1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
# Licensed under a 3-clause BSD style license - see LICENSE.rst
from __future__ import (absolute_import, division, print_function,
unicode_literals)
from ...extern import six
import io
from ..xml import check, unescaper, writer
from ...tests.helper import pytest
def test_writer():
fh = io.StringIO()
w = writer.XMLWriter(fh)
with w.tag("html"):
with w.tag("body"):
w.data("This is the content")
w.comment("comment")
value = ''.join(fh.getvalue().split())
assert value == '<html><body>Thisisthecontent<!--comment--></body></html>'
def test_check_id():
assert check.check_id("Fof32")
assert check.check_id("_Fof32")
assert not check.check_id("32Fof")
def test_fix_id():
assert check.fix_id("Fof32") == "Fof32"
assert check.fix_id("@#f") == "___f"
def test_check_token():
assert check.check_token("token")
assert not check.check_token("token\rtoken")
def test_check_mime_content_type():
assert check.check_mime_content_type("image/jpeg")
assert not check.check_mime_content_type("image")
def test_check_anyuri():
assert check.check_anyuri("https://github.com/astropy/astropy")
def test_unescape_all():
# str
url_in = 'http://casu.ast.cam.ac.uk/ag/iphas-dsa%2FSubmitCone?' \
'DSACAT=IDR&amp;DSATAB=Emitters&amp;'
url_out = 'http://casu.ast.cam.ac.uk/ag/iphas-dsa/SubmitCone?' \
'DSACAT=IDR&DSATAB=Emitters&'
assert unescaper.unescape_all(url_in) == url_out
# bytes
url_in = b'http://casu.ast.cam.ac.uk/ag/iphas-dsa%2FSubmitCone?' \
b'DSACAT=IDR&amp;DSATAB=Emitters&amp;'
url_out = b'http://casu.ast.cam.ac.uk/ag/iphas-dsa/SubmitCone?' \
b'DSACAT=IDR&DSATAB=Emitters&'
assert unescaper.unescape_all(url_in) == url_out
def test_escape_xml():
s = writer.xml_escape('This & That')
assert type(s) == six.text_type
assert s == 'This & That'
s = writer.xml_escape(1)
assert type(s) == str
assert s == '1'
s = writer.xml_escape(b'This & That')
assert type(s) == bytes
assert s == b'This & That'
@pytest.mark.skipif('writer.HAS_BLEACH')
def test_escape_xml_without_bleach():
fh = io.StringIO()
w = writer.XMLWriter(fh)
with pytest.raises(ValueError) as err:
with w.xml_cleaning_method('bleach_clean'):
pass
assert 'bleach package is required when HTML escaping is disabled' in str(err)
@pytest.mark.skipif('not writer.HAS_BLEACH')
def test_escape_xml_with_bleach():
fh = io.StringIO()
w = writer.XMLWriter(fh)
# Turn off XML escaping, but still sanitize unsafe tags like <script>
with w.xml_cleaning_method('bleach_clean'):
w.start('td')
w.data('<script>x</script> <em>OK</em>')
w.end(indent=False)
assert fh.getvalue() == '<td><script>x</script> <em>OK</em></td>\n'
fh = io.StringIO()
w = writer.XMLWriter(fh)
# Default is True (all XML tags escaped)
with w.xml_cleaning_method():
w.start('td')
w.data('<script>x</script> <em>OK</em>')
w.end(indent=False)
assert fh.getvalue() == '<td><script>x</script> <em>OK</em></td>\n'
|
