This is an automated email from the ASF dual-hosted git repository.
uranusjr pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/airflow.git
The following commit(s) were added to refs/heads/main by this push:
new 971e3226dc Strip markup from app_name if instance_name_has_markup =
True (#28894)
971e3226dc is described below
commit 971e3226dc3ca43900f0b79c42afffb14c59d691
Author: Adrian Castro <[email protected]>
AuthorDate: Thu Mar 16 12:34:39 2023 +0100
Strip markup from app_name if instance_name_has_markup = True (#28894)
Co-authored-by: Tzu-ping Chung <[email protected]>
---
airflow/www/app.py | 11 ++++++++++-
tests/www/views/test_views_base.py | 21 +++++++++++++++------
2 files changed, 25 insertions(+), 7 deletions(-)
diff --git a/airflow/www/app.py b/airflow/www/app.py
index 7d7a62a72f..abcf76ec0d 100644
--- a/airflow/www/app.py
+++ b/airflow/www/app.py
@@ -25,6 +25,7 @@ from flask import Flask
from flask_appbuilder import SQLA
from flask_caching import Cache
from flask_wtf.csrf import CSRFProtect
+from markupsafe import Markup
from sqlalchemy.engine.url import make_url
from airflow import settings
@@ -81,10 +82,18 @@ def create_app(config=None, testing=False):
flask_app.config["PERMANENT_SESSION_LIFETIME"] =
timedelta(minutes=settings.get_session_lifetime_config())
flask_app.config.from_pyfile(settings.WEBSERVER_CONFIG, silent=True)
- flask_app.config["APP_NAME"] = conf.get(section="webserver",
key="instance_name", fallback="Airflow")
flask_app.config["TESTING"] = testing
flask_app.config["SQLALCHEMY_DATABASE_URI"] = conf.get("database",
"SQL_ALCHEMY_CONN")
+ instance_name = conf.get(section="webserver", key="instance_name",
fallback="Airflow")
+ instance_name_has_markup = conf.getboolean(
+ section="webserver", key="instance_name_has_markup", fallback=False
+ )
+ if instance_name_has_markup:
+ instance_name = Markup(instance_name).striptags()
+
+ flask_app.config["APP_NAME"] = instance_name
+
url = make_url(flask_app.config["SQLALCHEMY_DATABASE_URI"])
if url.drivername == "sqlite" and url.database and not
url.database.startswith("/"):
raise AirflowConfigException(
diff --git a/tests/www/views/test_views_base.py
b/tests/www/views/test_views_base.py
index 3258b61cc6..10eb3d5ea4 100644
--- a/tests/www/views/test_views_base.py
+++ b/tests/www/views/test_views_base.py
@@ -25,6 +25,7 @@ import pytest
from airflow.jobs.base_job import BaseJob
from airflow.utils import timezone
from airflow.utils.session import create_session
+from airflow.www import app as application
from tests.test_utils.asserts import assert_queries_count
from tests.test_utils.config import conf_vars
from tests.test_utils.www import check_content_in_response,
check_content_not_in_response
@@ -400,12 +401,20 @@ def test_page_instance_name_xss_prevention(admin_client):
check_content_not_in_response(xss_string, resp)
-@conf_vars(
- {
- ("webserver", "instance_name"): "<b>Bold Site Title Test</b>",
- ("webserver", "instance_name_has_markup"): "True",
- }
-)
+instance_name_with_markup_conf = {
+ ("webserver", "instance_name"): "<b>Bold Site Title Test</b>",
+ ("webserver", "instance_name_has_markup"): "True",
+}
+
+
+@conf_vars(instance_name_with_markup_conf)
def test_page_instance_name_with_markup(admin_client):
resp = admin_client.get("home", follow_redirects=True)
check_content_in_response("<b>Bold Site Title Test</b>", resp)
+ check_content_not_in_response("<b>Bold Site Title Test</b>",
resp)
+
+
+@conf_vars(instance_name_with_markup_conf)
+def test_page_instance_name_with_markup_title():
+ appbuilder = application.create_app(testing=True).appbuilder
+ assert appbuilder.app_name == "Bold Site Title Test"
