diff options
author | Waylan Limberg <waylan@gmail.com> | 2012-01-19 06:30:23 -0500 |
---|---|---|
committer | Waylan Limberg <waylan@gmail.com> | 2012-01-19 06:30:23 -0500 |
commit | 0735b01dd9ab63417b1e9ee204d6090257cb8dbe (patch) | |
tree | c7f97608ac9baceb944befcc27990e903b4bb93d | |
parent | e3c5efd182d9a80f34e3b9a770eed63c1d62b2f9 (diff) | |
download | markdown-0735b01dd9ab63417b1e9ee204d6090257cb8dbe.tar.gz markdown-0735b01dd9ab63417b1e9ee204d6090257cb8dbe.tar.bz2 markdown-0735b01dd9ab63417b1e9ee204d6090257cb8dbe.zip |
Inline html is now escaped by the searializer.
Final fix to issue introduced in fix for #59. Weird stuff inside
angle brackets now also work in safe_mode='escape'. We just did the
same thing as with block html, let the (x)html searializer do the
escaping. Tests updated including the standalone test moved to match
the non-escape cases.
-rw-r--r-- | markdown/inlinepatterns.py | 3 | ||||
-rw-r--r-- | tests/safe_mode/html_then_blockquote.html | 2 | ||||
-rw-r--r-- | tests/safe_mode/inline-html-simple.html | 7 | ||||
-rw-r--r-- | tests/safe_mode/inline-html-simple.txt | 1 | ||||
-rw-r--r-- | tests/safe_mode/link.html | 1 | ||||
-rw-r--r-- | tests/safe_mode/link.txt | 1 | ||||
-rw-r--r-- | tests/safe_mode/script_tags.html | 2 |
7 files changed, 9 insertions, 8 deletions
diff --git a/markdown/inlinepatterns.py b/markdown/inlinepatterns.py index 3f92737..5e923e9 100644 --- a/markdown/inlinepatterns.py +++ b/markdown/inlinepatterns.py @@ -71,7 +71,8 @@ def build_inlinepatterns(md_instance, **kwargs): inlinePatterns["automail"] = AutomailPattern(AUTOMAIL_RE, md_instance) inlinePatterns["linebreak2"] = SubstituteTagPattern(LINE_BREAK_2_RE, 'br') inlinePatterns["linebreak"] = SubstituteTagPattern(LINE_BREAK_RE, 'br') - inlinePatterns["html"] = HtmlPattern(HTML_RE, md_instance) + if md_instance.safeMode != 'escape': + inlinePatterns["html"] = HtmlPattern(HTML_RE, md_instance) inlinePatterns["entity"] = HtmlPattern(ENTITY_RE, md_instance) inlinePatterns["not_strong"] = SimpleTextPattern(NOT_STRONG_RE) inlinePatterns["strong_em"] = DoubleTagPattern(STRONG_EM_RE, 'strong,em') diff --git a/tests/safe_mode/html_then_blockquote.html b/tests/safe_mode/html_then_blockquote.html index 5833cd4..62d24e4 100644 --- a/tests/safe_mode/html_then_blockquote.html +++ b/tests/safe_mode/html_then_blockquote.html @@ -1,5 +1,5 @@ <p>to:</p> -<p><td /><td style="text-align: center; white-space: nowrap;"><br /></p> +<p><td /><td style="text-align: center; white-space: nowrap;"><br /></p> <blockquote> <p>3) You don't need to alter all localization files. Adding the new labels to the en_US files will do it.</p> diff --git a/tests/safe_mode/inline-html-simple.html b/tests/safe_mode/inline-html-simple.html index aca9af0..981c3a2 100644 --- a/tests/safe_mode/inline-html-simple.html +++ b/tests/safe_mode/inline-html-simple.html @@ -43,6 +43,7 @@ Blah <p><hr/><br /> </p> <p><hr /> </p> -<p><hr class="foo" id="bar" /></p> -<p><hr class="foo" id="bar"/></p> -<p><hr class="foo" id="bar" ></p>
\ No newline at end of file +<p><hr class="foo" id="bar" /></p> +<p><hr class="foo" id="bar"/></p> +<p><hr class="foo" id="bar" ></p> +<p><some <a href="http://example.com">weird</a> stuff></p>
\ No newline at end of file diff --git a/tests/safe_mode/inline-html-simple.txt b/tests/safe_mode/inline-html-simple.txt index 14aa2dc..7210750 100644 --- a/tests/safe_mode/inline-html-simple.txt +++ b/tests/safe_mode/inline-html-simple.txt @@ -67,3 +67,4 @@ Hr's: <hr class="foo" id="bar" > +<some [weird](http://example.com) stuff> diff --git a/tests/safe_mode/link.html b/tests/safe_mode/link.html deleted file mode 100644 index 642f4be..0000000 --- a/tests/safe_mode/link.html +++ /dev/null @@ -1 +0,0 @@ -<p><here <a href="http://gmail.com">gmail.com</a> is a link></p>
\ No newline at end of file diff --git a/tests/safe_mode/link.txt b/tests/safe_mode/link.txt deleted file mode 100644 index 28331a7..0000000 --- a/tests/safe_mode/link.txt +++ /dev/null @@ -1 +0,0 @@ -<here [gmail.com](http://gmail.com) is a link> diff --git a/tests/safe_mode/script_tags.html b/tests/safe_mode/script_tags.html index f3b059d..6c1501b 100644 --- a/tests/safe_mode/script_tags.html +++ b/tests/safe_mode/script_tags.html @@ -12,7 +12,7 @@ alert("Hello world!") </script <></code> `</p> <p>Try another way.</p> <p><script <!-- -alert("Hello world!") +alert("Hello world!") </script <></p> <p>This time with blank lines.</p> <p><script <!--</p> |