mirror of
https://github.com/simonw/datasette.git
synced 2025-12-10 16:51:24 +01:00
Correctly escape output of ?_trace, refs #1360
This commit is contained in:
Simon Willison
parent
af5a7f1c09
commit
26fc539312
2 changed files with 8 additions and 1 deletions
|
|
@ -1612,3 +1612,9 @@ def test_navigation_menu_links(
|
|||
assert (
|
||||
details.find("a", {"href": link}) is None
|
||||
), f"{link} found but should not have been in nav menu"
|
||||
|
||||
|
||||
def test_trace_correctly_escaped(app_client):
|
||||
response = app_client.get("/fixtures?sql=select+'<h1>Hello'&_trace=1")
|
||||
assert "select '<h1>Hello" not in response.text
|
||||
assert "select '<h1>Hello" in response.text
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue