mirror of
https://github.com/django/django.git
synced 2024-11-28 10:48:32 +01:00
Improved regex in strip_tags
Thanks Pablo Recio for the report. Refs #19237.
This commit is contained in:
parent
afa3e16334
commit
d7504a3d7b
@ -33,7 +33,7 @@ link_target_attribute_re = re.compile(r'(<a [^>]*?)target=[^\s>]+')
|
||||
html_gunk_re = re.compile(r'(?:<br clear="all">|<i><\/i>|<b><\/b>|<em><\/em>|<strong><\/strong>|<\/?smallcaps>|<\/?uppercase>)', re.IGNORECASE)
|
||||
hard_coded_bullets_re = re.compile(r'((?:<p>(?:%s).*?[a-zA-Z].*?</p>\s*)+)' % '|'.join([re.escape(x) for x in DOTS]), re.DOTALL)
|
||||
trailing_empty_content_re = re.compile(r'(?:<p>(?: |\s|<br \/>)*?</p>\s*)+\Z')
|
||||
strip_tags_re = re.compile(r'</?\S([^=]*=(\s*"[^"]*"|\s*\'[^\']*\'|\S*)|[^>])*?>', re.IGNORECASE)
|
||||
strip_tags_re = re.compile(r'</?\S([^=>]*=(\s*"[^"]*"|\s*\'[^\']*\'|\S*)|[^>])*?>', re.IGNORECASE)
|
||||
|
||||
|
||||
def escape(text):
|
||||
|
@ -68,6 +68,7 @@ class TestUtilsHtml(unittest.TestCase):
|
||||
('a<p onclick="alert(\'<test>\')">b</p>c', 'abc'),
|
||||
('a<p a >b</p>c', 'abc'),
|
||||
('d<a:b c:d>e</p>f', 'def'),
|
||||
('<strong>foo</strong><a href="http://example.com">bar</a>', 'foobar'),
|
||||
)
|
||||
for value, output in items:
|
||||
self.check_output(f, value, output)
|
||||
|
Loading…
Reference in New Issue
Block a user