summaryrefslogtreecommitdiff
path: root/dev-python/genshi/files/genshi-0.6-html_test.patch
diff options
context:
space:
mode:
Diffstat (limited to 'dev-python/genshi/files/genshi-0.6-html_test.patch')
-rw-r--r--dev-python/genshi/files/genshi-0.6-html_test.patch37
1 files changed, 37 insertions, 0 deletions
diff --git a/dev-python/genshi/files/genshi-0.6-html_test.patch b/dev-python/genshi/files/genshi-0.6-html_test.patch
new file mode 100644
index 00000000000..4f74d6b999f
--- /dev/null
+++ b/dev-python/genshi/files/genshi-0.6-html_test.patch
@@ -0,0 +1,37 @@
+Add/Change #501 (test_sanitize_remove_src_javascript fails due to HTMLParser bugfixes in cpython)
+Add/Change #500 (test_sanitize_remove_script_elem fails due to HTMLParser bugfixes in cpython)
+--- a/genshi/filters/tests/html.py
++++ b/genshi/filters/tests/html.py
+@@ -365,9 +365,12 @@
+ self.assertEquals('', (html | HTMLSanitizer()).render())
+ html = HTML('<SCRIPT SRC="http://example.com/"></SCRIPT>')
+ self.assertEquals('', (html | HTMLSanitizer()).render())
+- self.assertRaises(ParseError, HTML, '<SCR\0IPT>alert("foo")</SCR\0IPT>')
+- self.assertRaises(ParseError, HTML,
+- '<SCRIPT&XYZ SRC="http://example.com/"></SCRIPT>')
++ html = HTML('<SCR\0IPT>alert("foo")</SCR\0IPT>')
++ self.assertEquals('&lt;SCR\x00IPT&gt;alert("foo")',
++ (html | HTMLSanitizer()).render())
++ html = HTML('<SCRIPT&XYZ SRC="http://example.com/"></SCRIPT>')
++ self.assertEquals('&lt;SCRIPT&amp;XYZ; SRC="http://example.com/"&gt;',
++ (html | HTMLSanitizer()).render())
+
+ def test_sanitize_remove_onclick_attr(self):
+ html = HTML('<div onclick=\'alert("foo")\' />')
+
+--- a/genshi/filters/tests/html.py
++++ b/genshi/filters/tests/html.py
+@@ -437,9 +440,9 @@
+ # Case-insensitive protocol matching
+ html = HTML('<IMG SRC=\'JaVaScRiPt:alert("foo")\'>')
+ self.assertEquals('<img/>', (html | HTMLSanitizer()).render())
+- # Grave accents (not parsed)
+- self.assertRaises(ParseError, HTML,
+- '<IMG SRC=`javascript:alert("RSnake says, \'foo\'")`>')
++ # Grave accents.
++ html = HTML('<IMG SRC=`javascript:alert("RSnake says, \'foo\'")`>')
++ self.assertEquals('<img/>', (html | HTMLSanitizer()).render())
+ # Protocol encoded using UTF-8 numeric entities
+ html = HTML('<IMG SRC=\'&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;'
+ '&#112;&#116;&#58;alert("foo")\'>')
+
generated by cgit v1.2.1 (git 2.18.0) at 2024-12-27 16:51:56 +0000