add autolinking

openedx · Oct 22, 2013 · 651ef20 · 651ef20
1 parent 79ce043
commit 651ef20
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 5 deletions.
diff --git a/common/lib/xmodule/xmodule/open_ended_grading_classes/openendedchild.py b/common/lib/xmodule/xmodule/open_ended_grading_classes/openendedchild.py
@@ -2,6 +2,7 @@
 import logging
 import re
 import bleach
+from html5lib.tokenizer import HTMLTokenizer
 from xmodule.progress import Progress
 import capa.xqueue_interface as xqueue_interface
 from capa.util import *
@@ -53,7 +54,7 @@ def upload_to_s3(file_to_upload, keyname, s3_interface):
 # Used by sanitize_html
 ALLOWED_HTML_ATTRS = {
     '*': ['id', 'class', 'height', 'width', 'alt'],
-    'a': ['href', 'title', 'rel'],
+    'a': ['href', 'title', 'rel', 'target'],
     'embed': ['src'],
     'iframe': ['src'],
     'img': ['src'],
@@ -222,7 +223,11 @@ def sanitize_html(answer):
                                   tags=['embed', 'iframe', 'a', 'img', 'br'],
                                   attributes=ALLOWED_HTML_ATTRS,
                                   strip=True)
-        return OpenEndedChild.replace_newlines(clean_html)
+        autolinked = bleach.linkify(clean_html,
+                                    callbacks=[bleach.callbacks.target_blank],
+                                    skip_pre=True,
+                                    tokenizer=HTMLTokenizer)
+        return OpenEndedChild.replace_newlines(autolinked)
 
     @staticmethod
     def replace_newlines(html):

diff --git a/common/lib/xmodule/xmodule/tests/test_combined_open_ended.py b/common/lib/xmodule/xmodule/tests/test_combined_open_ended.py
@@ -1011,17 +1011,20 @@ class OpenEndedModuleUtilTest(unittest.TestCase):
     script_clean = u'alert("xss!")'
     img_dirty = u'<img alt="cats" height="200" onclick="eval()" src="http://example.com/lolcats.jpg" width="200">'
     img_clean = u'<img alt="cats" height="200" src="http://example.com/lolcats.jpg" width="200">'
-    embed_dirty = u'<embed height="200" id="cats" onhover="eval()" src="http://example.com/lolcats.swf" width="200">'
+    embed_dirty = u'<embed height="200" id="cats" onhover="eval()" src="http://example.com/lolcats.swf" width="200"/>'
     embed_clean = u'<embed height="200" id="cats" src="http://example.com/lolcats.swf" width="200">'
-    iframe_dirty = u'<img class="cats" height="200" onerror="eval()" src="http://example.com/lolcats" width="200">'
-    iframe_clean = u'<img class="cats" height="200" src="http://example.com/lolcats" width="200">'
+    iframe_dirty = u'<iframe class="cats" height="200" onerror="eval()" src="http://example.com/lolcats" width="200"/>'
+    iframe_clean = u'<iframe class="cats" height="200" src="http://example.com/lolcats" width="200"></iframe>'
 
     text = u'I am a \u201c\xfcber student\u201d'
     text_lessthan_noencd = u'This used to be broken < by the other parser. 3>5'
     text_lessthan_encode = u'This used to be broken &lt; by the other parser. 3&gt;5'
     text_linebreaks = u"St\xfcdent submission:\nI like lamp."
     text_brs = u"St\xfcdent submission:<br/>I like lamp."
 
+    link_text = u'I love going to www.lolcatz.com'
+    link_atag = u'I love going to <a href="http://www.lolcatz.com" target="_blank">www.lolcatz.com</a>'
+
     def test_script(self):
         """
         Basic test for stripping <script>
@@ -1063,3 +1066,27 @@ def test_linebreaks(self):
         tests the replace_newlines function
         """
         self.assertEqual(OpenEndedChild.replace_newlines(self.text_linebreaks), self.text_brs)
+
+    def test_linkify(self):
+        """
+        tests the replace_newlines function
+        """
+        self.assertEqual(OpenEndedChild.sanitize_html(self.link_text), self.link_atag)
+
+    def test_combined(self):
+        """
+        tests a combination of inputs
+        """
+        test_input = u"{}\n{}\n{}\n\n{}{}\n{}".format(self.link_text,
+                                                      self.text,
+                                                      self.script_dirty,
+                                                      self.embed_dirty,
+                                                      self.text_lessthan_noencd,
+                                                      self.img_dirty)
+        test_output = u"{}<br/>{}<br/>{}<br/><br/>{}{}<br/>{}".format(self.link_atag,
+                                                                      self.text,
+                                                                      self.script_clean,
+                                                                      self.embed_clean,
+                                                                      self.text_lessthan_encode,
+                                                                      self.img_clean)
+        self.assertEqual(OpenEndedChild.sanitize_html(test_input), test_output)