/usr/lib/python2.7/dist-packages/bleach/tests/test_basics.py is in python-bleach 1.4.2-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 | import six
import html5lib
from nose.tools import eq_
import bleach
from bleach.tests.tools import in_
def test_empty():
eq_('', bleach.clean(''))
def test_nbsp():
if six.PY3:
expected = '\xa0test string\xa0'
else:
expected = six.u('\\xa0test string\\xa0')
eq_(expected, bleach.clean(' test string '))
def test_comments_only():
comment = '<!-- this is a comment -->'
open_comment = '<!-- this is an open comment'
eq_('', bleach.clean(comment))
eq_('', bleach.clean(open_comment))
eq_(comment, bleach.clean(comment, strip_comments=False))
eq_('{0!s}-->'.format(open_comment), bleach.clean(open_comment,
strip_comments=False))
def test_with_comments():
html = '<!-- comment -->Just text'
eq_('Just text', bleach.clean(html))
eq_(html, bleach.clean(html, strip_comments=False))
def test_no_html():
eq_('no html string', bleach.clean('no html string'))
def test_allowed_html():
eq_('an <strong>allowed</strong> tag',
bleach.clean('an <strong>allowed</strong> tag'))
eq_('another <em>good</em> tag',
bleach.clean('another <em>good</em> tag'))
def test_bad_html():
eq_('a <em>fixed tag</em>',
bleach.clean('a <em>fixed tag'))
def test_function_arguments():
TAGS = ['span', 'br']
ATTRS = {'span': ['style']}
eq_('a <br><span style="">test</span>',
bleach.clean('a <br/><span style="color:red">test</span>',
tags=TAGS, attributes=ATTRS))
def test_named_arguments():
ATTRS = {'a': ['rel', 'href']}
s = ('<a href="http://xx.com" rel="alternate">xx.com</a>',
'<a rel="alternate" href="http://xx.com">xx.com</a>')
eq_('<a href="http://xx.com">xx.com</a>', bleach.clean(s[0]))
in_(s, bleach.clean(s[0], attributes=ATTRS))
def test_disallowed_html():
eq_('a <script>safe()</script> test',
bleach.clean('a <script>safe()</script> test'))
eq_('a <style>body{}</style> test',
bleach.clean('a <style>body{}</style> test'))
def test_bad_href():
eq_('<em>no link</em>',
bleach.clean('<em href="fail">no link</em>'))
def test_bare_entities():
eq_('an & entity', bleach.clean('an & entity'))
eq_('an < entity', bleach.clean('an < entity'))
eq_('tag < <em>and</em> entity',
bleach.clean('tag < <em>and</em> entity'))
eq_('&', bleach.clean('&'))
def test_escaped_entities():
s = '<em>strong</em>'
eq_(s, bleach.clean(s))
def test_serializer():
s = '<table></table>'
eq_(s, bleach.clean(s, tags=['table']))
eq_('test<table></table>', bleach.linkify('<table>test</table>'))
eq_('<p>test</p>', bleach.clean('<p>test</p>', tags=['p']))
def test_no_href_links():
s = '<a name="anchor">x</a>'
eq_(s, bleach.linkify(s))
def test_weird_strings():
s = '</3'
eq_(bleach.clean(s), '')
def test_xml_render():
parser = html5lib.HTMLParser()
eq_(bleach._render(parser.parseFragment('')), '')
def test_stripping():
eq_('a test <em>with</em> <b>html</b> tags',
bleach.clean('a test <em>with</em> <b>html</b> tags', strip=True))
eq_('a test <em>with</em> <b>html</b> tags',
bleach.clean('a test <em>with</em> <img src="http://example.com/"> '
'<b>html</b> tags', strip=True))
s = '<p><a href="http://example.com/">link text</a></p>'
eq_('<p>link text</p>', bleach.clean(s, tags=['p'], strip=True))
s = '<p><span>multiply <span>nested <span>text</span></span></span></p>'
eq_('<p>multiply nested text</p>', bleach.clean(s, tags=['p'], strip=True))
s = ('<p><a href="http://example.com/"><img src="http://example.com/">'
'</a></p>')
eq_('<p><a href="http://example.com/"></a></p>',
bleach.clean(s, tags=['p', 'a'], strip=True))
def test_allowed_styles():
ATTR = ['style']
STYLE = ['color']
blank = '<b style=""></b>'
s = '<b style="color: blue;"></b>'
eq_(blank, bleach.clean('<b style="top:0"></b>', attributes=ATTR))
eq_(s, bleach.clean(s, attributes=ATTR, styles=STYLE))
eq_(s, bleach.clean('<b style="top: 0; color: blue;"></b>',
attributes=ATTR, styles=STYLE))
def test_idempotent():
"""Make sure that applying the filter twice doesn't change anything."""
dirty = '<span>invalid & </span> < extra http://link.com<em>'
clean = bleach.clean(dirty)
eq_(clean, bleach.clean(clean))
linked = bleach.linkify(dirty)
eq_(linked, bleach.linkify(linked))
def test_rel_already_there():
"""Make sure rel attribute is updated not replaced"""
linked = ('Click <a href="http://example.com" rel="tooltip">'
'here</a>.')
link_good = (('Click <a href="http://example.com" rel="tooltip nofollow">'
'here</a>.'),
('Click <a rel="tooltip nofollow" href="http://example.com">'
'here</a>.'))
in_(link_good, bleach.linkify(linked))
in_(link_good, bleach.linkify(link_good[0]))
def test_lowercase_html():
"""We should output lowercase HTML."""
dirty = '<EM CLASS="FOO">BAR</EM>'
clean = '<em class="FOO">BAR</em>'
eq_(clean, bleach.clean(dirty, attributes=['class']))
def test_wildcard_attributes():
ATTR = {
'*': ['id'],
'img': ['src'],
}
TAG = ['img', 'em']
dirty = ('both <em id="foo" style="color: black">can</em> have '
'<img id="bar" src="foo"/>')
clean = ('both <em id="foo">can</em> have <img src="foo" id="bar">',
'both <em id="foo">can</em> have <img id="bar" src="foo">')
in_(clean, bleach.clean(dirty, tags=TAG, attributes=ATTR))
def test_sarcasm():
"""Jokes should crash.<sarcasm/>"""
dirty = 'Yeah right <sarcasm/>'
clean = 'Yeah right <sarcasm/>'
eq_(clean, bleach.clean(dirty))
|