Skip to content

Commit bea50af

Browse files
rubysrubys
committed
Ensure that astral plane characters sanitize correctly
--HG-- extra : convert_revision : svn%3Aacbfec75-9323-0410-a652-858a13e371e0/trunk%40640
1 parent 298b1a5 commit bea50af

File tree

2 files changed

+5
-1
lines changed

2 files changed

+5
-1
lines changed

tests/test_sanitizer.py

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -97,6 +97,11 @@ def test_img_vbscript(self):
9797
self.assertEqual(u'<img/>',
9898
self.sanitize_html("""<img src='vbscript:msgbox("XSS")' />"""))
9999

100+
def test_should_handle_astral_plane_characters(self):
101+
self.assertEqual(u"<p>\U0001d4b5 \U0001d538</p>",
102+
self.sanitize_html("<p>&#x1d4b5; &#x1d538;</p>"))
103+
104+
100105
for i,img_hack in enumerate(
101106
["""<img src="javascript:alert('XSS');" />""",
102107
"""<img src=javascript:alert('XSS') />""",

tests/test_serializer.py

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,6 @@ def addTest(cls, name, expected, input, description, options):
4343
addTest = classmethod(addTest)
4444

4545
def mockTest(self, expected, input, options):
46-
exception = None
4746
result = self.serialize_html(input, options)
4847
if result not in expected:
4948
if options.get("omit_optional_tags", True):

0 commit comments

Comments
 (0)