Opened 12 years ago
Last modified 9 years ago
#500 reopened defect
test_sanitize_remove_script_elem fails due to HTMLParser bugfixes in cpython
| Reported by: | stefanor@… | Owned by: | cmlenz |
|---|---|---|---|
| Priority: | major | Milestone: | 0.8 |
| Component: | Parsing | Version: | devel |
| Keywords: | Cc: | al.willmer@… |
Description
The patch to HTMLParser for issue 13987 that landed in the cpython 2.7 branch breaks test_sanitize_remove_script_elem:
======================================================================
FAIL: test_sanitize_remove_script_elem (__main__.HTMLSanitizerTestCase)
----------------------------------------------------------------------
Traceback (most recent call last):
File "genshi/filters/tests/test_html.py", line 411, in test_sanitize_remove_script_elem
self.assertRaises(ParseError, HTML, u'<SCR\0IPT>alert("foo")</SCR\0IPT>')
AssertionError: ParseError not raised
Change History (6)
comment:1 Changed 12 years ago by antonio.rosales@…
comment:2 Changed 12 years ago by barry@…
Here's what I'm proposing to fix the problem in Ubuntu 12.10
--- a/genshi/filters/tests/html.py
+++ b/genshi/filters/tests/html.py
@@ -437,9 +440,9 @@
# Case-insensitive protocol matching
html = HTML('<IMG SRC=\'JaVaScRiPt:alert("foo")\'>')
self.assertEquals('<img/>', (html | HTMLSanitizer()).render())
- # Grave accents (not parsed)
- self.assertRaises(ParseError, HTML,
- '<IMG SRC=`javascript:alert("RSnake says, \'foo\'")`>')
+ # Grave accents.
+ html = HTML('<IMG SRC=`javascript:alert("RSnake says, \'foo\'")`>')
+ self.assertEquals('<img/>', (html | HTMLSanitizer()).render())
# Protocol encoded using UTF-8 numeric entities
html = HTML('<IMG SRC=\'javascri'
'pt:alert("foo")\'>')
comment:3 Changed 10 years ago by barry@…
- Milestone changed from 0.6.1 to 0.8
- Version changed from 0.6 to devel
This fails differently now with Python 2.7.6 and genshi 0.7:
======================================================================
FAIL: test_sanitize_remove_script_elem (genshi.filters.tests.test_html.HTMLSanitizerTestCase)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/barry/projects/ubuntu/genshi/Genshi-0.7/genshi/filters/tests/test_html.py", line 422, in test_sanitize_remove_script_elem
'SRC="http://example.com/">', src)
File "/home/barry/projects/ubuntu/genshi/Genshi-0.7/genshi/filters/tests/test_html.py", line 376, in assert_parse_error_or_equal
self.assertEquals(expected, (html | HTMLSanitizer()).render())
AssertionError: '<SCRIPT&XYZ; SRC="http://example.com/">' != ''
----------------------------------------------------------------------
I think I'll just disable this test for Debian and Ubuntu.
comment:4 Changed 10 years ago by hodgestar
- Resolution set to duplicate
- Status changed from new to closed
This is a duplicate of #501.
comment:5 Changed 10 years ago by al.willmer@…
- Cc al.willmer@… added
I'm not sure this bug is a duplicate of #501. test_sanitize_remove_script_elem still fails as of source:/branches/stable/0.6.x@1271, when run with Python 2.7.6. Or is 0.6.x no longer supported?
comment:6 Changed 10 years ago by anonymous
- Resolution duplicate deleted
- Status changed from closed to reopened
Ah, I forgot that 0.6 likely also needed updating.
Note: See
TracTickets for help on using
tickets.
Hello,any update on the resolution of this ticket? It is currently breaking building and packing of Genshi.
-thanks, Antonio