diff options
-rw-r--r-- | .gitignore | 1 | ||||
-rw-r--r-- | markupsafe/__init__.py | 2 | ||||
-rw-r--r-- | markupsafe/tests.py | 70 | ||||
-rw-r--r-- | setup.py | 1 |
4 files changed, 73 insertions, 1 deletions
@@ -2,6 +2,7 @@ *.pyc *.pyo *.o +*.so env dist build diff --git a/markupsafe/__init__.py b/markupsafe/__init__.py index 8053ce0..3e07f49 100644 --- a/markupsafe/__init__.py +++ b/markupsafe/__init__.py @@ -12,7 +12,7 @@ import re from itertools import imap -__all__ = ['Module', 'soft_unicode'] +__all__ = ['Module', 'soft_unicode', 'escape'] _striptags_re = re.compile(r'(<!--.*?-->|<[^>]*>)') diff --git a/markupsafe/tests.py b/markupsafe/tests.py new file mode 100644 index 0000000..51b7bb4 --- /dev/null +++ b/markupsafe/tests.py @@ -0,0 +1,70 @@ +import gc +import unittest +from markupsafe import Markup, escape + + +class MarkupTestCase(unittest.TestCase): + + def test_markup_operations(self): + # adding two strings should escape the unsafe one + unsafe = '<script type="application/x-some-script">alert("foo");</script>' + safe = Markup('<em>username</em>') + assert unsafe + safe == unicode(escape(unsafe)) + unicode(safe) + + # string interpolations are safe to use too + assert Markup('<em>%s</em>') % '<bad user>' == \ + '<em><bad user></em>' + assert Markup('<em>%(username)s</em>') % { + 'username': '<bad user>' + } == '<em><bad user></em>' + + # an escaped object is markup too + assert type(Markup('foo') + 'bar') is Markup + + # and it implements __html__ by returning itself + x = Markup("foo") + assert x.__html__() is x + + # it also knows how to treat __html__ objects + class Foo(object): + def __html__(self): + return '<em>awesome</em>' + def __unicode__(self): + return 'awesome' + assert Markup(Foo()) == '<em>awesome</em>' + assert Markup('<strong>%s</strong>') % Foo() == \ + '<strong><em>awesome</em></strong>' + + # escaping and unescaping + assert escape('"<>&\'') == '"<>&'' + assert Markup("<em>Foo & Bar</em>").striptags() == "Foo & Bar" + assert Markup("<test>").unescape() == "<test>" + + +class MarkupLeakTestCase(unittest.TestCase): + + def test_markup_leaks(self): + counts = set() + for count in xrange(20): + for item in xrange(1000): + escape("foo") + escape("<foo>") + escape(u"foo") + escape(u"<foo>") + counts.add(len(gc.get_objects())) + assert len(counts) == 1, 'ouch, c extension seems to leak objects' + + +def suite(): + suite = unittest.TestSuite() + suite.addTest(unittest.makeSuite(MarkupTestCase)) + + # this test only tests the c extension + if not hasattr(escape, 'func_code'): + suite.addTest(unittest.makeSuite(MarkupLeakTestCase)) + + return suite + + +if __name__ == '__main__': + unittest.main(defaultTest='suite') @@ -75,6 +75,7 @@ def run_setup(with_binary): 'Topic :: Text Processing :: Markup :: HTML' ], packages=['markupsafe'], + test_suite='markupsafe.tests.suite', include_package_data=True, cmdclass={'build_ext': ve_build_ext}, features=features |