Mercurial > kallithea
annotate setup.cfg @ 7552:e74aa69f6827 stable
lib: sanitize HTML for all types of README rendering, not only markdown
The repository summary page will display a rendered version of the
repository 'readme' based on its file extension. In commit 5746cc3b3fa5,
the rendered output was already sanitized when the input was markdown.
However, also readmes written in other formats, like ReStructuredText (RST)
or plain text could have content that we want sanitized.
Therefore, move the sanitizing one level up so it covers all renderers, for
now and the future.
This fixes an XSS issue when a repository readme contains javascript code,
which would be executed when the repository summary page is visited by a
user.
Reported by Bob Hogg <wombat@rwhogg.site> (thanks!).
author | Thomas De Schampheleire <thomas.de_schampheleire@nokia.com> |
---|---|
date | Sat, 26 Jan 2019 20:27:50 +0100 |
parents | 19267f233d39 |
children | d88077fae3d6 |
rev | line source |
---|---|
0 | 1 [egg_info] |
5379
1949ece749ce
cleanup: fix whitespace in CONTRIBUTORS (and other forgotten files) too
Mads Kiilerich <madski@unity3d.com>
parents:
5146
diff
changeset
|
2 tag_build = |
4988
acaa02179aeb
setup.cfg: update checked-in version to match how sdist writes it
Mads Kiilerich <madski@unity3d.com>
parents:
4257
diff
changeset
|
3 tag_svn_revision = 0 |
acaa02179aeb
setup.cfg: update checked-in version to match how sdist writes it
Mads Kiilerich <madski@unity3d.com>
parents:
4257
diff
changeset
|
4 tag_date = 0 |
0 | 5 |
6 [nosetests] | |
4988
acaa02179aeb
setup.cfg: update checked-in version to match how sdist writes it
Mads Kiilerich <madski@unity3d.com>
parents:
4257
diff
changeset
|
7 verbose = True |
acaa02179aeb
setup.cfg: update checked-in version to match how sdist writes it
Mads Kiilerich <madski@unity3d.com>
parents:
4257
diff
changeset
|
8 verbosity = 2 |
5416
19267f233d39
tests: move test.ini to kallithea/tests/
Mads Kiilerich <madski@unity3d.com>
parents:
5390
diff
changeset
|
9 with-pylons = kallithea/tests/test.ini |
4988
acaa02179aeb
setup.cfg: update checked-in version to match how sdist writes it
Mads Kiilerich <madski@unity3d.com>
parents:
4257
diff
changeset
|
10 detailed-errors = 1 |
acaa02179aeb
setup.cfg: update checked-in version to match how sdist writes it
Mads Kiilerich <madski@unity3d.com>
parents:
4257
diff
changeset
|
11 nologcapture = 1 |
0 | 12 |
5061
8c1258f69892
tests: Move pytest config (norecursedirs) from tox.ini to setup.cfg
Mads Kiilerich <madski@unity3d.com>
parents:
4988
diff
changeset
|
13 [pytest] |
5145
7187c1707eda
tests: restrict pytest test collection to kallithea/tests
Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
parents:
5062
diff
changeset
|
14 # only look for tests in kallithea/tests |
7187c1707eda
tests: restrict pytest test collection to kallithea/tests
Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
parents:
5062
diff
changeset
|
15 python_files = kallithea/tests/**/test_*.py |
5146
08ad393e6866
tests: move pytest settings from kallithea/tests/pytest.ini to setup.cfg
Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
parents:
5145
diff
changeset
|
16 addopts = |
08ad393e6866
tests: move pytest settings from kallithea/tests/pytest.ini to setup.cfg
Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
parents:
5145
diff
changeset
|
17 # --verbose |
08ad393e6866
tests: move pytest settings from kallithea/tests/pytest.ini to setup.cfg
Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
parents:
5145
diff
changeset
|
18 # show extra test summary info as specified by chars (f)ailed, (E)error, (s)skipped, (x)failed, (X)passed, (w)warnings. |
08ad393e6866
tests: move pytest settings from kallithea/tests/pytest.ini to setup.cfg
Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
parents:
5145
diff
changeset
|
19 -rfEsxXw |
08ad393e6866
tests: move pytest settings from kallithea/tests/pytest.ini to setup.cfg
Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
parents:
5145
diff
changeset
|
20 # Shorter scrollbacks; less stuff to scroll through |
08ad393e6866
tests: move pytest settings from kallithea/tests/pytest.ini to setup.cfg
Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
parents:
5145
diff
changeset
|
21 --tb=short |
5061
8c1258f69892
tests: Move pytest config (norecursedirs) from tox.ini to setup.cfg
Mads Kiilerich <madski@unity3d.com>
parents:
4988
diff
changeset
|
22 |
0 | 23 [compile_catalog] |
4186
7e5f8c12a3fc
First step in two-part process to rename directories to kallithea.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
24 domain = kallithea |
7e5f8c12a3fc
First step in two-part process to rename directories to kallithea.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
25 directory = kallithea/i18n |
0 | 26 statistics = true |
27 | |
28 [extract_messages] | |
29 add_comments = TRANSLATORS: | |
4186
7e5f8c12a3fc
First step in two-part process to rename directories to kallithea.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
30 output_file = kallithea/i18n/kallithea.pot |
4248
10df28cbcce7
Correct contact address for translations.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
4208
diff
changeset
|
31 msgid-bugs-address = translations@kallithea-scm.org |
4208
ad38f9f93b3b
Correct licensing information in individual files.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
4186
diff
changeset
|
32 copyright-holder = Various authors, licensing as GPLv3 |
3932
3483de9d11e5
updated pot file and extract_messages defaults
Marcin Kuzminski <marcin@python-works.com>
parents:
3158
diff
changeset
|
33 no-wrap = true |
0 | 34 |
35 [init_catalog] | |
4186
7e5f8c12a3fc
First step in two-part process to rename directories to kallithea.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
36 domain = kallithea |
7e5f8c12a3fc
First step in two-part process to rename directories to kallithea.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
37 input_file = kallithea/i18n/kallithea.pot |
7e5f8c12a3fc
First step in two-part process to rename directories to kallithea.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
38 output_dir = kallithea/i18n |
0 | 39 |
40 [update_catalog] | |
4186
7e5f8c12a3fc
First step in two-part process to rename directories to kallithea.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
41 domain = kallithea |
7e5f8c12a3fc
First step in two-part process to rename directories to kallithea.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
42 input_file = kallithea/i18n/kallithea.pot |
7e5f8c12a3fc
First step in two-part process to rename directories to kallithea.
Bradley M. Kuhn <bkuhn@sfconservancy.org>
parents:
3960
diff
changeset
|
43 output_dir = kallithea/i18n |
0 | 44 previous = true |
592
0a48c1ec04fc
#37 fixed json imports for python2.5
Marcin Kuzminski <marcin@python-works.com>
parents:
589
diff
changeset
|
45 |
0a48c1ec04fc
#37 fixed json imports for python2.5
Marcin Kuzminski <marcin@python-works.com>
parents:
589
diff
changeset
|
46 [build_sphinx] |
0a48c1ec04fc
#37 fixed json imports for python2.5
Marcin Kuzminski <marcin@python-works.com>
parents:
589
diff
changeset
|
47 source-dir = docs/ |
4988
acaa02179aeb
setup.cfg: update checked-in version to match how sdist writes it
Mads Kiilerich <madski@unity3d.com>
parents:
4257
diff
changeset
|
48 build-dir = docs/_build |
acaa02179aeb
setup.cfg: update checked-in version to match how sdist writes it
Mads Kiilerich <madski@unity3d.com>
parents:
4257
diff
changeset
|
49 all_files = 1 |
592
0a48c1ec04fc
#37 fixed json imports for python2.5
Marcin Kuzminski <marcin@python-works.com>
parents:
589
diff
changeset
|
50 |
0a48c1ec04fc
#37 fixed json imports for python2.5
Marcin Kuzminski <marcin@python-works.com>
parents:
589
diff
changeset
|
51 [upload_sphinx] |
3932
3483de9d11e5
updated pot file and extract_messages defaults
Marcin Kuzminski <marcin@python-works.com>
parents:
3158
diff
changeset
|
52 upload-dir = docs/_build/html |