Mercurial > genshi > mirror

comparison markup/tests/core.py @ 21:b4d17897d053 trunk

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
* Include paths are now interpreted relative to the path of the including template. Closes #3. * The filename is now included as first item in the `pos` tuple of stream events. * Simplified the "basic" example so that it actually ''is'' basic. * Added a more complex example using nested relative includes in [source:/trunk/examples/includes/ examples/includes].
author cmlenz
date Tue, 20 Jun 2006 13:05:37 +0000
parents 5420cfe42d36
children b4f78c05e5c9
comparison
equal deleted inserted replaced
20:cc92d74ce9e5 21:b4d17897d053
10 # This software consists of voluntary contributions made by many 10 # This software consists of voluntary contributions made by many
11 # individuals. For the exact contribution history, see the revision 11 # individuals. For the exact contribution history, see the revision
12 # history and logs, available at http://projects.edgewall.com/trac/. 12 # history and logs, available at http://projects.edgewall.com/trac/.
13 13
14 import doctest 14 import doctest
15 from HTMLParser import HTMLParseError
16 import unittest 15 import unittest
17 16
18 from markup.core import * 17 from markup.core import *
18 from markup.input import ParseError
19 19
20 20
21 class MarkupTestCase(unittest.TestCase): 21 class MarkupTestCase(unittest.TestCase):
22 22
23 def test_escape(self): 23 def test_escape(self):
121 markup = Markup('<script>alert("Foo")</script>') 121 markup = Markup('<script>alert("Foo")</script>')
122 self.assertEquals('', str(markup.sanitize())) 122 self.assertEquals('', str(markup.sanitize()))
123 markup = Markup('<SCRIPT SRC="http://example.com/"></SCRIPT>') 123 markup = Markup('<SCRIPT SRC="http://example.com/"></SCRIPT>')
124 self.assertEquals('', str(markup.sanitize())) 124 self.assertEquals('', str(markup.sanitize()))
125 markup = Markup('<SCR\0IPT>alert("foo")</SCR\0IPT>') 125 markup = Markup('<SCR\0IPT>alert("foo")</SCR\0IPT>')
126 self.assertRaises(HTMLParseError, markup.sanitize().render) 126 self.assertRaises(ParseError, markup.sanitize().render)
127 markup = Markup('<SCRIPT&XYZ SRC="http://example.com/"></SCRIPT>') 127 markup = Markup('<SCRIPT&XYZ SRC="http://example.com/"></SCRIPT>')
128 self.assertRaises(HTMLParseError, markup.sanitize().render) 128 self.assertRaises(ParseError, markup.sanitize().render)
129 129
130 def test_sanitize_remove_onclick_attr(self): 130 def test_sanitize_remove_onclick_attr(self):
131 markup = Markup('<div onclick=\'alert("foo")\' />') 131 markup = Markup('<div onclick=\'alert("foo")\' />')
132 self.assertEquals('<div/>', str(markup.sanitize())) 132 self.assertEquals('<div/>', str(markup.sanitize()))
133 133
154 # Case-insensitive protocol matching 154 # Case-insensitive protocol matching
155 markup = Markup('<IMG SRC=\'JaVaScRiPt:alert("foo")\'>') 155 markup = Markup('<IMG SRC=\'JaVaScRiPt:alert("foo")\'>')
156 self.assertEquals('<img/>', str(markup.sanitize())) 156 self.assertEquals('<img/>', str(markup.sanitize()))
157 # Grave accents (not parsed) 157 # Grave accents (not parsed)
158 markup = Markup('<IMG SRC=`javascript:alert("RSnake says, \'foo\'")`>') 158 markup = Markup('<IMG SRC=`javascript:alert("RSnake says, \'foo\'")`>')
159 self.assertRaises(HTMLParseError, markup.sanitize().render) 159 self.assertRaises(ParseError, markup.sanitize().render)
160 # Protocol encoded using UTF-8 numeric entities 160 # Protocol encoded using UTF-8 numeric entities
161 markup = Markup('<IMG SRC=\'&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;' 161 markup = Markup('<IMG SRC=\'&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;'
162 '&#112;&#116;&#58;alert("foo")\'>') 162 '&#112;&#116;&#58;alert("foo")\'>')
163 self.assertEquals('<img/>', str(markup.sanitize())) 163 self.assertEquals('<img/>', str(markup.sanitize()))
164 # Protocol encoded using UTF-8 numeric entities without a semicolon 164 # Protocol encoded using UTF-8 numeric entities without a semicolon
Copyright (C) 2012-2017 Edgewall Software