diff options
author | Rohitt Vashishtha <aero31aero@gmail.com> | 2020-06-29 17:35:17 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-06-29 13:35:17 -0400 |
commit | 071c4f1420ac3c80ad621522b9996bcc1cd94bcf (patch) | |
tree | a1714a0f0e7c9b81dd7b9d9d84cf4c6d8de82509 | |
parent | 570625884328ea3c71000391de77776691074033 (diff) | |
download | python-markdown-071c4f1420ac3c80ad621522b9996bcc1cd94bcf.tar.gz |
Fix unescaping of HTML characters <> in CodeHilite. (#990)
Previously, we'd unescape both `&gt;` and `>` to the same
string because we were running the & => & replacement first.
By changing the order of this replacement, we now convert:
`&gt; >` => `> >`
as expected.
Fixes #988.
-rw-r--r-- | .spell-dict | 1 | ||||
-rw-r--r-- | docs/change_log/release-3.3.md | 1 | ||||
-rw-r--r-- | markdown/extensions/codehilite.py | 4 | ||||
-rw-r--r-- | tests/test_syntax/extensions/test_code_hilite.py | 23 |
4 files changed, 28 insertions, 1 deletions
diff --git a/.spell-dict b/.spell-dict index 114e4b2..eed0f67 100644 --- a/.spell-dict +++ b/.spell-dict @@ -132,6 +132,7 @@ Treeprocessors tuple tuples unescape +unescaping unittest unordered untrusted diff --git a/docs/change_log/release-3.3.md b/docs/change_log/release-3.3.md index 339c98c..c29ddcc 100644 --- a/docs/change_log/release-3.3.md +++ b/docs/change_log/release-3.3.md @@ -56,6 +56,7 @@ The following bug fixes are included in the 3.3 release: * Avoid a `RecursionError` from deeply nested blockquotes (#799). * Fix issues with complex emphasis (#979). * Limitations of `attr_list` extension are Documented (#965). +* Fix unescaping of HTML characters `<>` in CodeHilite (#990). [spec]: https://www.w3.org/TR/html5/text-level-semantics.html#the-code-element [fenced_code]: ../extensions/fenced_code_blocks.md diff --git a/markdown/extensions/codehilite.py b/markdown/extensions/codehilite.py index 915dfcf..9eed561 100644 --- a/markdown/extensions/codehilite.py +++ b/markdown/extensions/codehilite.py @@ -225,9 +225,11 @@ class HiliteTreeprocessor(Treeprocessor): def code_unescape(self, text): """Unescape code.""" - text = text.replace("&", "&") text = text.replace("<", "<") text = text.replace(">", ">") + # Escaped '&' should be replaced at the end to avoid + # conflicting with < and >. + text = text.replace("&", "&") return text def run(self, root): diff --git a/tests/test_syntax/extensions/test_code_hilite.py b/tests/test_syntax/extensions/test_code_hilite.py index b60c483..8d5512d 100644 --- a/tests/test_syntax/extensions/test_code_hilite.py +++ b/tests/test_syntax/extensions/test_code_hilite.py @@ -564,6 +564,29 @@ class TestCodeHiliteExtension(TestCase): extensions=['codehilite'] ) + def testEntitiesIntact(self): + if has_pygments: + expected = ( + '<div class="codehilite"><pre>' + '<span></span>' + '<code>< &lt; and > &gt;' + '\n</code></pre></div>' + ) + else: + expected = ( + '<pre class="codehilite"><code class="language-text">' + '< &lt; and > &gt;\n' + '</code></pre>' + ) + self.assertMarkdownRenders( + ( + '\t:::text\n' + '\t< < and > >' + ), + expected, + extensions=['codehilite'] + ) + def testHighlightAmps(self): if has_pygments: expected = ( |