diff --git a/product/ERP5OOo/tests/testDms.py b/product/ERP5OOo/tests/testDms.py index 37e110406c607052358ef4a7b6733e7745f427e3..b18fb20629d56b4451f2f83da9a9e09cd02aff16 100644 --- a/product/ERP5OOo/tests/testDms.py +++ b/product/ERP5OOo/tests/testDms.py @@ -1506,6 +1506,8 @@ class TestDocument(TestDocumentMixin): html_content = """<html> <head> + <meta http-equiv="refresh" content="5;url=http://example.com/"/> + <meta http-equiv="Set-Cookie" content=""/> <title>My dirty title</title> <style type="text/css"> a {color: #FFAA44;} @@ -1533,6 +1535,8 @@ class TestDocument(TestDocumentMixin): self.assertTrue('<head>' not in safe_html) self.assertTrue('<style' not in safe_html) self.assertTrue('#FFAA44' not in safe_html) + self.assertTrue('5;url=http://example.com/' not in safe_html) + self.assertTrue('Set-Cookie' not in safe_html) # Check that outputed entire html is safe entire_html = web_page.asEntireHTML()