# HG changeset patch
# User hodgestar
# Date 1392575117 0
# Node ID 6c1d10d2fc52b94407744c28a355949905c98fab
# Parent  ad96321e4d2bf3e552dc7e444d91fdc0f3c589dc
Also allow stripping of unsafe script tags (Python 3.4 parses the second example as a tag whose name is script&xyz).

diff --git a/genshi/filters/tests/test_html.py b/genshi/filters/tests/test_html.py
--- a/genshi/filters/tests/test_html.py
+++ b/genshi/filters/tests/test_html.py
@@ -368,12 +368,16 @@
 
 class HTMLSanitizerTestCase(unittest.TestCase):
 
-    def assert_parse_error_or_equal(self, expected, exploit):
+    def assert_parse_error_or_equal(self, expected, exploit,
+                                    allow_strip=False):
         try:
             html = HTML(exploit)
         except ParseError:
             return
-        self.assertEquals(expected, (html | HTMLSanitizer()).render())
+        sanitized_html = (html | HTMLSanitizer()).render()
+        if not sanitized_html and allow_strip:
+            return
+        self.assertEquals(expected, sanitized_html)
 
     def test_sanitize_unchanged(self):
         html = HTML(u'<a href="#">fo<br />o</a>')
@@ -416,10 +420,12 @@
         html = HTML(u'<SCRIPT SRC="http://example.com/"></SCRIPT>')
         self.assertEquals('', (html | HTMLSanitizer()).render())
         src = u'<SCR\0IPT>alert("foo")</SCR\0IPT>'
-        self.assert_parse_error_or_equal('&lt;SCR\x00IPT&gt;alert("foo")', src)
+        self.assert_parse_error_or_equal('&lt;SCR\x00IPT&gt;alert("foo")', src,
+                                         allow_strip=True)
         src = u'<SCRIPT&XYZ SRC="http://example.com/"></SCRIPT>'
         self.assert_parse_error_or_equal('&lt;SCRIPT&amp;XYZ; '
-                                         'SRC="http://example.com/"&gt;', src)
+                                         'SRC="http://example.com/"&gt;', src,
+                                         allow_strip=True)
 
     def test_sanitize_remove_onclick_attr(self):
         html = HTML(u'<div onclick=\'alert("foo")\' />')