b172797cebb1e8f19be2de89e264.tar.gz |
Fixed #28902 -- Fixed password_validators_help_text_html() double escaping.
Diffstat (limited to 'tests/auth_tests/test_validators.py')
-rw-r--r-- | tests/auth_tests/test_validators.py | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/tests/auth_tests/test_validators.py b/tests/auth_tests/test_validators.py index 068dec9981..d43efc6a3c 100644 --- a/tests/auth_tests/test_validators.py +++ b/tests/auth_tests/test_validators.py @@ -13,6 +13,7 @@ from django.core.exceptions import ValidationError from django.db import models from django.test import TestCase, override_settings from django.test.utils import isolate_apps +from django.utils.html import conditional_escape @override_settings(AUTH_PASSWORD_VALIDATORS=[ @@ -68,6 +69,15 @@ class PasswordValidationTest(TestCase): self.assertEqual(help_text.count('<li>'), 2) self.assertIn('12 characters', help_text) + def test_password_validators_help_text_html_escaping(self): + class AmpersandValidator: + def get_help_text(self): + return 'Must contain &' + help_text = password_validators_help_text_html([AmpersandValidator()]) + self.assertEqual(help_text, '<ul><li>Must contain &</li></ul>') + # help_text is marked safe and therefore unchanged by conditional_escape(). + self.assertEqual(help_text, conditional_escape(help_text)) + @override_settings(AUTH_PASSWORD_VALIDATORS=[]) def test_empty_password_validator_help_text_html(self): self.assertEqual(password_validators_help_text_html(), '') |