From 0735b01dd9ab63417b1e9ee204d6090257cb8dbe Mon Sep 17 00:00:00 2001 From: Waylan Limberg Date: Thu, 19 Jan 2012 06:30:23 -0500 Subject: Inline html is now escaped by the searializer. Final fix to issue introduced in fix for #59. Weird stuff inside angle brackets now also work in safe_mode='escape'. We just did the same thing as with block html, let the (x)html searializer do the escaping. Tests updated including the standalone test moved to match the non-escape cases. --- markdown/inlinepatterns.py | 3 ++- tests/safe_mode/html_then_blockquote.html | 2 +- tests/safe_mode/inline-html-simple.html | 7 ++++--- tests/safe_mode/inline-html-simple.txt | 1 + tests/safe_mode/link.html | 1 - tests/safe_mode/link.txt | 1 - tests/safe_mode/script_tags.html | 2 +- 7 files changed, 9 insertions(+), 8 deletions(-) delete mode 100644 tests/safe_mode/link.html delete mode 100644 tests/safe_mode/link.txt diff --git a/markdown/inlinepatterns.py b/markdown/inlinepatterns.py index 3f92737..5e923e9 100644 --- a/markdown/inlinepatterns.py +++ b/markdown/inlinepatterns.py @@ -71,7 +71,8 @@ def build_inlinepatterns(md_instance, **kwargs): inlinePatterns["automail"] = AutomailPattern(AUTOMAIL_RE, md_instance) inlinePatterns["linebreak2"] = SubstituteTagPattern(LINE_BREAK_2_RE, 'br') inlinePatterns["linebreak"] = SubstituteTagPattern(LINE_BREAK_RE, 'br') - inlinePatterns["html"] = HtmlPattern(HTML_RE, md_instance) + if md_instance.safeMode != 'escape': + inlinePatterns["html"] = HtmlPattern(HTML_RE, md_instance) inlinePatterns["entity"] = HtmlPattern(ENTITY_RE, md_instance) inlinePatterns["not_strong"] = SimpleTextPattern(NOT_STRONG_RE) inlinePatterns["strong_em"] = DoubleTagPattern(STRONG_EM_RE, 'strong,em') diff --git a/tests/safe_mode/html_then_blockquote.html b/tests/safe_mode/html_then_blockquote.html index 5833cd4..62d24e4 100644 --- a/tests/safe_mode/html_then_blockquote.html +++ b/tests/safe_mode/html_then_blockquote.html @@ -1,5 +1,5 @@

to:

-

<td /><td style="text-align: center; white-space: nowrap;"><br />

+

<td /><td style="text-align: center; white-space: nowrap;"><br />

3) You don't need to alter all localization files. Adding the new labels to the en_US files will do it.

diff --git a/tests/safe_mode/inline-html-simple.html b/tests/safe_mode/inline-html-simple.html index aca9af0..981c3a2 100644 --- a/tests/safe_mode/inline-html-simple.html +++ b/tests/safe_mode/inline-html-simple.html @@ -43,6 +43,7 @@ Blah

<hr/>

<hr />

-

<hr class="foo" id="bar" />

-

<hr class="foo" id="bar"/>

-

<hr class="foo" id="bar" >

\ No newline at end of file +

<hr class="foo" id="bar" />

+

<hr class="foo" id="bar"/>

+

<hr class="foo" id="bar" >

+

<some weird stuff>

\ No newline at end of file diff --git a/tests/safe_mode/inline-html-simple.txt b/tests/safe_mode/inline-html-simple.txt index 14aa2dc..7210750 100644 --- a/tests/safe_mode/inline-html-simple.txt +++ b/tests/safe_mode/inline-html-simple.txt @@ -67,3 +67,4 @@ Hr's:
+ diff --git a/tests/safe_mode/link.html b/tests/safe_mode/link.html deleted file mode 100644 index 642f4be..0000000 --- a/tests/safe_mode/link.html +++ /dev/null @@ -1 +0,0 @@ -

<here gmail.com is a link>

\ No newline at end of file diff --git a/tests/safe_mode/link.txt b/tests/safe_mode/link.txt deleted file mode 100644 index 28331a7..0000000 --- a/tests/safe_mode/link.txt +++ /dev/null @@ -1 +0,0 @@ - diff --git a/tests/safe_mode/script_tags.html b/tests/safe_mode/script_tags.html index f3b059d..6c1501b 100644 --- a/tests/safe_mode/script_tags.html +++ b/tests/safe_mode/script_tags.html @@ -12,7 +12,7 @@ alert("Hello world!") </script <> `

Try another way.

<script <!-- -alert("Hello world!") +alert("Hello world!") </script <>

This time with blank lines.

<script <!--

-- cgit v1.2.3