RetroSearch Browse

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://github.com/python/cpython/commit/39a0c7555530e31c6941a78da19b6a5b61170687 below:

Escape the server_title (GH-16373) · python/cpython@39a0c75 · GitHub

File tree Expand file treeCollapse file tree 3 files changed

+21

-1

lines changed

Filter options

Misc/NEWS.d/next/Security

Expand file treeCollapse file tree 3 files changed

+21

-1

lines changed Original file line number Diff line number Diff line change


 @@ -1,5 +1,6 @@

1 1


 from xmlrpc.server import DocXMLRPCServer

2 2


 import http.client

3

+
 import re

3 4


 import sys

4 5


 import threading

5 6


 from test import support


 @@ -193,6 +194,21 @@ def test_annotations(self):

193 194


 b'method_annotation</strong></a>(x: bytes)</dt></dl>'),

194 195


 response.read())

195 196 197

+
 def test_server_title_escape(self):

198

+
 # bpo-38243: Ensure that the server title and documentation

199

+
 # are escaped for HTML.

200

+
 self.serv.set_server_title('test_title<script>')

201

+
 self.serv.set_server_documentation('test_documentation<script>')

202

+
 self.assertEqual('test_title<script>', self.serv.server_title)

203

+
 self.assertEqual('test_documentation<script>',

204

+
 self.serv.server_documentation)

205 + 206

+
 generated = self.serv.generate_html_documentation()

207

+
 title = re.search(r'<title>(.+?)</title>', generated).group()

208

+
 documentation = re.search(r'<p><tt>(.+?)</tt></p>', generated).group()

209

+
 self.assertEqual('<title>Python: test_title&lt;script&gt;</title>', title)

210

+
 self.assertEqual('<p><tt>test_documentation&lt;script&gt;</tt></p>', documentation)

211 + 196 212 197 213


 if __name__ == '__main__':

198 214


 unittest.main()

Original file line number Diff line number Diff line change


 @@ -108,6 +108,7 @@ def export_add(self, x, y):

108 108


 from http.server import BaseHTTPRequestHandler

109 109


 from functools import partial

110 110


 from inspect import signature

111

+
 import html

111 112


 import http.server

112 113


 import socketserver

113 114


 import sys


 @@ -894,7 +895,7 @@ def generate_html_documentation(self):

894 895


 methods

895 896

896 897 897

-
 return documenter.page(self.server_title, documentation)

898

+
 return documenter.page(html.escape(self.server_title), documentation)

898 899 899 900


 class DocXMLRPCRequestHandler(SimpleXMLRPCRequestHandler):

900 901


 """XML-RPC and documentation request handler class.

Original file line number Diff line number Diff line change


 @@ -0,0 +1,3 @@

1

+
 Escape the server title of :class:`xmlrpc.server.DocXMLRPCServer`

2

+
 when rendering the document page as HTML.

3

+
 (Contributed by Dong-hee Na in :issue:`38243`.)

You can’t perform that action at this time.

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4