2015-08-02 18:59:11 +00:00
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
import gc
|
2016-11-09 18:24:33 +00:00
|
|
|
import sys
|
2015-08-02 18:59:11 +00:00
|
|
|
import unittest
|
|
|
|
from markupsafe import Markup, escape, escape_silent
|
|
|
|
from markupsafe._compat import text_type
|
|
|
|
|
|
|
|
|
|
|
|
class MarkupTestCase(unittest.TestCase):
|
|
|
|
|
|
|
|
def test_adding(self):
|
|
|
|
# adding two strings should escape the unsafe one
|
|
|
|
unsafe = '<script type="application/x-some-script">alert("foo");</script>'
|
|
|
|
safe = Markup('<em>username</em>')
|
|
|
|
assert unsafe + safe == text_type(escape(unsafe)) + text_type(safe)
|
|
|
|
|
|
|
|
def test_string_interpolation(self):
|
|
|
|
# string interpolations are safe to use too
|
|
|
|
assert Markup('<em>%s</em>') % '<bad user>' == \
|
|
|
|
'<em><bad user></em>'
|
|
|
|
assert Markup('<em>%(username)s</em>') % {
|
|
|
|
'username': '<bad user>'
|
|
|
|
} == '<em><bad user></em>'
|
|
|
|
|
|
|
|
assert Markup('%i') % 3.14 == '3'
|
|
|
|
assert Markup('%.2f') % 3.14 == '3.14'
|
|
|
|
|
|
|
|
def test_type_behavior(self):
|
|
|
|
# an escaped object is markup too
|
|
|
|
assert type(Markup('foo') + 'bar') is Markup
|
|
|
|
|
|
|
|
# and it implements __html__ by returning itself
|
|
|
|
x = Markup("foo")
|
|
|
|
assert x.__html__() is x
|
|
|
|
|
|
|
|
def test_html_interop(self):
|
|
|
|
# it also knows how to treat __html__ objects
|
|
|
|
class Foo(object):
|
|
|
|
def __html__(self):
|
|
|
|
return '<em>awesome</em>'
|
|
|
|
def __unicode__(self):
|
|
|
|
return 'awesome'
|
|
|
|
__str__ = __unicode__
|
|
|
|
assert Markup(Foo()) == '<em>awesome</em>'
|
|
|
|
assert Markup('<strong>%s</strong>') % Foo() == \
|
2016-11-09 18:24:33 +00:00
|
|
|
'<strong><em>awesome</em></strong>'
|
2015-08-02 18:59:11 +00:00
|
|
|
|
|
|
|
def test_tuple_interpol(self):
|
|
|
|
self.assertEqual(Markup('<em>%s:%s</em>') % (
|
|
|
|
'<foo>',
|
|
|
|
'<bar>',
|
|
|
|
), Markup(u'<em><foo>:<bar></em>'))
|
|
|
|
|
|
|
|
def test_dict_interpol(self):
|
|
|
|
self.assertEqual(Markup('<em>%(foo)s</em>') % {
|
|
|
|
'foo': '<foo>',
|
|
|
|
}, Markup(u'<em><foo></em>'))
|
|
|
|
self.assertEqual(Markup('<em>%(foo)s:%(bar)s</em>') % {
|
|
|
|
'foo': '<foo>',
|
|
|
|
'bar': '<bar>',
|
|
|
|
}, Markup(u'<em><foo>:<bar></em>'))
|
|
|
|
|
|
|
|
def test_escaping(self):
|
|
|
|
# escaping and unescaping
|
|
|
|
assert escape('"<>&\'') == '"<>&''
|
|
|
|
assert Markup("<em>Foo & Bar</em>").striptags() == "Foo & Bar"
|
|
|
|
assert Markup("<test>").unescape() == "<test>"
|
|
|
|
|
2016-11-09 18:24:33 +00:00
|
|
|
def test_formatting(self):
|
|
|
|
for actual, expected in (
|
|
|
|
(Markup('%i') % 3.14, '3'),
|
|
|
|
(Markup('%.2f') % 3.14159, '3.14'),
|
|
|
|
(Markup('%s %s %s') % ('<', 123, '>'), '< 123 >'),
|
|
|
|
(Markup('<em>{awesome}</em>').format(awesome='<awesome>'),
|
|
|
|
'<em><awesome></em>'),
|
|
|
|
(Markup('{0[1][bar]}').format([0, {'bar': '<bar/>'}]),
|
|
|
|
'<bar/>'),
|
|
|
|
(Markup('{0[1][bar]}').format([0, {'bar': Markup('<bar/>')}]),
|
|
|
|
'<bar/>')):
|
|
|
|
assert actual == expected, "%r should be %r!" % (actual, expected)
|
|
|
|
|
|
|
|
# This is new in 2.7
|
|
|
|
if sys.version_info >= (2, 7):
|
|
|
|
def test_formatting_empty(self):
|
|
|
|
formatted = Markup('{}').format(0)
|
|
|
|
assert formatted == Markup('0')
|
|
|
|
|
|
|
|
def test_custom_formatting(self):
|
|
|
|
class HasHTMLOnly(object):
|
|
|
|
def __html__(self):
|
|
|
|
return Markup('<foo>')
|
|
|
|
|
|
|
|
class HasHTMLAndFormat(object):
|
|
|
|
def __html__(self):
|
|
|
|
return Markup('<foo>')
|
|
|
|
def __html_format__(self, spec):
|
|
|
|
return Markup('<FORMAT>')
|
|
|
|
|
|
|
|
assert Markup('{0}').format(HasHTMLOnly()) == Markup('<foo>')
|
|
|
|
assert Markup('{0}').format(HasHTMLAndFormat()) == Markup('<FORMAT>')
|
|
|
|
|
|
|
|
def test_complex_custom_formatting(self):
|
|
|
|
class User(object):
|
|
|
|
def __init__(self, id, username):
|
|
|
|
self.id = id
|
|
|
|
self.username = username
|
|
|
|
def __html_format__(self, format_spec):
|
|
|
|
if format_spec == 'link':
|
|
|
|
return Markup('<a href="/user/{0}">{1}</a>').format(
|
|
|
|
self.id,
|
|
|
|
self.__html__(),
|
|
|
|
)
|
|
|
|
elif format_spec:
|
|
|
|
raise ValueError('Invalid format spec')
|
|
|
|
return self.__html__()
|
|
|
|
def __html__(self):
|
|
|
|
return Markup('<span class=user>{0}</span>').format(self.username)
|
|
|
|
|
|
|
|
user = User(1, 'foo')
|
|
|
|
assert Markup('<p>User: {0:link}').format(user) == \
|
|
|
|
Markup('<p>User: <a href="/user/1"><span class=user>foo</span></a>')
|
|
|
|
|
2015-08-02 18:59:11 +00:00
|
|
|
def test_all_set(self):
|
|
|
|
import markupsafe as markup
|
|
|
|
for item in markup.__all__:
|
|
|
|
getattr(markup, item)
|
|
|
|
|
|
|
|
def test_escape_silent(self):
|
|
|
|
assert escape_silent(None) == Markup()
|
|
|
|
assert escape(None) == Markup(None)
|
|
|
|
assert escape_silent('<foo>') == Markup(u'<foo>')
|
|
|
|
|
|
|
|
def test_splitting(self):
|
|
|
|
self.assertEqual(Markup('a b').split(), [
|
|
|
|
Markup('a'),
|
|
|
|
Markup('b')
|
|
|
|
])
|
|
|
|
self.assertEqual(Markup('a b').rsplit(), [
|
|
|
|
Markup('a'),
|
|
|
|
Markup('b')
|
|
|
|
])
|
|
|
|
self.assertEqual(Markup('a\nb').splitlines(), [
|
|
|
|
Markup('a'),
|
|
|
|
Markup('b')
|
|
|
|
])
|
|
|
|
|
|
|
|
def test_mul(self):
|
|
|
|
self.assertEqual(Markup('a') * 3, Markup('aaa'))
|
|
|
|
|
|
|
|
|
|
|
|
class MarkupLeakTestCase(unittest.TestCase):
|
|
|
|
|
|
|
|
def test_markup_leaks(self):
|
|
|
|
counts = set()
|
|
|
|
for count in range(20):
|
|
|
|
for item in range(1000):
|
|
|
|
escape("foo")
|
|
|
|
escape("<foo>")
|
|
|
|
escape(u"foo")
|
|
|
|
escape(u"<foo>")
|
|
|
|
counts.add(len(gc.get_objects()))
|
|
|
|
assert len(counts) == 1, 'ouch, c extension seems to leak objects'
|
|
|
|
|
|
|
|
|
|
|
|
def suite():
|
|
|
|
suite = unittest.TestSuite()
|
|
|
|
suite.addTest(unittest.makeSuite(MarkupTestCase))
|
|
|
|
|
|
|
|
# this test only tests the c extension
|
|
|
|
if not hasattr(escape, 'func_code'):
|
|
|
|
suite.addTest(unittest.makeSuite(MarkupLeakTestCase))
|
|
|
|
|
|
|
|
return suite
|
|
|
|
|
|
|
|
|
|
|
|
if __name__ == '__main__':
|
|
|
|
unittest.main(defaultTest='suite')
|
|
|
|
|
|
|
|
# vim:sts=4:sw=4:et:
|