Files @ df930758dcf7
Branch filter:

Location: kallithea/pytest.ini

df930758dcf7 391 B text/x-ini Show Annotation Show as Raw Download as Raw
mads
repos: extra HTML escaping of repo and repo group names shown in DataTables

These names will already have been "slugged" and can thus not contain anything
that can be used for any attack. But let's be explicitly safe and escape them
anyway.

raw_name without escaping would cause XSS *if* it was possible to create unsafe
repo names.

just_name must be escaped in order to make search work correctly - for example
if searching for '<' ... *if* it was possible for names to contain that.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
[pytest]
# only look for tests in kallithea/tests
python_files = kallithea/tests/**/test_*.py
addopts =
    # --verbose
    # show extra test summary info as specified by chars (f)ailed, (E)error, (s)skipped, (x)failed, (X)passed, (w)warnings.
    -rfEsxXw
    # Shorter scrollbacks; less stuff to scroll through
    --tb=short
    #
    --doctest-modules
    --doctest-ignore-import-errors
Server instance: clio-4740 This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3. – Support