diff options
author | Tobias Geerinckx-Rice <me@tobias.gr> | 2018-09-10 18:01:51 +0200 |
---|---|---|
committer | Tobias Geerinckx-Rice <me@tobias.gr> | 2018-09-10 18:21:59 +0200 |
commit | 7c8b1bf66448d072be67682ed3ce618da831f72f (patch) | |
tree | a48e5a2fa054bdc02a6c3806107bd1dfd9a3a98e /gnu/packages/patches/python-genshi-stripping-of-unsafe-script-tags.patch | |
parent | 83397e07862198cf3145112c8100fd8dd142fd21 (diff) |
gnu: python-genshi: Update to 0.7.1.
* gnu/packages/python-web.scm (python-genshi): Update to 0.7.1.
[source]: Use GIT-FETCH and GIT-FILE-NAME. Remove patches.
* gnu/packages/patches/python-genshi-add-support-for-python-3.4-AST.patch,
gnu/packages/patches/python-genshi-buildable-on-python-2.7.patch,
gnu/packages/patches/python-genshi-disable-speedups-on-python-3.3.patch,
gnu/packages/patches/python-genshi-fix-tests-on-python-3.5.patch,
gnu/packages/patches/python-genshi-isstring-helper.patch,
gnu/packages/patches/python-genshi-stripping-of-unsafe-script-tags.patch:
Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
Diffstat (limited to 'gnu/packages/patches/python-genshi-stripping-of-unsafe-script-tags.patch')
-rw-r--r-- | gnu/packages/patches/python-genshi-stripping-of-unsafe-script-tags.patch | 51 |
1 files changed, 0 insertions, 51 deletions
diff --git a/gnu/packages/patches/python-genshi-stripping-of-unsafe-script-tags.patch b/gnu/packages/patches/python-genshi-stripping-of-unsafe-script-tags.patch deleted file mode 100644 index 29951a6149..0000000000 --- a/gnu/packages/patches/python-genshi-stripping-of-unsafe-script-tags.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 0769be04c3891ae5c724c6779ba13d1d0f53b4ae Mon Sep 17 00:00:00 2001 -From: Simon Cross <hodgestar@gmail.com> -Date: Sun, 16 Feb 2014 18:25:17 +0000 -Subject: [PATCH 01/15] Also allow stripping of unsafe script tags (Python 3.4 - parses the second example as a tag whose name is script&xyz). - ---- - genshi/filters/tests/test_html.py | 14 ++++++++++---- - 1 file changed, 10 insertions(+), 4 deletions(-) - -diff --git a/genshi/filters/tests/test_html.py b/genshi/filters/tests/test_html.py -index 0c6cfe1..45ec0da 100644 ---- a/genshi/filters/tests/test_html.py -+++ b/genshi/filters/tests/test_html.py -@@ -368,12 +368,16 @@ def StyleSanitizer(): - - class HTMLSanitizerTestCase(unittest.TestCase): - -- def assert_parse_error_or_equal(self, expected, exploit): -+ def assert_parse_error_or_equal(self, expected, exploit, -+ allow_strip=False): - try: - html = HTML(exploit) - except ParseError: - return -- self.assertEquals(expected, (html | HTMLSanitizer()).render()) -+ sanitized_html = (html | HTMLSanitizer()).render() -+ if not sanitized_html and allow_strip: -+ return -+ self.assertEquals(expected, sanitized_html) - - def test_sanitize_unchanged(self): - html = HTML(u'<a href="#">fo<br />o</a>') -@@ -416,10 +420,12 @@ class HTMLSanitizerTestCase(unittest.TestCase): - html = HTML(u'<SCRIPT SRC="http://example.com/"></SCRIPT>') - self.assertEquals('', (html | HTMLSanitizer()).render()) - src = u'<SCR\0IPT>alert("foo")</SCR\0IPT>' -- self.assert_parse_error_or_equal('<SCR\x00IPT>alert("foo")', src) -+ self.assert_parse_error_or_equal('<SCR\x00IPT>alert("foo")', src, -+ allow_strip=True) - src = u'<SCRIPT&XYZ SRC="http://example.com/"></SCRIPT>' - self.assert_parse_error_or_equal('<SCRIPT&XYZ; ' -- 'SRC="http://example.com/">', src) -+ 'SRC="http://example.com/">', src, -+ allow_strip=True) - - def test_sanitize_remove_onclick_attr(self): - html = HTML(u'<div onclick=\'alert("foo")\' />') --- -2.12.0 - |