diff options
author | Ezio Melotti <ezio.melotti@gmail.com> | 2011-11-01 12:12:22 (GMT) |
---|---|---|
committer | Ezio Melotti <ezio.melotti@gmail.com> | 2011-11-01 12:12:22 (GMT) |
commit | 7de56f6a04ab60010b3e2185752b3ddf681d068d (patch) | |
tree | bc342dd5fe10f3d8a641375ac9410cbb66e5b1f1 /Lib | |
parent | 4bfe03a42e4cc7e0c0504db520c6d68b302d67bd (diff) | |
download | cpython-7de56f6a04ab60010b3e2185752b3ddf681d068d.zip cpython-7de56f6a04ab60010b3e2185752b3ddf681d068d.tar.gz cpython-7de56f6a04ab60010b3e2185752b3ddf681d068d.tar.bz2 |
#670664: Fix HTMLParser to correctly handle the content of ``<script>...</script>`` and ``<style>...</style>``.
Diffstat (limited to 'Lib')
-rw-r--r-- | Lib/html/parser.py | 22 | ||||
-rw-r--r-- | Lib/test/test_htmlparser.py | 42 |
2 files changed, 48 insertions, 16 deletions
diff --git a/Lib/html/parser.py b/Lib/html/parser.py index affaf73..afdb305 100644 --- a/Lib/html/parser.py +++ b/Lib/html/parser.py @@ -62,6 +62,8 @@ locatestarttagend_tolerant = re.compile(r""" \s* # trailing whitespace """, re.VERBOSE) endendtag = re.compile('>') +# the HTML 5 spec, section 8.1.2.2, doesn't allow spaces between +# </ and the tag name, so maybe this should be fixed endtagfind = re.compile('</\s*([a-zA-Z][-.a-zA-Z0-9:_]*)\s*>') @@ -121,6 +123,7 @@ class HTMLParser(_markupbase.ParserBase): self.rawdata = '' self.lasttag = '???' self.interesting = interesting_normal + self.cdata_elem = None _markupbase.ParserBase.reset(self) def feed(self, data): @@ -145,11 +148,13 @@ class HTMLParser(_markupbase.ParserBase): """Return full source of start tag: '<...>'.""" return self.__starttag_text - def set_cdata_mode(self): + def set_cdata_mode(self, elem): self.interesting = interesting_cdata + self.cdata_elem = elem.lower() def clear_cdata_mode(self): self.interesting = interesting_normal + self.cdata_elem = None # Internal -- handle data as far as reasonable. May leave state # and data to be processed by a subsequent call. If 'end' is @@ -314,7 +319,7 @@ class HTMLParser(_markupbase.ParserBase): else: self.handle_starttag(tag, attrs) if tag in self.CDATA_CONTENT_ELEMENTS: - self.set_cdata_mode() + self.set_cdata_mode(tag) return endpos # Internal -- check to see if we have a complete starttag; return end @@ -371,6 +376,9 @@ class HTMLParser(_markupbase.ParserBase): j = match.end() match = endtagfind.match(rawdata, i) # </ + tag + > if not match: + if self.cdata_elem is not None: + self.handle_data(rawdata[i:j]) + return j if self.strict: self.error("bad end tag: %r" % (rawdata[i:j],)) k = rawdata.find('<', i + 1, j) @@ -380,8 +388,14 @@ class HTMLParser(_markupbase.ParserBase): j = i + 1 self.handle_data(rawdata[i:j]) return j - tag = match.group(1) - self.handle_endtag(tag.lower()) + + elem = match.group(1).lower() # script or style + if self.cdata_elem is not None: + if elem != self.cdata_elem: + self.handle_data(rawdata[i:j]) + return j + + self.handle_endtag(elem.lower()) self.clear_cdata_mode() return j diff --git a/Lib/test/test_htmlparser.py b/Lib/test/test_htmlparser.py index 9664485..fd8447c 100644 --- a/Lib/test/test_htmlparser.py +++ b/Lib/test/test_htmlparser.py @@ -321,18 +321,36 @@ DOCTYPE html [ ("starttag_text", s)]) def test_cdata_content(self): - s = """<script> <!-- not a comment --> ¬-an-entity-ref; </script>""" - self._run_check(s, [ - ("starttag", "script", []), - ("data", " <!-- not a comment --> ¬-an-entity-ref; "), - ("endtag", "script"), - ]) - s = """<script> <not a='start tag'> </script>""" - self._run_check(s, [ - ("starttag", "script", []), - ("data", " <not a='start tag'> "), - ("endtag", "script"), - ]) + contents = [ + '<!-- not a comment --> ¬-an-entity-ref;', + "<not a='start tag'>", + '<a href="" /> <p> <span></span>', + 'foo = "</scr" + "ipt>";', + 'foo = "</SCRIPT" + ">";', + 'foo = <\n/script> ', + '<!-- document.write("</scr" + "ipt>"); -->', + ('\n//<![CDATA[\n' + 'document.write(\'<s\'+\'cript type="text/javascript" ' + 'src="http://www.example.org/r=\'+new ' + 'Date().getTime()+\'"><\\/s\'+\'cript>\');\n//]]>'), + '\n<!-- //\nvar foo = 3.14;\n// -->\n', + 'foo = "</sty" + "le>";', + '<!-- \u2603 -->', + # these two should be invalid according to the HTML 5 spec, + # section 8.1.2.2 + #'foo = </\nscript>', + #'foo = </ script>', + ] + elements = ['script', 'style', 'SCRIPT', 'STYLE', 'Script', 'Style'] + for content in contents: + for element in elements: + element_lower = element.lower() + s = '<{element}>{content}</{element}>'.format(element=element, + content=content) + self._run_check(s, [("starttag", element_lower, []), + ("data", content), + ("endtag", element_lower)]) + def test_entityrefs_in_attributes(self): self._run_check("<html foo='€&aa&unsupported;'>", [ |