aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMike Dirolf <mike@dirolf.com>2012-01-14 13:10:44 -0500
committerMike Dirolf <mike@dirolf.com>2012-01-14 13:10:44 -0500
commita2377e1129331430998de821ed3abf38247edca1 (patch)
treed50080a6cb7e3d8c0cd044e9c79dc7fc1ce84fd1
parent542324b626e96eb368c1cac34beba2b95af5deb7 (diff)
downloadmarkdown-a2377e1129331430998de821ed3abf38247edca1.tar.gz
markdown-a2377e1129331430998de821ed3abf38247edca1.tar.bz2
markdown-a2377e1129331430998de821ed3abf38247edca1.zip
When safe mode is 'escape', don't allow bad html to stop further processing.
See tests/html4_safe/html_then_blockquote.(txt|html). It looks like having unclosed block-level html elements was causing further processing not to happen, even in the case where we're escaping HTML. Since we're escaping HTML, it seems like it shouldn't affect processing at all. This changes output results in a couple of other tests, but the new output seems reasonable to me.
-rw-r--r--markdown/preprocessors.py3
-rw-r--r--tests/html4_safe/html_then_blockquote.html6
-rw-r--r--tests/html4_safe/html_then_blockquote.txt6
-rw-r--r--tests/safe_mode/inline-html-simple.html11
-rw-r--r--tests/safe_mode/script_tags.html26
5 files changed, 30 insertions, 22 deletions
diff --git a/markdown/preprocessors.py b/markdown/preprocessors.py
index 0094d7b..c0f0034 100644
--- a/markdown/preprocessors.py
+++ b/markdown/preprocessors.py
@@ -14,7 +14,8 @@ import odict
def build_preprocessors(md_instance, **kwargs):
""" Build the default set of preprocessors used by Markdown. """
preprocessors = odict.OrderedDict()
- preprocessors["html_block"] = HtmlBlockPreprocessor(md_instance)
+ if md_instance.safeMode != 'escape':
+ preprocessors["html_block"] = HtmlBlockPreprocessor(md_instance)
preprocessors["reference"] = ReferencePreprocessor(md_instance)
return preprocessors
diff --git a/tests/html4_safe/html_then_blockquote.html b/tests/html4_safe/html_then_blockquote.html
new file mode 100644
index 0000000..5833cd4
--- /dev/null
+++ b/tests/html4_safe/html_then_blockquote.html
@@ -0,0 +1,6 @@
+<p>to:</p>
+<p>&lt;td /&gt;&lt;td style=&quot;text-align: center; white-space: nowrap;&quot;&gt;&lt;br /&gt;</p>
+<blockquote>
+<p>3) You don't need to alter all localization files.
+ Adding the new labels to the en_US files will do it.</p>
+</blockquote> \ No newline at end of file
diff --git a/tests/html4_safe/html_then_blockquote.txt b/tests/html4_safe/html_then_blockquote.txt
new file mode 100644
index 0000000..544df67
--- /dev/null
+++ b/tests/html4_safe/html_then_blockquote.txt
@@ -0,0 +1,6 @@
+to:
+
+<td /><td style="text-align: center; white-space: nowrap;"><br />
+
+> 3) You don't need to alter all localization files.
+> Adding the new labels to the en_US files will do it.
diff --git a/tests/safe_mode/inline-html-simple.html b/tests/safe_mode/inline-html-simple.html
index ad19a77..aca9af0 100644
--- a/tests/safe_mode/inline-html-simple.html
+++ b/tests/safe_mode/inline-html-simple.html
@@ -29,7 +29,8 @@ Blah
<pre><code>&lt;!-- Comment --&gt;
</code></pre>
<p>Just plain comment, with trailing spaces on the line:</p>
-<p>&lt;!-- foo --&gt;</p>
+<p>&lt;!-- foo --&gt; <br />
+</p>
<p>Code:</p>
<pre><code>&lt;hr /&gt;
</code></pre>
@@ -37,9 +38,11 @@ Blah
<p>&lt;hr&gt;</p>
<p>&lt;hr/&gt;</p>
<p>&lt;hr /&gt;</p>
-<p>&lt;hr&gt;</p>
-<p>&lt;hr/&gt;</p>
-<p>&lt;hr /&gt;</p>
+<p>&lt;hr&gt; <br />
+</p>
+<p>&lt;hr/&gt;<br />
+</p>
+<p>&lt;hr /&gt; </p>
<p>&lt;hr class=&quot;foo&quot; id=&quot;bar&quot; /&gt;</p>
<p>&lt;hr class=&quot;foo&quot; id=&quot;bar&quot;/&gt;</p>
<p>&lt;hr class=&quot;foo&quot; id=&quot;bar&quot; &gt;</p> \ No newline at end of file
diff --git a/tests/safe_mode/script_tags.html b/tests/safe_mode/script_tags.html
index df63ffc..f3b059d 100644
--- a/tests/safe_mode/script_tags.html
+++ b/tests/safe_mode/script_tags.html
@@ -1,13 +1,11 @@
<p>This should be stripped/escaped in safe_mode.</p>
<p>&lt;script&gt;
-alert(&quot;Hello world!&quot;)
+alert("Hello world!")
&lt;/script&gt;</p>
<p>With blank lines.</p>
-<p>&lt;script&gt;
-
-alert(&quot;Hello world!&quot;)
-
-&lt;/script&gt;</p>
+<p>&lt;script&gt;</p>
+<p>alert("Hello world!")</p>
+<p>&lt;/script&gt;</p>
<p>Now with some weirdness</p>
<p><code>&lt;script &lt;!--
alert("Hello world!")
@@ -15,14 +13,8 @@ alert("Hello world!")
<p>Try another way.</p>
<p>&lt;script &lt;!--
alert(&quot;Hello world!&quot;)
-&lt;/script &lt;&gt;
-
-This time with blank lines.
-
-&lt;script &lt;!--
-
-alert(&quot;Hello world!&quot;)
-
-&lt;/script &lt;&gt;
-
-</p> \ No newline at end of file
+&lt;/script &lt;&gt;</p>
+<p>This time with blank lines.</p>
+<p>&lt;script &lt;!--</p>
+<p>alert("Hello world!")</p>
+<p>&lt;/script &lt;&gt;</p> \ No newline at end of file