Prohibit invalid URI characters in web names (JavaScript normally prevents from it, but it may be disabled)
This commit is contained in:
parent
759fbda8a0
commit
d330c02186
3 changed files with 19 additions and 2 deletions
|
@ -5,12 +5,15 @@ require "wiki_words"
|
|||
require "zip/zip"
|
||||
|
||||
class Web
|
||||
attr_accessor :name, :address, :password, :markup, :color, :safe_mode, :pages
|
||||
attr_accessor :name, :password, :markup, :color, :safe_mode, :pages
|
||||
attr_accessor :additional_style, :published, :brackets_only, :count_pages, :allow_uploads
|
||||
attr_accessor :max_upload_size
|
||||
|
||||
attr_reader :address
|
||||
|
||||
def initialize(parent_wiki, name, address, password = nil)
|
||||
@wiki, @name, @address, @password = parent_wiki, name, address, password
|
||||
self.address = address
|
||||
@wiki, @name, @password = parent_wiki, name, password
|
||||
|
||||
# default values
|
||||
@markup = :textile
|
||||
|
@ -30,6 +33,13 @@ class Web
|
|||
@pages[page.name] = page
|
||||
end
|
||||
|
||||
def address=(the_address)
|
||||
if the_address != CGI.escape(the_address)
|
||||
raise Instiki::ValidationError.new("Web name should contain only valid URI characters")
|
||||
end
|
||||
@address = the_address
|
||||
end
|
||||
|
||||
def authors
|
||||
select.authors
|
||||
end
|
||||
|
|
|
@ -2,6 +2,7 @@ ENV['RAILS_ENV'] = 'test'
|
|||
require File.expand_path(File.dirname(__FILE__) + '/../config/environment')
|
||||
require 'application'
|
||||
require 'test/unit'
|
||||
require 'breakpoint'
|
||||
require 'action_controller/test_process'
|
||||
|
||||
# Uncomment this variable to have assert_success check that response bodies are valid XML
|
||||
|
|
|
@ -119,6 +119,12 @@ class WebTest < Test::Unit::TestCase
|
|||
assert_equal 100, web.max_upload_size
|
||||
end
|
||||
|
||||
def test_initialize_invalid_name
|
||||
wiki_stub = Object.new
|
||||
assert_raises(Instiki::ValidationError) {
|
||||
Web.new(wiki_stub, 'Wiki2', "wiki\234", '123')
|
||||
}
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
|
|
Loading…
Reference in a new issue