Mercurial > genshi > genshi-test
changeset 841:67ec9a402bdc
Added an option to the `HTMLFiller` to also populate password fields.
| author | cmlenz |
|---|---|
| date | Tue, 17 Mar 2009 18:05:34 +0000 |
| parents | 878306a5b465 |
| children | 004f81b59d97 |
| files | ChangeLog genshi/filters/html.py genshi/filters/tests/html.py |
| diffstat | 3 files changed, 29 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog +++ b/ChangeLog @@ -31,6 +31,7 @@ (ticket #276). * Fixed handling of relative URLs with fragment identifiers containing colons in the `HTMLSanitizer` (ticket #274). + * Added an option to the `HTMLFiller` to also populate password fields. Version 0.5.1
--- a/genshi/filters/html.py +++ b/genshi/filters/html.py @@ -39,7 +39,7 @@ # (if not in a multiple-select) # TODO: only apply to elements in the XHTML namespace (or no namespace)? - def __init__(self, name=None, id=None, data=None): + def __init__(self, name=None, id=None, data=None, passwords=False): """Create the filter. :param name: The name of the form that should be populated. If this @@ -51,12 +51,17 @@ :param data: The dictionary of form values, where the keys are the names of the form fields, and the values are the values to fill in. + :param passwords: Whether password input fields should be populated. + This is off by default for security reasons (for + example, a password may end up in the browser cache) + :note: Changed in 0.5.2: added the `passwords` option """ self.name = name self.id = id if data is None: data = {} self.data = data + self.passwords = passwords def __call__(self, stream): """Apply the filter to the given stream. @@ -83,7 +88,7 @@ elif in_form: if tagname == 'input': - type = attrs.get('type') + type = attrs.get('type').lower() if type in ('checkbox', 'radio'): name = attrs.get('name') if name and name in self.data: @@ -105,14 +110,17 @@ attrs |= [(QName('checked'), 'checked')] elif 'checked' in attrs: attrs -= 'checked' - elif type in (None, 'hidden', 'text'): + elif type in (None, 'hidden', 'text') \ + or type == 'password' and self.passwords: name = attrs.get('name') if name and name in self.data: value = self.data[name] if isinstance(value, (list, tuple)): value = value[0] if value is not None: - attrs |= [(QName('value'), unicode(value))] + attrs |= [ + (QName('value'), unicode(value)) + ] elif tagname == 'select': name = attrs.get('name') if name in self.data:
--- a/genshi/filters/tests/html.py +++ b/genshi/filters/tests/html.py @@ -306,6 +306,22 @@ </select> </form>""", unicode(html)) + def test_fill_input_password_disabled(self): + html = HTML("""<form><p> + <input type="password" name="pass" /> + </p></form>""") | HTMLFormFiller(data={'pass': 'bar'}) + self.assertEquals("""<form><p> + <input type="password" name="pass"/> + </p></form>""", unicode(html)) + + def test_fill_input_password_enabled(self): + html = HTML("""<form><p> + <input type="password" name="pass" /> + </p></form>""") | HTMLFormFiller(data={'pass': '1234'}, passwords=True) + self.assertEquals("""<form><p> + <input type="password" name="pass" value="1234"/> + </p></form>""", unicode(html)) + class HTMLSanitizerTestCase(unittest.TestCase):