end
def render_markup(markup)
- sanitize(raw(RedCloth.new(markup.to_s).to_html(:refs_arvados, :textile))) if markup
+ allowed_tags = Rails::Html::Sanitizer.white_list_sanitizer.allowed_tags + %w(table tbody th tr td col colgroup caption thead tfoot)
+ sanitize(raw(RedCloth.new(markup.to_s).to_html(:refs_arvados, :textile)), tags: allowed_tags) if markup
end
def human_readable_bytes_html(n)
assert_includes @response.body, 'Textile description with unsafe script tag alert("Hello there").'
end
+ # Tests #14519
+ test "textile table on description renders as table html markup" do
+ use_token :active
+ project = api_fixture('groups')['aproject']
+ textile_table = <<EOT
+table(table table-striped table-condensed).
+|_. First Header |_. Second Header |
+|Content Cell |Content Cell |
+|Content Cell |Content Cell |
+EOT
+ found = Group.find(project['uuid'])
+ found.description = textile_table
+ found.save!
+ get(:show, {id: project['uuid']}, session_for(:active))
+ assert_includes @response.body, '<th>First Header'
+ assert_includes @response.body, '<td>Content Cell'
+ end
+
test "find a project and edit description to textile description with link to object" do
project = api_fixture('groups')['aproject']
use_token :active
centos7|psutil|5.0.1|0|python|all
debian8,debian9,ubuntu1404,ubuntu1604,ubuntu1804,centos7|lockfile|0.12.2|2|python|all|--epoch 1
debian8,debian9,ubuntu1404,ubuntu1604,ubuntu1804,centos7|subprocess32|3.5.1|2|python|all
-all|ruamel.yaml|0.15.77|0|python|amd64|--python-setup-py-arguments --single-version-externally-managed
+all|ruamel.yaml|0.15.77|1|python|amd64|--python-setup-py-arguments --single-version-externally-managed --depends "ruamel.ordereddict >=0.4.9"
all|cwltest|1.0.20180518074130|4|python|all|--depends 'python-futures >= 3.0.5' --depends 'python-subprocess32 >= 3.5.0'
all|junit-xml|1.8|3|python|all
all|rdflib-jsonld|0.4.0|2|python|all