diff --git a/ietf/doc/tests.py b/ietf/doc/tests.py index 1d21dac67..b13cdea9e 100644 --- a/ietf/doc/tests.py +++ b/ietf/doc/tests.py @@ -247,7 +247,7 @@ class SearchTests(TestCase): r = self.client.get(urlreverse('ietf.doc.views_search.docs_for_ad', kwargs=dict(name=ad.full_name_as_key()))) self.assertEqual(r.status_code, 200) self.assertContains(r, draft.name) - self.assertContains(r, draft.action_holders.first().plain_name()) + self.assertContains(r, escape(draft.action_holders.first().plain_name())) self.assertContains(r, rfc.canonical_name()) self.assertContains(r, conflrev.name) self.assertContains(r, statchg.name) @@ -275,7 +275,7 @@ class SearchTests(TestCase): r = self.client.get(urlreverse('ietf.doc.views_search.drafts_in_last_call')) self.assertEqual(r.status_code, 200) self.assertContains(r, draft.title) - self.assertContains(r, draft.action_holders.first().plain_name()) + self.assertContains(r, escape(draft.action_holders.first().plain_name())) def test_in_iesg_process(self): doc_in_process = IndividualDraftFactory() @@ -285,7 +285,7 @@ class SearchTests(TestCase): r = self.client.get(urlreverse('ietf.doc.views_search.drafts_in_iesg_process')) self.assertEqual(r.status_code, 200) self.assertContains(r, doc_in_process.title) - self.assertContains(r, doc_in_process.action_holders.first().plain_name()) + self.assertContains(r, escape(doc_in_process.action_holders.first().plain_name())) self.assertNotContains(r, doc_not_in_process.title) def test_indexes(self): @@ -347,7 +347,7 @@ class SearchTests(TestCase): self.assertEqual(q('td.status span.label-warning').text(),"for 15 days") self.assertEqual(q('td.status span.label-danger').text(),"for 29 days") for ah in [draft.action_holders.first() for draft in drafts]: - self.assertContains(r, ah.plain_name()) + self.assertContains(r, escape(ah.plain_name())) class DocDraftTestCase(TestCase): draft_text = """ diff --git a/ietf/doc/tests_draft.py b/ietf/doc/tests_draft.py index 35f69bf7b..34b8b4841 100644 --- a/ietf/doc/tests_draft.py +++ b/ietf/doc/tests_draft.py @@ -13,6 +13,7 @@ from pyquery import PyQuery from django.urls import reverse as urlreverse from django.conf import settings +from django.utils.html import escape import debug # pyflakes:ignore @@ -1320,7 +1321,7 @@ class IndividualInfoFormsTests(TestCase): self.assertEqual(len(q('form textarea[id=id_note]')), 1) self.assertEqual(len(q('button:contains("Send")')), 1) for ah in doc.action_holders.all(): - self.assertContains(r, ah.plain_name()) + self.assertContains(r, escape(ah.plain_name())) empty_outbox() r = self.client.post(url, dict(note='this is my note')) # note should be < 78 chars to avoid wrapping diff --git a/ietf/group/tests_info.py b/ietf/group/tests_info.py index ddef377df..461cad89c 100644 --- a/ietf/group/tests_info.py +++ b/ietf/group/tests_info.py @@ -72,7 +72,7 @@ class GroupPagesTests(TestCase): self.assertContains(r, group.parent.name) self.assertContains(r, group.acronym) self.assertContains(r, group.name) - self.assertContains(r, group.ad_role().person.plain_name()) + self.assertContains(r, escape(group.ad_role().person.plain_name())) for t in ('rg','area','ag', 'rag', 'dir','review','team','program'): g = GroupFactory.create(type_id=t,state_id='active') @@ -143,7 +143,7 @@ class GroupPagesTests(TestCase): self.assertEqual(r.status_code, 200) self.assertContains(r, group.acronym) self.assertContains(r, group.name) - self.assertContains(r, group.ad_role().person.plain_name()) + self.assertContains(r, escape(group.ad_role().person.plain_name())) self.assertContains(r, chair.address) self.assertContains(r, "This is a charter.") @@ -152,7 +152,7 @@ class GroupPagesTests(TestCase): self.assertEqual(r.status_code, 200) self.assertContains(r, group.acronym) self.assertContains(r, group.name) - self.assertContains(r, group.ad_role().person.plain_name()) + self.assertContains(r, escape(group.ad_role().person.plain_name())) self.assertContains(r, chair.address) self.assertContains(r, "This is a charter.") @@ -232,7 +232,7 @@ class GroupPagesTests(TestCase): self.assertContains(r, draft2.name) self.assertContains(r, draft3.name) for ah in draft3.action_holders.all(): - self.assertContains(r, ah.plain_name()) + self.assertContains(r, escape(ah.plain_name())) self.assertContains(r, 'for 173 days', count=1) # the old_dah should be tagged # Make sure that a logged in user is presented with an opportunity to add results to their community list @@ -348,7 +348,7 @@ class GroupPagesTests(TestCase): self.assertEqual(r.status_code, 200) for role in group.role_set.all(): - self.assertContains(r, role.person.plain_name()) + self.assertContains(r, escape(role.person.plain_name())) def test_materials(self): group = GroupFactory(type_id="team", acronym="testteam", name="Test Team", state_id="active") diff --git a/ietf/iesg/tests.py b/ietf/iesg/tests.py index fb5e53a6c..4993c2da7 100644 --- a/ietf/iesg/tests.py +++ b/ietf/iesg/tests.py @@ -13,6 +13,7 @@ from pyquery import PyQuery from django.conf import settings from django.urls import reverse as urlreverse from django.utils.encoding import force_bytes +from django.utils.html import escape import debug # pyflakes:ignore @@ -49,7 +50,7 @@ class IESGTests(TestCase): self.assertEqual(r.status_code, 200) self.assertContains(r, draft.name) - self.assertContains(r, pos.balloter.plain_name()) + self.assertContains(r, escape(pos.balloter.plain_name())) def test_milestones_needing_review(self): draft = WgDraftFactory()