Commits

Mike Orr committed 1bbbf7a

Fix HTML overescaping and underescaping in auto_link(). Patch by Marius
Gedminas.

Comments (0)

Files changed (3)

 tip (development version)
 -------------------------
 * webhelpers.html.tools:
-  - Fix HTML overescaping in auto_link().  Patch by Marius Gedminas.
+  - Fix HTML overescaping and underescaping in auto_link().  Patch by Marius
+    Gedminas.
 * webhelpers.pylonslib:
   - Fix HTML overescaping.  Patch by Marius Gedminas.
 

tests/test_tools.py

         self.assertEqual(u"Go to %(link_result)s" % result_values, auto_link("Go to %(link_raw)s" % raw_values, 'urls'))
         self.assertEqual(u"Go to %(link_raw)s" % raw_values, auto_link("Go to %(link_raw)s" % raw_values, 'email_addresses'))
         self.assertEqual(u"Go to %(link_result)s and say hello to %(email_result)s" % result_values, auto_link("Go to %(link_raw)s and say hello to %(email_raw)s" % raw_values))
-        self.assertEqual(u"<p>Link %(link_result)s</p>" % result_values, auto_link("<p>Link %(link_raw)s</p>" % raw_values))
-        self.assertEqual(u"<p>%(link_result)s Link</p>" % result_values, auto_link("<p>%(link_raw)s Link</p>" % raw_values))
-        self.assertEqual(u"<p>Link %(link_result_with_options)s</p>" % result_values, auto_link("<p>Link %(link_raw)s</p>" % raw_values, 'all', target='_blank'))
+        self.assertEqual(u"<p>Link %(link_result)s</p>" % result_values, auto_link(literal("<p>Link %(link_raw)s</p>") % raw_values))
+        self.assertEqual(u"<p>%(link_result)s Link</p>" % result_values, auto_link(literal("<p>%(link_raw)s Link</p>") % raw_values))
+        self.assertEqual(u"<p>Link %(link_result_with_options)s</p>" % result_values, auto_link(literal("<p>Link %(link_raw)s</p>") % raw_values, 'all', target='_blank'))
         self.assertEqual(u"Go to %(link_result)s." % result_values, auto_link("Go to %(link_raw)s." % raw_values))
-        self.assertEqual(u"<p>Go to %(link_result)s, then say hello to %(email_result)s.</p>" % result_values, auto_link("<p>Go to %(link_raw)s, then say hello to %(email_raw)s.</p>" % raw_values))
+        self.assertEqual(u"<p>Go to %(link_result)s, then say hello to %(email_result)s.</p>" % result_values, auto_link(literal("<p>Go to %(link_raw)s, then say hello to %(email_raw)s.</p>") % raw_values))
         self.assertEqual(u"Go to %(link2_result)s" % result_values, auto_link("Go to %(link2_raw)s" % raw_values, 'urls'))
         self.assertEqual(u"Go to %(link2_raw)s" % raw_values, auto_link("Go to %(link2_raw)s" % raw_values, 'email_addresses'))
-        self.assertEqual(u"<p>Link %(link2_result)s</p>" % result_values, auto_link("<p>Link %(link2_raw)s</p>" % raw_values))
-        self.assertEqual(u"<p>%(link2_result)s Link</p>" % result_values, auto_link("<p>%(link2_raw)s Link</p>" % raw_values))
-        self.assertEqual(u"Go to %(link2_result)s." % result_values, auto_link("Go to %(link2_raw)s." % raw_values))
-        self.assertEqual(u"<p>Say hello to %(email_result)s, then go to %(link2_result)s.</p>" % result_values, auto_link("<p>Say hello to %(email_raw)s, then go to %(link2_raw)s.</p>" % raw_values))
+        self.assertEqual(u"<p>Link %(link2_result)s</p>" % result_values, auto_link(literal("<p>Link %(link2_raw)s</p>") % raw_values))
+        self.assertEqual(u"<p>%(link2_result)s Link</p>" % result_values, auto_link(literal("<p>%(link2_raw)s Link</p>") % raw_values))
+        self.assertEqual(u"Go to %(link2_result)s." % result_values, auto_link(literal("Go to %(link2_raw)s.") % raw_values))
+        self.assertEqual(u"<p>Say hello to %(email_result)s, then go to %(link2_result)s.</p>" % result_values, auto_link(literal("<p>Say hello to %(email_raw)s, then go to %(link2_raw)s.</p>") % raw_values))
         self.assertEqual(u"Go to %(link3_result)s" % result_values, auto_link("Go to %(link3_raw)s" % raw_values, 'urls'))
         self.assertEqual(u"Go to %(link3_raw)s" % raw_values, auto_link("Go to %(link3_raw)s" % raw_values, 'email_addresses'))
-        self.assertEqual(u"<p>Link %(link3_result)s</p>" % result_values, auto_link("<p>Link %(link3_raw)s</p>" % raw_values))
-        self.assertEqual(u"<p>%(link3_result)s Link</p>" % result_values, auto_link("<p>%(link3_raw)s Link</p>" % raw_values))
+        self.assertEqual(u"<p>Link %(link3_result)s</p>" % result_values, auto_link(literal("<p>Link %(link3_raw)s</p>") % raw_values))
+        self.assertEqual(u"<p>%(link3_result)s Link</p>" % result_values, auto_link(literal("<p>%(link3_raw)s Link</p>") % raw_values))
         self.assertEqual(u"Go to %(link3_result)s." % result_values, auto_link("Go to %(link3_raw)s." % raw_values))
-        self.assertEqual(u"<p>Go to %(link3_result)s. seriously, %(link3_result)s? i think I'll say hello to %(email_result)s. instead.</p>" % result_values, auto_link("<p>Go to %(link3_raw)s. seriously, %(link3_raw)s? i think I'll say hello to %(email_raw)s. instead.</p>" % raw_values))
-        self.assertEqual(u"<p>Link %(link4_result)s</p>" % result_values, auto_link("<p>Link %(link4_raw)s</p>" % raw_values))
-        self.assertEqual(u"<p>%(link4_result)s Link</p>" % result_values, auto_link("<p>%(link4_raw)s Link</p>" % raw_values))
-        self.assertEqual(u"<p>%(link5_result)s Link</p>" % result_values, auto_link("<p>%(link5_raw)s Link</p>" % raw_values))
-        self.assertEqual(u"<p>%(link6_result)s Link</p>" % result_values, auto_link("<p>%(link6_raw)s Link</p>" % raw_values))
-        self.assertEqual(u"<p>%(link7_result)s Link</p>" % result_values, auto_link("<p>%(link7_raw)s Link</p>" % raw_values))
+        self.assertEqual(u"<p>Go to %(link3_result)s. seriously, %(link3_result)s? i think I'll say hello to %(email_result)s. instead.</p>" % result_values, auto_link(literal("<p>Go to %(link3_raw)s. seriously, %(link3_raw)s? i think I'll say hello to %(email_raw)s. instead.</p>") % raw_values))
+        self.assertEqual(u"<p>Link %(link4_result)s</p>" % result_values, auto_link(literal("<p>Link %(link4_raw)s</p>") % raw_values))
+        self.assertEqual(u"<p>%(link4_result)s Link</p>" % result_values, auto_link(literal("<p>%(link4_raw)s Link</p>") % raw_values))
+        self.assertEqual(u"<p>%(link5_result)s Link</p>" % result_values, auto_link(literal("<p>%(link5_raw)s Link</p>") % raw_values))
+        self.assertEqual(u"<p>%(link6_result)s Link</p>" % result_values, auto_link(literal("<p>%(link6_raw)s Link</p>") % raw_values))
+        self.assertEqual(u"<p>%(link7_result)s Link</p>" % result_values, auto_link(literal("<p>%(link7_raw)s Link</p>") % raw_values))
         self.assertEqual(u"Go to %(link8_result)s" % result_values, auto_link("Go to %(link8_raw)s" % raw_values, 'urls'))
         self.assertEqual(u"Go to %(link8_raw)s" % raw_values, auto_link("Go to %(link8_raw)s" % raw_values, 'email_addresses'))
-        self.assertEqual(u"<p>Link %(link8_result)s</p>" % result_values, auto_link("<p>Link %(link8_raw)s</p>" % raw_values))
-        self.assertEqual(u"<p>%(link8_result)s Link</p>" % result_values, auto_link("<p>%(link8_raw)s Link</p>" % raw_values))
+        self.assertEqual(u"<p>Link %(link8_result)s</p>" % result_values, auto_link(literal("<p>Link %(link8_raw)s</p>") % raw_values))
+        self.assertEqual(u"<p>%(link8_result)s Link</p>" % result_values, auto_link(literal("<p>%(link8_raw)s Link</p>") % raw_values))
         self.assertEqual(u"Go to %(link8_result)s." % result_values, auto_link("Go to %(link8_raw)s." % raw_values))
-        self.assertEqual(u"<p>Go to %(link8_result)s. seriously, %(link8_result)s? i think I'll say hello to %(email_result)s. instead.</p>" % result_values, auto_link("<p>Go to %(link8_raw)s. seriously, %(link8_raw)s? i think I'll say hello to %(email_raw)s. instead.</p>" % raw_values))
+        self.assertEqual(u"<p>Go to %(link8_result)s. seriously, %(link8_result)s? i think I'll say hello to %(email_result)s. instead.</p>" % result_values, auto_link(literal("<p>Go to %(link8_raw)s. seriously, %(link8_raw)s? i think I'll say hello to %(email_raw)s. instead.</p>") % raw_values))
         self.assertEqual(u"Go to %(link9_result)s" % result_values, auto_link("Go to %(link9_raw)s" % raw_values, 'urls'))
         self.assertEqual(u"Go to %(link9_raw)s" % raw_values, auto_link("Go to %(link9_raw)s" % raw_values, 'email_addresses'))
-        self.assertEqual(u"<p>Link %(link9_result)s</p>" % result_values, auto_link("<p>Link %(link9_raw)s</p>" % raw_values))
-        self.assertEqual(u"<p>%(link9_result)s Link</p>" % result_values, auto_link("<p>%(link9_raw)s Link</p>" % raw_values))
+        self.assertEqual(u"<p>Link %(link9_result)s</p>" % result_values, auto_link(literal("<p>Link %(link9_raw)s</p>") % raw_values))
+        self.assertEqual(u"<p>%(link9_result)s Link</p>" % result_values, auto_link(literal("<p>%(link9_raw)s Link</p>") % raw_values))
         self.assertEqual(u"Go to %(link9_result)s." % result_values, auto_link("Go to %(link9_raw)s." % raw_values))
-        self.assertEqual(u"<p>Go to %(link9_result)s. seriously, %(link9_result)s? i think I'll say hello to %(email_result)s. instead.</p>" % result_values, auto_link("<p>Go to %(link9_raw)s. seriously, %(link9_raw)s? i think I'll say hello to %(email_raw)s. instead.</p>" % raw_values))
+        self.assertEqual(u"<p>Go to %(link9_result)s. seriously, %(link9_result)s? i think I'll say hello to %(email_result)s. instead.</p>" % result_values, auto_link(literal("<p>Go to %(link9_raw)s. seriously, %(link9_raw)s? i think I'll say hello to %(email_raw)s. instead.</p>") % raw_values))
         self.assertEqual(u"", auto_link(None))
         self.assertEqual(u"", auto_link(""))
 

webhelpers/html/tools.py

         
     """
     if not text:
-        return u""
+        return literal(u"")
+    text = escape(text)
     if link == "all":
         return _auto_link_urls(_auto_link_email_addresses(text), **href_options)
     elif link == "email_addresses":