linamh/dev-python/genshi/files/genshi-0.6-html_test.patch

38 lines
2.0 KiB
Diff
Raw Normal View History

Add/Change #501 (test_sanitize_remove_src_javascript fails due to HTMLParser bugfixes in cpython)
Add/Change #500 (test_sanitize_remove_script_elem fails due to HTMLParser bugfixes in cpython)
--- a/genshi/filters/tests/html.py
+++ b/genshi/filters/tests/html.py
@@ -365,9 +365,12 @@
self.assertEquals('', (html | HTMLSanitizer()).render())
html = HTML('<SCRIPT SRC="http://example.com/"></SCRIPT>')
self.assertEquals('', (html | HTMLSanitizer()).render())
- self.assertRaises(ParseError, HTML, '<SCR\0IPT>alert("foo")</SCR\0IPT>')
- self.assertRaises(ParseError, HTML,
- '<SCRIPT&XYZ SRC="http://example.com/"></SCRIPT>')
+ html = HTML('<SCR\0IPT>alert("foo")</SCR\0IPT>')
+ self.assertEquals('&lt;SCR\x00IPT&gt;alert("foo")',
+ (html | HTMLSanitizer()).render())
+ html = HTML('<SCRIPT&XYZ SRC="http://example.com/"></SCRIPT>')
+ self.assertEquals('&lt;SCRIPT&amp;XYZ; SRC="http://example.com/"&gt;',
+ (html | HTMLSanitizer()).render())
def test_sanitize_remove_onclick_attr(self):
html = HTML('<div onclick=\'alert("foo")\' />')
--- a/genshi/filters/tests/html.py
+++ b/genshi/filters/tests/html.py
@@ -437,9 +440,9 @@
# Case-insensitive protocol matching
html = HTML('<IMG SRC=\'JaVaScRiPt:alert("foo")\'>')
self.assertEquals('<img/>', (html | HTMLSanitizer()).render())
- # Grave accents (not parsed)
- self.assertRaises(ParseError, HTML,
- '<IMG SRC=`javascript:alert("RSnake says, \'foo\'")`>')
+ # Grave accents.
+ html = HTML('<IMG SRC=`javascript:alert("RSnake says, \'foo\'")`>')
+ self.assertEquals('<img/>', (html | HTMLSanitizer()).render())
# Protocol encoded using UTF-8 numeric entities
html = HTML('<IMG SRC=\'&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;'
'&#112;&#116;&#58;alert("foo")\'>')