escape_test.py
Go to the documentation of this file.
00001 #!/usr/bin/env python
00002 
00003 
00004 from __future__ import absolute_import, division, print_function, with_statement
00005 import tornado.escape
00006 
00007 from tornado.escape import utf8, xhtml_escape, xhtml_unescape, url_escape, url_unescape, to_unicode, json_decode, json_encode
00008 from tornado.util import u, unicode_type, bytes_type
00009 from tornado.test.util import unittest
00010 
00011 linkify_tests = [
00012     # (input, linkify_kwargs, expected_output)
00013 
00014     ("hello http://world.com/!", {},
00015      u('hello <a href="http://world.com/">http://world.com/</a>!')),
00016 
00017     ("hello http://world.com/with?param=true&stuff=yes", {},
00018      u('hello <a href="http://world.com/with?param=true&amp;stuff=yes">http://world.com/with?param=true&amp;stuff=yes</a>')),
00019 
00020     # an opened paren followed by many chars killed Gruber's regex
00021     ("http://url.com/w(aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", {},
00022      u('<a href="http://url.com/w">http://url.com/w</a>(aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa')),
00023 
00024     # as did too many dots at the end
00025     ("http://url.com/withmany.......................................", {},
00026      u('<a href="http://url.com/withmany">http://url.com/withmany</a>.......................................')),
00027 
00028     ("http://url.com/withmany((((((((((((((((((((((((((((((((((a)", {},
00029      u('<a href="http://url.com/withmany">http://url.com/withmany</a>((((((((((((((((((((((((((((((((((a)')),
00030 
00031     # some examples from http://daringfireball.net/2009/11/liberal_regex_for_matching_urls
00032     # plus a fex extras (such as multiple parentheses).
00033     ("http://foo.com/blah_blah", {},
00034      u('<a href="http://foo.com/blah_blah">http://foo.com/blah_blah</a>')),
00035 
00036     ("http://foo.com/blah_blah/", {},
00037      u('<a href="http://foo.com/blah_blah/">http://foo.com/blah_blah/</a>')),
00038 
00039     ("(Something like http://foo.com/blah_blah)", {},
00040      u('(Something like <a href="http://foo.com/blah_blah">http://foo.com/blah_blah</a>)')),
00041 
00042     ("http://foo.com/blah_blah_(wikipedia)", {},
00043      u('<a href="http://foo.com/blah_blah_(wikipedia)">http://foo.com/blah_blah_(wikipedia)</a>')),
00044 
00045     ("http://foo.com/blah_(blah)_(wikipedia)_blah", {},
00046      u('<a href="http://foo.com/blah_(blah)_(wikipedia)_blah">http://foo.com/blah_(blah)_(wikipedia)_blah</a>')),
00047 
00048     ("(Something like http://foo.com/blah_blah_(wikipedia))", {},
00049      u('(Something like <a href="http://foo.com/blah_blah_(wikipedia)">http://foo.com/blah_blah_(wikipedia)</a>)')),
00050 
00051     ("http://foo.com/blah_blah.", {},
00052      u('<a href="http://foo.com/blah_blah">http://foo.com/blah_blah</a>.')),
00053 
00054     ("http://foo.com/blah_blah/.", {},
00055      u('<a href="http://foo.com/blah_blah/">http://foo.com/blah_blah/</a>.')),
00056 
00057     ("<http://foo.com/blah_blah>", {},
00058      u('&lt;<a href="http://foo.com/blah_blah">http://foo.com/blah_blah</a>&gt;')),
00059 
00060     ("<http://foo.com/blah_blah/>", {},
00061      u('&lt;<a href="http://foo.com/blah_blah/">http://foo.com/blah_blah/</a>&gt;')),
00062 
00063     ("http://foo.com/blah_blah,", {},
00064      u('<a href="http://foo.com/blah_blah">http://foo.com/blah_blah</a>,')),
00065 
00066     ("http://www.example.com/wpstyle/?p=364.", {},
00067      u('<a href="http://www.example.com/wpstyle/?p=364">http://www.example.com/wpstyle/?p=364</a>.')),
00068 
00069     ("rdar://1234",
00070      {"permitted_protocols": ["http", "rdar"]},
00071      u('<a href="rdar://1234">rdar://1234</a>')),
00072 
00073     ("rdar:/1234",
00074      {"permitted_protocols": ["rdar"]},
00075      u('<a href="rdar:/1234">rdar:/1234</a>')),
00076 
00077     ("http://userid:password@example.com:8080", {},
00078      u('<a href="http://userid:password@example.com:8080">http://userid:password@example.com:8080</a>')),
00079 
00080     ("http://userid@example.com", {},
00081      u('<a href="http://userid@example.com">http://userid@example.com</a>')),
00082 
00083     ("http://userid@example.com:8080", {},
00084      u('<a href="http://userid@example.com:8080">http://userid@example.com:8080</a>')),
00085 
00086     ("http://userid:password@example.com", {},
00087      u('<a href="http://userid:password@example.com">http://userid:password@example.com</a>')),
00088 
00089     ("message://%3c330e7f8409726r6a4ba78dkf1fd71420c1bf6ff@mail.gmail.com%3e",
00090      {"permitted_protocols": ["http", "message"]},
00091      u('<a href="message://%3c330e7f8409726r6a4ba78dkf1fd71420c1bf6ff@mail.gmail.com%3e">message://%3c330e7f8409726r6a4ba78dkf1fd71420c1bf6ff@mail.gmail.com%3e</a>')),
00092 
00093     (u("http://\u27a1.ws/\u4a39"), {},
00094      u('<a href="http://\u27a1.ws/\u4a39">http://\u27a1.ws/\u4a39</a>')),
00095 
00096     ("<tag>http://example.com</tag>", {},
00097      u('&lt;tag&gt;<a href="http://example.com">http://example.com</a>&lt;/tag&gt;')),
00098 
00099     ("Just a www.example.com link.", {},
00100      u('Just a <a href="http://www.example.com">www.example.com</a> link.')),
00101 
00102     ("Just a www.example.com link.",
00103      {"require_protocol": True},
00104      u('Just a www.example.com link.')),
00105 
00106     ("A http://reallylong.com/link/that/exceedsthelenglimit.html",
00107      {"require_protocol": True, "shorten": True},
00108      u('A <a href="http://reallylong.com/link/that/exceedsthelenglimit.html" title="http://reallylong.com/link/that/exceedsthelenglimit.html">http://reallylong.com/link...</a>')),
00109 
00110     ("A http://reallylongdomainnamethatwillbetoolong.com/hi!",
00111      {"shorten": True},
00112      u('A <a href="http://reallylongdomainnamethatwillbetoolong.com/hi" title="http://reallylongdomainnamethatwillbetoolong.com/hi">http://reallylongdomainnametha...</a>!')),
00113 
00114     ("A file:///passwords.txt and http://web.com link", {},
00115      u('A file:///passwords.txt and <a href="http://web.com">http://web.com</a> link')),
00116 
00117     ("A file:///passwords.txt and http://web.com link",
00118      {"permitted_protocols": ["file"]},
00119      u('A <a href="file:///passwords.txt">file:///passwords.txt</a> and http://web.com link')),
00120 
00121     ("www.external-link.com",
00122      {"extra_params": 'rel="nofollow" class="external"'},
00123      u('<a href="http://www.external-link.com" rel="nofollow" class="external">www.external-link.com</a>')),
00124 
00125     ("www.external-link.com and www.internal-link.com/blogs extra",
00126      {"extra_params": lambda href: 'class="internal"' if href.startswith("http://www.internal-link.com") else 'rel="nofollow" class="external"'},
00127      u('<a href="http://www.external-link.com" rel="nofollow" class="external">www.external-link.com</a> and <a href="http://www.internal-link.com/blogs" class="internal">www.internal-link.com/blogs</a> extra')),
00128 
00129     ("www.external-link.com",
00130      {"extra_params": lambda href: '    rel="nofollow" class="external"  '},
00131      u('<a href="http://www.external-link.com" rel="nofollow" class="external">www.external-link.com</a>')),
00132 ]
00133 
00134 
00135 class EscapeTestCase(unittest.TestCase):
00136     def test_linkify(self):
00137         for text, kwargs, html in linkify_tests:
00138             linked = tornado.escape.linkify(text, **kwargs)
00139             self.assertEqual(linked, html)
00140 
00141     def test_xhtml_escape(self):
00142         tests = [
00143             ("<foo>", "&lt;foo&gt;"),
00144             (u("<foo>"), u("&lt;foo&gt;")),
00145             (b"<foo>", b"&lt;foo&gt;"),
00146 
00147             ("<>&\"'", "&lt;&gt;&amp;&quot;&#39;"),
00148             ("&amp;", "&amp;amp;"),
00149 
00150             (u("<\u00e9>"), u("&lt;\u00e9&gt;")),
00151             (b"<\xc3\xa9>", b"&lt;\xc3\xa9&gt;"),
00152         ]
00153         for unescaped, escaped in tests:
00154             self.assertEqual(utf8(xhtml_escape(unescaped)), utf8(escaped))
00155             self.assertEqual(utf8(unescaped), utf8(xhtml_unescape(escaped)))
00156 
00157     def test_url_escape_unicode(self):
00158         tests = [
00159             # byte strings are passed through as-is
00160             (u('\u00e9').encode('utf8'), '%C3%A9'),
00161             (u('\u00e9').encode('latin1'), '%E9'),
00162 
00163             # unicode strings become utf8
00164             (u('\u00e9'), '%C3%A9'),
00165         ]
00166         for unescaped, escaped in tests:
00167             self.assertEqual(url_escape(unescaped), escaped)
00168 
00169     def test_url_unescape_unicode(self):
00170         tests = [
00171             ('%C3%A9', u('\u00e9'), 'utf8'),
00172             ('%C3%A9', u('\u00c3\u00a9'), 'latin1'),
00173             ('%C3%A9', utf8(u('\u00e9')), None),
00174         ]
00175         for escaped, unescaped, encoding in tests:
00176             # input strings to url_unescape should only contain ascii
00177             # characters, but make sure the function accepts both byte
00178             # and unicode strings.
00179             self.assertEqual(url_unescape(to_unicode(escaped), encoding), unescaped)
00180             self.assertEqual(url_unescape(utf8(escaped), encoding), unescaped)
00181 
00182     def test_url_escape_quote_plus(self):
00183         unescaped = '+ #%'
00184         plus_escaped = '%2B+%23%25'
00185         escaped = '%2B%20%23%25'
00186         self.assertEqual(url_escape(unescaped), plus_escaped)
00187         self.assertEqual(url_escape(unescaped, plus=False), escaped)
00188         self.assertEqual(url_unescape(plus_escaped), unescaped)
00189         self.assertEqual(url_unescape(escaped, plus=False), unescaped)
00190         self.assertEqual(url_unescape(plus_escaped, encoding=None),
00191                          utf8(unescaped))
00192         self.assertEqual(url_unescape(escaped, encoding=None, plus=False),
00193                          utf8(unescaped))
00194 
00195     def test_escape_return_types(self):
00196         # On python2 the escape methods should generally return the same
00197         # type as their argument
00198         self.assertEqual(type(xhtml_escape("foo")), str)
00199         self.assertEqual(type(xhtml_escape(u("foo"))), unicode_type)
00200 
00201     def test_json_decode(self):
00202         # json_decode accepts both bytes and unicode, but strings it returns
00203         # are always unicode.
00204         self.assertEqual(json_decode(b'"foo"'), u("foo"))
00205         self.assertEqual(json_decode(u('"foo"')), u("foo"))
00206 
00207         # Non-ascii bytes are interpreted as utf8
00208         self.assertEqual(json_decode(utf8(u('"\u00e9"'))), u("\u00e9"))
00209 
00210     def test_json_encode(self):
00211         # json deals with strings, not bytes.  On python 2 byte strings will
00212         # convert automatically if they are utf8; on python 3 byte strings
00213         # are not allowed.
00214         self.assertEqual(json_decode(json_encode(u("\u00e9"))), u("\u00e9"))
00215         if bytes_type is str:
00216             self.assertEqual(json_decode(json_encode(utf8(u("\u00e9")))), u("\u00e9"))
00217             self.assertRaises(UnicodeDecodeError, json_encode, b"\xe9")


rosbridge_server
Author(s): Jonathan Mace
autogenerated on Thu Jun 6 2019 21:51:50