Commit d1376c63 authored by Matija Obreza's avatar Matija Obreza

Title in Article is "safe HTML", don't escape it

Reenabled HtmlSanitizer test
parent 9db8a26c
......@@ -9,7 +9,7 @@
<body>
<c:if test="${title ne ''}">
<h1>
<c:out value="${title}" />
<c:out value="${title}" escapeXml="false" />
</h1>
</c:if>
......
......@@ -44,7 +44,7 @@
<div class="col-md-7" id="middle-col">
<c:if test="${welcomeBlurp ne null}">
<h2>${welcomeBlurp.title}</h2>
<h2><c:out value="${welcomeBlurp.title}" escapeXml="false" /></h2>
<div class="welcome-blurp">
<c:set var="blurp" value="${welcomeBlurp}" />
<%@include file="/WEB-INF/jsp/content/include/blurp-display.jsp"%>
......
......@@ -21,18 +21,32 @@ import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import org.genesys2.server.service.HtmlSanitizer;
import org.genesys2.server.service.impl.OWASPSanitizer;
import org.junit.Ignore;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.EnableAspectJAutoProxy;
import org.springframework.context.annotation.Import;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
@RunWith(SpringJUnit4ClassRunner.class)
@Ignore
@ContextConfiguration(locations = { "classpath:spring/servlet.xml", "classpath:spring/application-context.xml" })
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(classes = HtmlSanitizerTest.Config.class, initializers = PropertyPlacholderInitializer.class)
public class HtmlSanitizerTest {
@EnableAspectJAutoProxy
@Import({})
// @ComponentScan(basePackages = {})
public static class Config {
@Bean
public HtmlSanitizer htmlSanitizer() {
return new OWASPSanitizer();
}
}
@Autowired
private HtmlSanitizer htmlSanitizer;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment