django-rest-framework/tests
Yury V. Zaytsev 4bb9a3c484 Fix XSS caused by disabled autoescaping in the default DRF Browsable API view templates (#6330)
* Add test that verifies that HTML is correctly escaped in Browsable API views

* Fix `urlize_quoted_links` tag to avoid double escaping in autoescape mode

* Fix XSS in default DRF Browsable API template by re-enabling autoescape
2019-01-16 12:36:25 +00:00
..
browsable_api Fix Serializer.data when provided invalid 'data' (#5646) 2017-12-04 08:39:55 +01:00
importable Fix whitespace in imports 2017-11-25 21:10:30 -05:00
__init__.py Support for running the test suite with py.test 2014-03-02 12:40:30 +01:00
conftest.py Add admin to installed apps to avoid test failures. 2018-03-09 13:04:15 -05:00
models.py Fix #1811: take limit_choices_to into account with FK (#6371) 2019-01-08 13:49:47 +00:00
test_api_client.py Fixed tests on Windows. Added unicode support to SlugField 2017-06-23 23:11:17 -06:00
test_atomic_requests.py tests: fix usage of transaction.non_atomic_requests (#6043) 2018-06-21 14:44:58 -04:00
test_authentication.py Fix CSRF cookie check failure when using session auth with django 1.11.6+ (#6113) 2018-08-07 08:18:56 +01:00
test_authtoken.py Increase test coverage for drf_create_token command (#5550) 2017-11-02 10:26:42 +01:00
test_bound_fields.py Made TemplateHTMLRenderer render IntegerField inputs when value is 0. (#5834) 2018-02-16 16:48:20 +01:00
test_decorators.py Version 3.9 (#6247) 2018-10-18 10:38:46 +01:00
test_description.py Improvements to ViewSet extra actions (#5605) 2018-07-06 10:33:10 +02:00
test_encoders.py Add "optionals not required" build (#6047) 2018-06-22 10:16:57 +02:00
test_exceptions.py Allow hashing of ErrorDetail to fix #5919 (#5932) 2018-04-20 15:32:37 +02:00
test_fields.py Prohibit null characters in CharField by default (#6073) 2018-10-02 16:54:15 +02:00
test_filters.py Add "optionals not required" build (#6047) 2018-06-22 10:16:57 +02:00
test_generics.py Add ValidationError to except in get_object_or_404 for django 1.11 2017-05-05 21:17:12 -04:00
test_htmlrenderer.py Remove Django 1.8 & 1.9 compatibility code (#5481) 2017-10-05 20:41:38 +02:00
test_lazy_hyperlinks.py Lazy hyperlink names (#4554) 2016-10-11 12:18:00 +01:00
test_metadata.py Don't show hidden fields in metadata (#5854) 2018-03-23 22:47:10 +00:00
test_middleware.py Fix request body/POST access (#5590) 2017-11-15 20:58:37 +01:00
test_model_serializer.py Added "allow_unicode" to generated kwargs for ModelSerializer SlugField (#6315) 2018-12-19 15:37:52 +01:00
test_multitable_inheritance.py Perfer iter(dict) over iter(dict.keys()) (#5736) 2018-01-08 09:49:46 +00:00
test_negotiation.py Fix all BytesWarning caught during tests (#5561) 2017-11-06 10:02:48 +01:00
test_one_to_one_with_inheritance.py Perfer iter(dict) over iter(dict.keys()) (#5736) 2018-01-08 09:49:46 +00:00
test_pagination.py Add support for page_size parameter in CursorPaginator class 2017-09-25 11:25:51 +02:00
test_parsers.py Prefer io.BytesIO over six; available on all supported Pythons (#6168) 2018-09-09 11:53:41 +01:00
test_permissions.py Fix composable permissions 2018-11-27 15:29:44 +01:00
test_prefetch_related.py Remove Django 1.8 & 1.9 compatibility code (#5481) 2017-10-05 20:41:38 +02:00
test_relations_generic.py converted generic relations assert to pytest style 2016-11-27 23:55:09 +06:00
test_relations_hyperlink.py converted test asserts of hyperlin relations to pytest 2017-01-21 01:41:45 +06:00
test_relations_pk.py Fix #1811: take limit_choices_to into account with FK (#6371) 2019-01-08 13:49:47 +00:00
test_relations_slug.py fix wrong assert 2017-01-21 02:25:36 +06:00
test_relations.py Only catch TypeError/ValueError for object lookups (#6028) 2018-07-06 12:18:17 +02:00
test_renderers.py Admin renderer urls (#5988) 2018-07-06 10:58:26 +02:00
test_request.py Fix request formdata handling (#5800) 2018-02-05 16:24:13 +01:00
test_requests_client.py Remove Django 1.8 & 1.9 compatibility code (#5481) 2017-10-05 20:41:38 +02:00
test_response.py Scheme fix when unauth and Flask8 lint fix 2017-05-30 00:15:07 +05:00
test_reverse.py Compat cleanup (#5581) 2017-11-10 09:41:03 +01:00
test_routers.py Version 3.9 (#6247) 2018-10-18 10:38:46 +01:00
test_schemas.py Version 3.9 (#6247) 2018-10-18 10:38:46 +01:00
test_serializer_bulk_update.py converted serializer bulk update test asserts to pytest (#4805) 2017-01-11 20:38:32 +00:00
test_serializer_lists.py Ensure that html forms (multipart form data) respect optional fields (#5927) 2018-04-20 15:11:52 +02:00
test_serializer_nested.py Ensure that html forms (multipart form data) respect optional fields (#5927) 2018-04-20 15:11:52 +02:00
test_serializer.py Allow run_validators() to handle non-dict types. (#6365) 2019-01-08 11:39:30 +00:00
test_settings.py Fix override_settings compat (#5668) 2017-12-14 10:33:48 +01:00
test_status.py Sort imports with isort 2015-06-25 16:55:51 -04:00
test_templates.py Fixed AttributeError from items filter when value is None (#5981) 2018-05-11 08:50:08 +02:00
test_templatetags.py Fix XSS caused by disabled autoescaping in the default DRF Browsable API view templates (#6330) 2019-01-16 12:36:25 +00:00
test_testing.py Formalize URLPatternsTestCase (#5703) 2018-01-02 11:14:25 +01:00
test_throttling.py Throttle tests fix (#4810) 2017-01-12 17:53:48 +00:00
test_urlpatterns.py Fix format_suffix_patterns behavior with Django 2 path() routes (#5691) 2017-12-20 13:17:54 +01:00
test_utils.py Fix action support for ViewSet suffixes (#6081) 2018-10-02 16:22:21 +02:00
test_validation_error.py more pytest style assert (#4719) 2016-11-30 09:48:33 +00:00
test_validation.py Scheme fix when unauth and Flask8 lint fix 2017-05-30 00:15:07 +05:00
test_validators.py Fix read_only + default unique_together validation. (#5922) 2018-04-06 15:20:54 +02:00
test_versioning.py Formalize URLPatternsTestCase (#5703) 2018-01-02 11:14:25 +01:00
test_views.py Use overridden settings exception handler 2017-04-06 14:05:29 -05:00
test_viewsets.py Fix action support for ViewSet suffixes (#6081) 2018-10-02 16:22:21 +02:00
test_write_only_fields.py tests: remove some dead code, use assert 0 for never called methods (#5973) 2018-05-08 13:28:46 +01:00
urls.py Add "optionals not required" build (#6047) 2018-06-22 10:16:57 +02:00
utils.py Compat cleanup (#5581) 2017-11-10 09:41:03 +01:00