failure to sanitize input #173
Description
failure to sanitize input appropriately (NOTE: the <a href=javascript:alert(1)>
is not removed):
input:
"""
import html5lib
from html5lib import treebuilders, treewalkers, serializer
from html5lib.filters import sanitizer
from html5lib import sanitizer as LOL
p = html5lib.HTMLParser(tree=treebuilders.getTreeBuilder("dom"))
dom_tree = p.parse("<p><strong>Hello <a href='javascript:alert(1)'> ????
</a></strong> World</p>")
walker = treewalkers.getTreeWalker("dom")
stre = walker(dom_tree)
stream = sanitizer.Filter(stre)
s = serializer.htmlserializer.HTMLSerializer(tokenizer=LOL.HTMLSanitizer)
output_generator = s.serialize(stream)
for item in output_generator:
print item
"""
output:
'''
<p>
<strong>
Hello
<a href=javascript:alert(1)>
????
</a>
</strong>
World
'''
Original issue reported on code.google.com by db.pub.m...@gmail.com on 18 Feb 2011 at 1:43
- Merged into: Sanitizing filter broken in 0.90 #162