Add/Change #501 (test_sanitize_remove_src_javascript fails due to HTMLParser bugfixes in cpython)
Add/Change #500 (test_sanitize_remove_script_elem fails due to HTMLParser bugfixes in cpython)
--- a/genshi/filters/tests/html.py
+++ b/genshi/filters/tests/html.py
@@ -365,9 +365,12 @@
self.assertEquals('', (html | HTMLSanitizer()).render())
html = HTML('')
self.assertEquals('', (html | HTMLSanitizer()).render())
- self.assertRaises(ParseError, HTML, 'alert("foo")')
- self.assertRaises(ParseError, HTML,
- '')
+ html = HTML('alert("foo")')
+ self.assertEquals('<SCR\x00IPT>alert("foo")',
+ (html | HTMLSanitizer()).render())
+ html = HTML('')
+ self.assertEquals('<SCRIPT&XYZ; SRC="http://example.com/">',
+ (html | HTMLSanitizer()).render())
def test_sanitize_remove_onclick_attr(self):
html = HTML('')
--- a/genshi/filters/tests/html.py
+++ b/genshi/filters/tests/html.py
@@ -437,9 +440,9 @@
# Case-insensitive protocol matching
html = HTML('![](\'JaVaScRiPt:alert("foo")\')
')
self.assertEquals('![]()
', (html | HTMLSanitizer()).render())
- # Grave accents (not parsed)
- self.assertRaises(ParseError, HTML,
- '![](`javascript:alert("RSnake)
')
+ # Grave accents.
+ html = HTML('')
+ self.assertEquals('![]()
', (html | HTMLSanitizer()).render())
# Protocol encoded using UTF-8 numeric entities
html = HTML('
')