aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWaylan Limberg <waylan@gmail.com>2012-01-19 06:30:23 -0500
committerWaylan Limberg <waylan@gmail.com>2012-01-19 06:30:23 -0500
commit0735b01dd9ab63417b1e9ee204d6090257cb8dbe (patch)
treec7f97608ac9baceb944befcc27990e903b4bb93d
parente3c5efd182d9a80f34e3b9a770eed63c1d62b2f9 (diff)
downloadmarkdown-0735b01dd9ab63417b1e9ee204d6090257cb8dbe.tar.gz
markdown-0735b01dd9ab63417b1e9ee204d6090257cb8dbe.tar.bz2
markdown-0735b01dd9ab63417b1e9ee204d6090257cb8dbe.zip
Inline html is now escaped by the searializer.
Final fix to issue introduced in fix for #59. Weird stuff inside angle brackets now also work in safe_mode='escape'. We just did the same thing as with block html, let the (x)html searializer do the escaping. Tests updated including the standalone test moved to match the non-escape cases.
-rw-r--r--markdown/inlinepatterns.py3
-rw-r--r--tests/safe_mode/html_then_blockquote.html2
-rw-r--r--tests/safe_mode/inline-html-simple.html7
-rw-r--r--tests/safe_mode/inline-html-simple.txt1
-rw-r--r--tests/safe_mode/link.html1
-rw-r--r--tests/safe_mode/link.txt1
-rw-r--r--tests/safe_mode/script_tags.html2
7 files changed, 9 insertions, 8 deletions
diff --git a/markdown/inlinepatterns.py b/markdown/inlinepatterns.py
index 3f92737..5e923e9 100644
--- a/markdown/inlinepatterns.py
+++ b/markdown/inlinepatterns.py
@@ -71,7 +71,8 @@ def build_inlinepatterns(md_instance, **kwargs):
inlinePatterns["automail"] = AutomailPattern(AUTOMAIL_RE, md_instance)
inlinePatterns["linebreak2"] = SubstituteTagPattern(LINE_BREAK_2_RE, 'br')
inlinePatterns["linebreak"] = SubstituteTagPattern(LINE_BREAK_RE, 'br')
- inlinePatterns["html"] = HtmlPattern(HTML_RE, md_instance)
+ if md_instance.safeMode != 'escape':
+ inlinePatterns["html"] = HtmlPattern(HTML_RE, md_instance)
inlinePatterns["entity"] = HtmlPattern(ENTITY_RE, md_instance)
inlinePatterns["not_strong"] = SimpleTextPattern(NOT_STRONG_RE)
inlinePatterns["strong_em"] = DoubleTagPattern(STRONG_EM_RE, 'strong,em')
diff --git a/tests/safe_mode/html_then_blockquote.html b/tests/safe_mode/html_then_blockquote.html
index 5833cd4..62d24e4 100644
--- a/tests/safe_mode/html_then_blockquote.html
+++ b/tests/safe_mode/html_then_blockquote.html
@@ -1,5 +1,5 @@
<p>to:</p>
-<p>&lt;td /&gt;&lt;td style=&quot;text-align: center; white-space: nowrap;&quot;&gt;&lt;br /&gt;</p>
+<p>&lt;td /&gt;&lt;td style="text-align: center; white-space: nowrap;"&gt;&lt;br /&gt;</p>
<blockquote>
<p>3) You don't need to alter all localization files.
Adding the new labels to the en_US files will do it.</p>
diff --git a/tests/safe_mode/inline-html-simple.html b/tests/safe_mode/inline-html-simple.html
index aca9af0..981c3a2 100644
--- a/tests/safe_mode/inline-html-simple.html
+++ b/tests/safe_mode/inline-html-simple.html
@@ -43,6 +43,7 @@ Blah
<p>&lt;hr/&gt;<br />
</p>
<p>&lt;hr /&gt; </p>
-<p>&lt;hr class=&quot;foo&quot; id=&quot;bar&quot; /&gt;</p>
-<p>&lt;hr class=&quot;foo&quot; id=&quot;bar&quot;/&gt;</p>
-<p>&lt;hr class=&quot;foo&quot; id=&quot;bar&quot; &gt;</p> \ No newline at end of file
+<p>&lt;hr class="foo" id="bar" /&gt;</p>
+<p>&lt;hr class="foo" id="bar"/&gt;</p>
+<p>&lt;hr class="foo" id="bar" &gt;</p>
+<p>&lt;some <a href="http://example.com">weird</a> stuff&gt;</p> \ No newline at end of file
diff --git a/tests/safe_mode/inline-html-simple.txt b/tests/safe_mode/inline-html-simple.txt
index 14aa2dc..7210750 100644
--- a/tests/safe_mode/inline-html-simple.txt
+++ b/tests/safe_mode/inline-html-simple.txt
@@ -67,3 +67,4 @@ Hr's:
<hr class="foo" id="bar" >
+<some [weird](http://example.com) stuff>
diff --git a/tests/safe_mode/link.html b/tests/safe_mode/link.html
deleted file mode 100644
index 642f4be..0000000
--- a/tests/safe_mode/link.html
+++ /dev/null
@@ -1 +0,0 @@
-<p>&lt;here <a href="http://gmail.com">gmail.com</a> is a link&gt;</p> \ No newline at end of file
diff --git a/tests/safe_mode/link.txt b/tests/safe_mode/link.txt
deleted file mode 100644
index 28331a7..0000000
--- a/tests/safe_mode/link.txt
+++ /dev/null
@@ -1 +0,0 @@
-<here [gmail.com](http://gmail.com) is a link>
diff --git a/tests/safe_mode/script_tags.html b/tests/safe_mode/script_tags.html
index f3b059d..6c1501b 100644
--- a/tests/safe_mode/script_tags.html
+++ b/tests/safe_mode/script_tags.html
@@ -12,7 +12,7 @@ alert("Hello world!")
&lt;/script &lt;&gt;</code> `</p>
<p>Try another way.</p>
<p>&lt;script &lt;!--
-alert(&quot;Hello world!&quot;)
+alert("Hello world!")
&lt;/script &lt;&gt;</p>
<p>This time with blank lines.</p>
<p>&lt;script &lt;!--</p>