Mercurial > p > roundup > code

view test/test_init.py @ 8356:63390dcfcfe9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
bug: fix template use of structure with untrusted data Looks like an xSS bug with an early version of the template that was fixed in the code but never in the deployed tracker. It has been a while since this particular construct has been in the classic template which is the base for the tracker. This has been fixed on the deployed tracker as well. reported by 4bug of ChaMd5 Security Team H1 Group
author John Rouillard <rouilj@ieee.org>
date Tue, 08 Jul 2025 10:23:09 -0400
parents 198b6e810c67
children
line wrap: on
line source

#-*- encoding: utf-8 -*-

import unittest, os, pprint, difflib, textwrap

from roundup.init import loadTemplateInfo


class TemplateInfoTestCase(unittest.TestCase):
    def testLoadTemplateInfo(self):
        path = os.path.join(os.path.dirname(__file__),
                            '../share/roundup/templates/classic')
        self.maxDiff = None
        self.assertEqual(
            loadTemplateInfo(path),
            {
              'description': textwrap.dedent('''\
                   This is a generic issue tracker that may be used to track bugs,
                                feature requests, project issues or any number of other types
                                of issues. Most users of Roundup will find that this template
                                suits them, with perhaps a few customisations.'''),
              'intended-for': 'All first-time Roundup users',
              'name': 'classic',
              'path': path
            }
        )

# vim: set et sts=4 sw=4 :
Roundup Issue Tracker: http://roundup-tracker.org/