From 810bae60461fd7c00c853b91c8e03dce3103b020 Mon Sep 17 00:00:00 2001 From: Buck Golemon Date: Fri, 6 Jul 2012 08:33:23 -0700 Subject: idempotent unescape If we examine the XML spec for entities, we find that ampersand and space are not allowed characters in an entity name. I've also modified the unescape function to not modify unexpected inputs (such as &foo;). This is a common best practice when dealing with layered systems. http://www.w3.org/TR/REC-xml/#sec-references EntityRef ::= '&' Name ';' Name ::= NameStartChar (NameChar)* NameChar ::= NameStartChar | "-" | "." | [0-9] | #xB7 | [#x0300-#x036F] | [#x203F-#x2040] NameStartChar ::= ":" | [A-Z] | "_" | [a-z] | [#xC0-#xD6] | [#xD8-#xF6] | [#xF8-#x2FF] | [#x370-#x37D] | [#x37F-#x1FFF] | [#x200C-#x200D] | [#x2070-#x218F] | [#x2C00-#x2FEF] | [#x3001-#xD7FF] | [#xF900-#xFDCF] | [#xFDF0-#xFFFD] | [#x10000-#xEFFFF] --- markupsafe/tests.py | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'markupsafe/tests.py') diff --git a/markupsafe/tests.py b/markupsafe/tests.py index 13e8b8c..9431767 100644 --- a/markupsafe/tests.py +++ b/markupsafe/tests.py @@ -60,10 +60,22 @@ class MarkupTestCase(unittest.TestCase): }, Markup(u'<foo>:<bar>')) def test_escaping(self): - # escaping and unescaping + # escaping assert escape('"<>&\'') == '"<>&'' assert Markup("Foo & Bar").striptags() == "Foo & Bar" + + def test_unescape(self): assert Markup("<test>").unescape() == "" + assert "jack & tavi are cooler than mike & russ" == \ + Markup("jack & tavi are cooler than mike & russ").unescape(), \ + Markup("jack & tavi are cooler than mike & russ").unescape() + + # Test that unescape is idempotent + original = '&foo;' + once = Markup(original).unescape() + twice = Markup(once).unescape() + expected = "&foo;" + assert expected == once == twice, (once, twice) def test_formatting(self): for actual, expected in ( -- cgit v1.2.1