Commit 651ef209 by Jason Bau

add autolinking

parent 79ce0432
......@@ -2,6 +2,7 @@ import json
import logging
import re
import bleach
from html5lib.tokenizer import HTMLTokenizer
from xmodule.progress import Progress
import capa.xqueue_interface as xqueue_interface
from capa.util import *
......@@ -53,7 +54,7 @@ def upload_to_s3(file_to_upload, keyname, s3_interface):
# Used by sanitize_html
ALLOWED_HTML_ATTRS = {
'*': ['id', 'class', 'height', 'width', 'alt'],
'a': ['href', 'title', 'rel'],
'a': ['href', 'title', 'rel', 'target'],
'embed': ['src'],
'iframe': ['src'],
'img': ['src'],
......@@ -222,7 +223,11 @@ class OpenEndedChild(object):
tags=['embed', 'iframe', 'a', 'img', 'br'],
attributes=ALLOWED_HTML_ATTRS,
strip=True)
return OpenEndedChild.replace_newlines(clean_html)
autolinked = bleach.linkify(clean_html,
callbacks=[bleach.callbacks.target_blank],
skip_pre=True,
tokenizer=HTMLTokenizer)
return OpenEndedChild.replace_newlines(autolinked)
@staticmethod
def replace_newlines(html):
......
......@@ -1011,10 +1011,10 @@ class OpenEndedModuleUtilTest(unittest.TestCase):
script_clean = u'alert("xss!")'
img_dirty = u'<img alt="cats" height="200" onclick="eval()" src="http://example.com/lolcats.jpg" width="200">'
img_clean = u'<img alt="cats" height="200" src="http://example.com/lolcats.jpg" width="200">'
embed_dirty = u'<embed height="200" id="cats" onhover="eval()" src="http://example.com/lolcats.swf" width="200">'
embed_dirty = u'<embed height="200" id="cats" onhover="eval()" src="http://example.com/lolcats.swf" width="200"/>'
embed_clean = u'<embed height="200" id="cats" src="http://example.com/lolcats.swf" width="200">'
iframe_dirty = u'<img class="cats" height="200" onerror="eval()" src="http://example.com/lolcats" width="200">'
iframe_clean = u'<img class="cats" height="200" src="http://example.com/lolcats" width="200">'
iframe_dirty = u'<iframe class="cats" height="200" onerror="eval()" src="http://example.com/lolcats" width="200"/>'
iframe_clean = u'<iframe class="cats" height="200" src="http://example.com/lolcats" width="200"></iframe>'
text = u'I am a \u201c\xfcber student\u201d'
text_lessthan_noencd = u'This used to be broken < by the other parser. 3>5'
......@@ -1022,6 +1022,9 @@ class OpenEndedModuleUtilTest(unittest.TestCase):
text_linebreaks = u"St\xfcdent submission:\nI like lamp."
text_brs = u"St\xfcdent submission:<br/>I like lamp."
link_text = u'I love going to www.lolcatz.com'
link_atag = u'I love going to <a href="http://www.lolcatz.com" target="_blank">www.lolcatz.com</a>'
def test_script(self):
"""
Basic test for stripping <script>
......@@ -1063,3 +1066,27 @@ class OpenEndedModuleUtilTest(unittest.TestCase):
tests the replace_newlines function
"""
self.assertEqual(OpenEndedChild.replace_newlines(self.text_linebreaks), self.text_brs)
def test_linkify(self):
"""
tests the replace_newlines function
"""
self.assertEqual(OpenEndedChild.sanitize_html(self.link_text), self.link_atag)
def test_combined(self):
"""
tests a combination of inputs
"""
test_input = u"{}\n{}\n{}\n\n{}{}\n{}".format(self.link_text,
self.text,
self.script_dirty,
self.embed_dirty,
self.text_lessthan_noencd,
self.img_dirty)
test_output = u"{}<br/>{}<br/>{}<br/><br/>{}{}<br/>{}".format(self.link_atag,
self.text,
self.script_clean,
self.embed_clean,
self.text_lessthan_encode,
self.img_clean)
self.assertEqual(OpenEndedChild.sanitize_html(test_input), test_output)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment