[ckan-changes] commit/ckan: 3 new changesets
Bitbucket
commits-noreply at bitbucket.org
Wed Jun 8 11:27:45 UTC 2011
3 new changesets in ckan:
http://bitbucket.org/okfn/ckan/changeset/72f7d48d7f31/
changeset: 72f7d48d7f31
user: dread
date: 2011-06-08 13:24:15
summary: #1181 Add nofollow to links vulnerable to spammers.
affected #: 6 files (662 bytes)
--- a/ckan/lib/create_test_data.py Thu Jun 02 12:03:28 2011 +0200
+++ b/ckan/lib/create_test_data.py Wed Jun 08 12:24:15 2011 +0100
@@ -378,7 +378,7 @@
model.Session.add_all([
model.User(name=u'tester', apikey=u'tester', password=u'tester'),
model.User(name=u'joeadmin', password=u'joeadmin'),
- model.User(name=u'annafan', about=u'I love reading Annakarenina', password=u'annafan'),
+ model.User(name=u'annafan', about=u'I love reading Annakarenina. My site: <a href="http://anna.com">anna.com</a>', password=u'annafan'),
model.User(name=u'russianfan', password=u'russianfan'),
model.User(name=u'testsysadmin', password=u'testsysadmin'),
])
--- a/ckan/misc.py Thu Jun 02 12:03:28 2011 +0200
+++ b/ckan/misc.py Wed Jun 08 12:24:15 2011 +0100
@@ -19,31 +19,31 @@
html_whitelist = 'a b center li ol p table td tr ul'.split(' ')
whitelist_elem = re.compile(r'<(\/?(%s)[^>]*)>' % "|".join(html_whitelist), re.IGNORECASE)
whitelist_escp = re.compile(r'\\xfc\\xfd(\/?(%s)[^>]*?)\\xfd\\xfc' % "|".join(html_whitelist), re.IGNORECASE)
+ html_link = re.compile(r'<a href="([^"]*)">')
def to_html(self, text):
if text is None:
return ''
-
- try:
- # Encode whitelist elements.
- text = self.whitelist_elem.sub(r'\\\\xfc\\\\xfd\1\\\\xfd\\\\xfc', text)
- # Convert internal links.
- text = self.internal_link.sub(r'[\1:\2] (/\1/\2)', text)
+ # Encode whitelist elements.
+ text = self.whitelist_elem.sub(r'\\\\xfc\\\\xfd\1\\\\xfd\\\\xfc', text)
- # Convert <link> to markdown format.
- text = self.normal_link.sub(r'[\1] (\1)', text)
+ # Convert internal links.
+ text = self.internal_link.sub(r'[\1:\2] (/\1/\2)', text)
- # Convert <link> to markdown format.
- text = self.normal_link.sub(r'[\1] (\1)', text)
+ # Convert <link> to markdown format.
+ text = self.normal_link.sub(r'[\1] (\1)', text)
- # Markdown to HTML.
- text = webhelpers.markdown.markdown(text, safe_mode=True)
+ # Convert <link> to markdown format.
+ text = self.normal_link.sub(r'[\1] (\1)', text)
- # Decode whitelist elements.
- text = self.whitelist_escp.sub(r'<\1>', text)
- except Exception, e:
- log.exception(e)
- text = '<p>%s</p>' % _('<strong>Warning:</strong>: Text could not be rendered.')
+ # Markdown to HTML.
+ text = webhelpers.markdown.markdown(text, safe_mode=True)
+
+ # Decode whitelist elements.
+ text = self.whitelist_escp.sub(r'<\1>', text)
+
+ # Make links safer.
+ text = self.html_link.sub(r'<a href="\1" target="_blank" rel="nofollow">', text)
return text
--- a/ckan/tests/functional/test_package.py Thu Jun 02 12:03:28 2011 +0200
+++ b/ckan/tests/functional/test_package.py Wed Jun 08 12:24:15 2011 +0100
@@ -307,6 +307,10 @@
assert anna.resources[0].description in res
assert anna.resources[0].hash in res
assert 'Some test notes' in res
+ self.check_named_element(res, 'a',
+ 'http://ckan.net/',
+ 'target="_blank"',
+ 'rel="nofollow"')
assert '<strong>Some bolded text.</strong>' in res
self.check_tag_and_data(res, 'left arrow', '<')
self.check_tag_and_data(res, 'umlaut', u'\xfc')
--- a/ckan/tests/functional/test_user.py Thu Jun 02 12:03:28 2011 +0200
+++ b/ckan/tests/functional/test_user.py Wed Jun 08 12:24:15 2011 +0100
@@ -1,10 +1,11 @@
from routes import url_for
from ckan.tests import search_related, CreateTestData
+from ckan.tests.html_check import HtmlCheckMethods
import ckan.model as model
from base import FunctionalTestCase
-class TestUserController(FunctionalTestCase):
+class TestUserController(FunctionalTestCase, HtmlCheckMethods):
@classmethod
def setup_class(self):
model.repo.init_db()
@@ -34,6 +35,10 @@
assert 'My Account' not in main_res, main_res
assert 'about' in main_res, main_res
assert 'I love reading Annakarenina' in res, main_res
+ self.check_named_element(res, 'a',
+ 'http://anna.com',
+ 'target="_blank"',
+ 'rel="nofollow"')
assert 'Edit' not in main_res, main_res
assert 'Number of edits:</strong> 3' in res, res
assert 'Number of packages administered:</strong> 1' in res, res
--- a/ckan/tests/misc/test_format_text.py Thu Jun 02 12:03:28 2011 +0200
+++ b/ckan/tests/misc/test_format_text.py Wed Jun 08 12:24:15 2011 +0100
@@ -34,14 +34,14 @@
def test_internal_link(self):
instr = 'package:test-_pkg'
- exp = '<a href="/package/test-_pkg">package:test-_pkg</a>'
+ exp = '<a href="/package/test-_pkg" target="_blank" rel="nofollow">package:test-_pkg</a>'
format = MarkdownFormat()
out = format.to_html(instr)
assert exp in out, '\nGot: %s\nWanted: %s' % (out, exp)
def test_normal_link(self):
instr = '<http:/somelink/>'
- exp = '<a href="http:/somelink/">http:/somelink/</a>'
+ exp = '<a href="http:/somelink/" target="_blank" rel="nofollow">http:/somelink/</a>'
format = MarkdownFormat()
out = format.to_html(instr)
assert exp in out, '\nGot: %s\nWanted: %s' % (out, exp)
--- a/ckan/tests/models/test_package.py Thu Jun 02 12:03:28 2011 +0200
+++ b/ckan/tests/models/test_package.py Wed Jun 08 12:24:15 2011 +0100
@@ -87,7 +87,7 @@
assert out['metadata_modified'] == pkg.metadata_modified.isoformat()
assert out['metadata_created'] == pkg.metadata_created.isoformat()
assert_equal(out['notes'], pkg.notes)
- assert_equal(out['notes_rendered'], '<p>A <b>great</b> package [HTML_REMOVED] like <a href="/package/pollution_stats">package:pollution_stats</a>\n</p>')
+ assert_equal(out['notes_rendered'], '<p>A <b>great</b> package [HTML_REMOVED] like <a href="/package/pollution_stats" target="_blank" rel="nofollow">package:pollution_stats</a>\n</p>')
class TestPackageWithTags:
http://bitbucket.org/okfn/ckan/changeset/a56be2373185/
changeset: a56be2373185
user: dread
date: 2011-06-08 13:26:42
summary: [doc]: #1168 Minor improvements in light of changes to deb packaging.
affected #: 1 file (10 bytes)
--- a/doc/deb.rst Wed Jun 08 12:24:15 2011 +0100
+++ b/doc/deb.rst Wed Jun 08 12:26:42 2011 +0100
@@ -425,25 +425,25 @@
A user will follow the following process:
-First create the file ``/etc/apt/sources.list.d/okfn.list`` with this line, replacing ``lucid`` with the correct repo you want to use:
+First create the file ``/etc/apt/sources.list.d/okfn.list`` using this command, replacing ``ubuntu_ckan_dev`` with the correct repo you want to use:
::
- echo "deb http://apt-alpha.ckan.org/lucid lucid universe" | sudo tee /etc/apt/sources.list.d/okfn.list
+ echo "deb http://apt.okfn.org/ubuntu_ckan_dev lucid universe" | sudo tee /etc/apt/sources.list.d/okfn.list
Then add the package key to say you trust packages from this repository:
::
sudo apt-get install wget
- wget -qO- http://apt-alpha.ckan.org/packages.okfn.key | sudo apt-key add -
+ wget -qO- http://apt.okfn.org/packages.okfn.key | sudo apt-key add -
sudo apt-get update
Now you can not install a CKAN extension application, just like any other Debian package:
::
- sudo apt-get install ckan-dgu
+ sudo apt-get install ckan-std
At this point you should have a running instance. You may need to copy across
an existing database if you need your instance pre-populated with data.
@@ -616,7 +616,7 @@
python -m buildkit.deb . ckanext-csw 0.3~10 http://ckan.org python-ckanext-harvest python-owslib python-ckan
python -m buildkit.deb . ckanext-dgu 0.2~11 http://ckan.org python-ckan python-ckanext-importlib python-ckanext-dgu python-ckanext-csw python-ckan python-ckanext-spatial python-ckanext-inspire
python -m buildkit.deb . ckanext-qa 0.1~19 http://ckan.org python-ckan
- python -m buildkit.deb . ckan 1.3.4~02 http://ckan.org python-routes python-vdm python-pylons python-genshi python-sqlalchemy python-repoze.who python-repoze.who-plugins python-pyutilib.component.core python-migrate python-formalchemy python-sphinx python-markupsafe python-setuptools python-psycopg2 python-licenses python-ckan-deps
+ python -m buildkit.deb . ckan 1.4~01 http://ckan.org python-routes python-vdm python-pylons python-genshi python-sqlalchemy python-repoze.who python-repoze.who-plugins python-pyutilib.component.core python-migrate python-formalchemy python-sphinx python-markupsafe python-setuptools python-psycopg2 python-licenses python-ckan-deps
There's a dependency on postfix. Choose internet site and the default hostname unless you know better.
http://bitbucket.org/okfn/ckan/changeset/778f75df26a5/
changeset: 778f75df26a5
user: dread
date: 2011-06-08 13:27:26
summary: [pip-requirements] #1168 Add flup dependency (from autoneg) explicitly, for deb build system.
affected #: 1 file (65 bytes)
--- a/requires/lucid_missing.txt Wed Jun 08 12:26:42 2011 +0100
+++ b/requires/lucid_missing.txt Wed Jun 08 12:27:26 2011 +0100
@@ -11,6 +11,8 @@
-e git+https://github.com/mitsuhiko/markupsafe.git@0.9.2#egg=markupsafe
# autoneg>=0.5
-e git+https://github.com/wwaites/autoneg.git@b4c727b164f411cc9d60#egg=autoneg
+# flup>=0.5
+-e hg+http://hg.saddi.com/flup@301a58656bfb#egg=flup
# NOTE: Developers, our build script for the Debian packages relies on the
# requirements above being specified as editable resources with their
Repository URL: https://bitbucket.org/okfn/ckan/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
More information about the ckan-changes
mailing list