2020-07-16 14:20:33 +00:00
|
|
|
from .fixtures import *
|
|
|
|
|
2020-08-04 13:42:30 +00:00
|
|
|
def test_title_is_htmlencoded_in_index_html(tmp_path, process, disable_extractors_dict):
|
2020-07-16 14:20:33 +00:00
|
|
|
"""
|
|
|
|
https://github.com/pirate/ArchiveBox/issues/330
|
|
|
|
Unencoded content should not be rendered as it facilitates xss injections
|
|
|
|
and breaks the layout.
|
|
|
|
"""
|
2020-08-04 13:42:30 +00:00
|
|
|
add_process = subprocess.run(['archivebox', 'add', 'http://localhost:8080/static/title_with_html.com.html'],
|
|
|
|
capture_output=True, env=disable_extractors_dict)
|
2020-07-16 14:20:33 +00:00
|
|
|
|
|
|
|
with open(tmp_path / "index.html", "r") as f:
|
|
|
|
output_html = f.read()
|
|
|
|
|
|
|
|
assert "<textarea>" not in output_html
|