|
 |
516ee7 |
diff --git a/Lib/DocXMLRPCServer.py b/Lib/DocXMLRPCServer.py
|
|
|
516ee7 |
index 4064ec2..90b037d 100644
|
|
|
516ee7 |
--- a/Lib/DocXMLRPCServer.py
|
|
|
516ee7 |
+++ b/Lib/DocXMLRPCServer.py
|
|
|
516ee7 |
@@ -20,6 +20,16 @@ from SimpleXMLRPCServer import (SimpleXMLRPCServer,
|
|
|
516ee7 |
CGIXMLRPCRequestHandler,
|
|
|
516ee7 |
resolve_dotted_attribute)
|
|
|
516ee7 |
|
|
|
516ee7 |
+
|
|
|
516ee7 |
+def _html_escape_quote(s):
|
|
|
516ee7 |
+ s = s.replace("&", "&") # Must be done first!
|
|
|
516ee7 |
+ s = s.replace("<", "<")
|
|
|
516ee7 |
+ s = s.replace(">", ">")
|
|
|
516ee7 |
+ s = s.replace('"', """)
|
|
|
516ee7 |
+ s = s.replace('\'', "'")
|
|
|
516ee7 |
+ return s
|
|
|
516ee7 |
+
|
|
|
516ee7 |
+
|
|
|
516ee7 |
class ServerHTMLDoc(pydoc.HTMLDoc):
|
|
|
516ee7 |
"""Class used to generate pydoc HTML document for a server"""
|
|
|
516ee7 |
|
|
|
516ee7 |
@@ -210,7 +220,8 @@ class XMLRPCDocGenerator:
|
|
|
516ee7 |
methods
|
|
|
516ee7 |
)
|
|
|
516ee7 |
|
|
|
516ee7 |
- return documenter.page(self.server_title, documentation)
|
|
|
516ee7 |
+ title = _html_escape_quote(self.server_title)
|
|
|
516ee7 |
+ return documenter.page(title, documentation)
|
|
|
516ee7 |
|
|
|
516ee7 |
class DocXMLRPCRequestHandler(SimpleXMLRPCRequestHandler):
|
|
|
516ee7 |
"""XML-RPC and documentation request handler class.
|
|
|
516ee7 |
diff --git a/Lib/test/test_docxmlrpc.py b/Lib/test/test_docxmlrpc.py
|
|
|
516ee7 |
index 80d1803..d464ef8 100644
|
|
|
516ee7 |
--- a/Lib/test/test_docxmlrpc.py
|
|
|
516ee7 |
+++ b/Lib/test/test_docxmlrpc.py
|
|
|
516ee7 |
@@ -1,13 +1,11 @@
|
|
|
516ee7 |
from DocXMLRPCServer import DocXMLRPCServer
|
|
|
516ee7 |
import httplib
|
|
|
516ee7 |
+import re
|
|
|
516ee7 |
import sys
|
|
|
516ee7 |
from test import test_support
|
|
|
516ee7 |
threading = test_support.import_module('threading')
|
|
|
516ee7 |
-import time
|
|
|
516ee7 |
-import socket
|
|
|
516ee7 |
import unittest
|
|
|
516ee7 |
|
|
|
516ee7 |
-PORT = None
|
|
|
516ee7 |
|
|
|
516ee7 |
def make_request_and_skipIf(condition, reason):
|
|
|
516ee7 |
# If we skip the test, we have to make a request because the
|
|
|
516ee7 |
@@ -23,13 +21,10 @@ def make_request_and_skipIf(condition, reason):
|
|
|
516ee7 |
return decorator
|
|
|
516ee7 |
|
|
|
516ee7 |
|
|
|
516ee7 |
-def server(evt, numrequests):
|
|
|
516ee7 |
+def make_server():
|
|
|
516ee7 |
serv = DocXMLRPCServer(("localhost", 0), logRequests=False)
|
|
|
516ee7 |
|
|
|
516ee7 |
try:
|
|
|
516ee7 |
- global PORT
|
|
|
516ee7 |
- PORT = serv.socket.getsockname()[1]
|
|
|
516ee7 |
-
|
|
|
516ee7 |
# Add some documentation
|
|
|
516ee7 |
serv.set_server_title("DocXMLRPCServer Test Documentation")
|
|
|
516ee7 |
serv.set_server_name("DocXMLRPCServer Test Docs")
|
|
|
516ee7 |
@@ -56,42 +51,31 @@ def server(evt, numrequests):
|
|
|
516ee7 |
|
|
|
516ee7 |
serv.register_function(add)
|
|
|
516ee7 |
serv.register_function(lambda x, y: x-y)
|
|
|
516ee7 |
-
|
|
|
516ee7 |
- while numrequests > 0:
|
|
|
516ee7 |
- serv.handle_request()
|
|
|
516ee7 |
- numrequests -= 1
|
|
|
516ee7 |
- except socket.timeout:
|
|
|
516ee7 |
- pass
|
|
|
516ee7 |
- finally:
|
|
|
516ee7 |
+ return serv
|
|
|
516ee7 |
+ except:
|
|
|
516ee7 |
serv.server_close()
|
|
|
516ee7 |
- PORT = None
|
|
|
516ee7 |
- evt.set()
|
|
|
516ee7 |
+ raise
|
|
|
516ee7 |
|
|
|
516ee7 |
class DocXMLRPCHTTPGETServer(unittest.TestCase):
|
|
|
516ee7 |
def setUp(self):
|
|
|
516ee7 |
- self._threads = test_support.threading_setup()
|
|
|
516ee7 |
# Enable server feedback
|
|
|
516ee7 |
DocXMLRPCServer._send_traceback_header = True
|
|
|
516ee7 |
|
|
|
516ee7 |
- self.evt = threading.Event()
|
|
|
516ee7 |
- threading.Thread(target=server, args=(self.evt, 1)).start()
|
|
|
516ee7 |
-
|
|
|
516ee7 |
- # wait for port to be assigned
|
|
|
516ee7 |
- n = 1000
|
|
|
516ee7 |
- while n > 0 and PORT is None:
|
|
|
516ee7 |
- time.sleep(0.001)
|
|
|
516ee7 |
- n -= 1
|
|
|
516ee7 |
+ self.serv = make_server()
|
|
|
516ee7 |
+ self.thread = threading.Thread(target=self.serv.serve_forever)
|
|
|
516ee7 |
+ self.thread.start()
|
|
|
516ee7 |
|
|
|
516ee7 |
+ PORT = self.serv.server_address[1]
|
|
|
516ee7 |
self.client = httplib.HTTPConnection("localhost:%d" % PORT)
|
|
|
516ee7 |
|
|
|
516ee7 |
def tearDown(self):
|
|
|
516ee7 |
self.client.close()
|
|
|
516ee7 |
|
|
|
516ee7 |
- self.evt.wait()
|
|
|
516ee7 |
-
|
|
|
516ee7 |
# Disable server feedback
|
|
|
516ee7 |
DocXMLRPCServer._send_traceback_header = False
|
|
|
516ee7 |
- test_support.threading_cleanup(*self._threads)
|
|
|
516ee7 |
+ self.serv.shutdown()
|
|
|
516ee7 |
+ self.thread.join()
|
|
|
516ee7 |
+ self.serv.server_close()
|
|
|
516ee7 |
|
|
|
516ee7 |
def test_valid_get_response(self):
|
|
|
516ee7 |
self.client.request("GET", "/")
|
|
|
516ee7 |
@@ -194,6 +178,25 @@ class DocXMLRPCHTTPGETServer(unittest.TestCase):
|
|
|
516ee7 |
self.assertIn("""Try self.add, too.""",
|
|
|
516ee7 |
response.read())
|
|
|
516ee7 |
|
|
|
516ee7 |
+ def test_server_title_escape(self):
|
|
|
516ee7 |
+ """Test that the server title and documentation
|
|
|
516ee7 |
+ are escaped for HTML.
|
|
|
516ee7 |
+ """
|
|
|
516ee7 |
+ self.serv.set_server_title('test_title<script>')
|
|
|
516ee7 |
+ self.serv.set_server_documentation('test_documentation<script>')
|
|
|
516ee7 |
+ self.assertEqual('test_title<script>', self.serv.server_title)
|
|
|
516ee7 |
+ self.assertEqual('test_documentation<script>',
|
|
|
516ee7 |
+ self.serv.server_documentation)
|
|
|
516ee7 |
+
|
|
|
516ee7 |
+ generated = self.serv.generate_html_documentation()
|
|
|
516ee7 |
+ title = re.search(r'<title>(.+?)</title>', generated).group()
|
|
|
516ee7 |
+ documentation = re.search(r'<tt>(.+?)</tt> ', generated).group()
|
|
|
516ee7 |
+ self.assertEqual('<title>Python: test_title<script></title>',
|
|
|
516ee7 |
+ title)
|
|
|
516ee7 |
+ self.assertEqual('<tt>test_documentation<script></tt> ',
|
|
|
516ee7 |
+ documentation)
|
|
|
516ee7 |
+
|
|
|
516ee7 |
+
|
|
|
516ee7 |
def test_main():
|
|
|
516ee7 |
test_support.run_unittest(DocXMLRPCHTTPGETServer)
|
|
|
516ee7 |
|