Mercurial > genshi > mirror
changeset 660:e39bc71a9ea1 experimental-sandboxed
added first (and pretty useless) test for the restricted branch
author | aronacher |
---|---|
date | Thu, 29 Nov 2007 18:08:37 +0000 |
parents | 7aebde54c10f |
children | 36089a8780c9 |
files | genshi/tests/restrictions.py |
diffstat | 1 files changed, 40 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
new file mode 100644 --- /dev/null +++ b/genshi/tests/restrictions.py @@ -0,0 +1,40 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2006 Edgewall Software +# All rights reserved. +# +# This software is licensed as described in the file COPYING, which +# you should have received as part of this distribution. The terms +# are also available at http://genshi.edgewall.org/wiki/License. +# +# This software consists of voluntary contributions made by many +# individuals. For the exact contribution history, see the revision +# history and logs, available at http://genshi.edgewall.org/log/. + +import unittest + +from genshi.template import MarkupTemplate + + +exploit_template = MarkupTemplate(u'''\ +<html xmlns:py="http://genshi.edgewall.org/"> + <div py:content="(23).__class__.__base__"/> + <p>${(42).__class__.__base__}</p> +</html> +''', lookup='lenient', restricted=True) + + +class RestrictionsTestCase(unittest.TestCase): + + def test_various_exploits(self): + self.assertEqual(exploit_template.generate().render('html'), + '<html>\n <div></div>\n <p></p>\n</html>') + +def suite(): + suite = unittest.TestSuite() + suite.addTest(unittest.makeSuite(RestrictionsTestCase, 'test')) + return suite + + +if __name__ == '__main__': + unittest.main(defaultTest='suite')