Merge from 3.1: Issue #13703: add a way to randomize the hash values of basic types (str, bytes, datetime)

in order to make algorithmic complexity attacks on (e.g.) web apps much more complicated. The environment variable PYTHONHASHSEED and the new command line flag -R control this behavior.
author: Georg Brandl <georg@python.org> 2012-02-20 21:31:46 +0100
committer: Georg Brandl <georg@python.org> 2012-02-20 21:31:46 +0100
commit: c046a714e1f2152c7f45bc90d6f3829c34e7029f (patch)
tree: 4ad97aaf7ffcf9e49750a59179ef736b8e62e6e1 /Lib/test/test_html.py
parent: 5af1ccb2a86c32b4a7ed302bd75dd824606fc222 (diff)
parent: 9edd5e108cf2736595d6bb117e1a2a45b4403e85 (diff)
download: cpython-c046a714e1f2152c7f45bc90d6f3829c34e7029f.tar.gz
1 files changed, 24 insertions, 0 deletions
diff --git a/Lib/test/test_html.py b/Lib/test/test_html.py
new file mode 100644
index 0000000000..30dac58e6d
--- /dev/null
+++ b/Lib/test/test_html.py
@@ -0,0 +1,24 @@
+"""
+Tests for the html module functions.
+"""
+
+import html
+import unittest
+from test.support import run_unittest
+
+
+class HtmlTests(unittest.TestCase):
+    def test_escape(self):
+        self.assertEqual(
+            html.escape('\'<script>"&foo;"</script>\''),
+            '&#x27;&lt;script&gt;&quot;&amp;foo;&quot;&lt;/script&gt;&#x27;')
+        self.assertEqual(
+            html.escape('\'<script>"&foo;"</script>\'', False),
+            '\'&lt;script&gt;"&amp;foo;"&lt;/script&gt;\'')
+
+
+def test_main():
+    run_unittest(HtmlTests)
+
+if __name__ == '__main__':
+    test_main()
author	Georg Brandl <georg@python.org>	2012-02-20 21:31:46 +0100
committer	Georg Brandl <georg@python.org>	2012-02-20 21:31:46 +0100
commit	c046a714e1f2152c7f45bc90d6f3829c34e7029f (patch)
tree	4ad97aaf7ffcf9e49750a59179ef736b8e62e6e1 /Lib/test/test_html.py
parent	5af1ccb2a86c32b4a7ed302bd75dd824606fc222 (diff)
parent	9edd5e108cf2736595d6bb117e1a2a45b4403e85 (diff)
download	cpython-c046a714e1f2152c7f45bc90d6f3829c34e7029f.tar.gz