Bug#952503: marked as done (Breaking change introduced in python3.7 3.7.6 breaks python-bleach)

Debian Bug Tracking System Wed, 03 Jun 2020 15:09:25 -0700

Your message dated Wed, 03 Jun 2020 22:06:05 +0000
with message-id <e1jgbwp-000ak0...@fasolo.debian.org>
and subject line Bug#962098: Removed package(s) from unstable
has caused the Debian Bug report #952503,
regarding Breaking change introduced in python3.7 3.7.6 breaks python-bleach
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
952503: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952503
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: src:python-bleach
Version: 3.1.0-2
Severity: serious
Tags: sid bullseye

python-bleach is failing the autopkg tests with Python 3.8:

[...]
autopkgtest [07:36:46]: test py3: [-----------------------
============================= test session starts ==============================
platform linux -- Python 3.8.1, pytest-4.6.9, py-1.8.0, pluggy-0.13.0
rootdir: /tmp/autopkgtest-lxc.l4h7ii7j/downtmp/build.VsR/src
collected 311 items

tests/test_callbacks.py ..........                                       [  3%]
tests/test_clean.py .................................................... [ 19%]
...............................................F.F.F.................... [ 43%]
......................                                                   [ 50%]
tests/test_css.py ........................                               [ 57%]
tests/test_html5lib_shim.py ...................                          [ 63%]
tests/test_linkify.py .................................................. [ 80%]
..................................................                       [ 96%]
tests/test_unicode.py .........                                          [ 99%]
tests/test_utils.py ...                                                  [100%]

=================================== FAILURES ===================================
_ test_uri_value_allowed_protocols[<a
href="example.com:8000">valid</a>-kwargs6-<a href="example.com:8000">valid</a>] 
_

data = '<a href="example.com:8000">valid</a>', kwargs = {'protocols': ['http']}
expected = '<a href="example.com:8000">valid</a>'

    @pytest.mark.parametrize('data, kwargs, expected', [
        # javascript: is not allowed by default
        (
            '<a href="javascript:alert(\'XSS\')">xss</a>',
            {},
            '<a>xss</a>'
        ),

        # File protocol is not allowed by default
        (
            '<a href="file:///tmp/foo">foo</a>',
            {},
            '<a>foo</a>'
        ),

        # Specified protocols are allowed
        (
            '<a href="myprotocol://more_text">allowed href</a>',
            {'protocols': ['myprotocol']},
            '<a href="myprotocol://more_text">allowed href</a>'
        ),

        # Unspecified protocols are not allowed
        (
            '<a href="http://example.com";>invalid href</a>',
            {'protocols': ['myprotocol']},
            '<a>invalid href</a>'
        ),

        # Anchors are ok
        (
            '<a href="#example.com">foo</a>',
            {'protocols': []},
            '<a href="#example.com">foo</a>'
        ),

        # Allow implicit http if allowed
        (
            '<a href="example.com">valid</a>',
            {'protocols': ['http']},
            '<a href="example.com">valid</a>'
        ),
        (
            '<a href="example.com:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="example.com:8000">valid</a>'
        ),
        (
            '<a href="localhost">valid</a>',
            {'protocols': ['http']},
            '<a href="localhost">valid</a>'
        ),
        (
            '<a href="localhost:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="localhost:8000">valid</a>'
        ),
        (
            '<a href="192.168.100.100">valid</a>',
            {'protocols': ['http']},
            '<a href="192.168.100.100">valid</a>'
        ),
        (
            '<a href="192.168.100.100:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="192.168.100.100:8000">valid</a>'
        ),

        # Disallow implicit http if disallowed
        (
            '<a href="example.com">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="example.com:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="localhost">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="localhost:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="192.168.100.100">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="192.168.100.100:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),

        # Disallowed protocols with sneaky character entities
        (
            '<a href="javas&#x09;cript:alert(1)">alert</a>',
            {},
            '<a>alert</a>'
        ),
        (
            '<a href="&#14;javascript:alert(1)">alert</a>',
            {},
            '<a>alert</a>'
        ),

        # Checking the uri should change it at all
        (
            '<a href="http://example.com/?foo&nbsp;bar";>foo</a>',
            {},
            '<a href="http://example.com/?foo&nbsp;bar";>foo</a>'
        ),
    ])
    def test_uri_value_allowed_protocols(data, kwargs, expected):
>       assert clean(data, **kwargs) == expected
E       assert '<a>valid</a>' == '<a href="example.com:8000">valid</a>'
E         - <a>valid</a>
E         + <a href="example.com:8000">valid</a>

tests/test_clean.py:676: AssertionError
_ test_uri_value_allowed_protocols[<a href="localhost:8000">valid</a>-kwargs8-<a
href="localhost:8000">valid</a>] _

data = '<a href="localhost:8000">valid</a>', kwargs = {'protocols': ['http']}
expected = '<a href="localhost:8000">valid</a>'

    @pytest.mark.parametrize('data, kwargs, expected', [
        # javascript: is not allowed by default
        (
            '<a href="javascript:alert(\'XSS\')">xss</a>',
            {},
            '<a>xss</a>'
        ),

        # File protocol is not allowed by default
        (
            '<a href="file:///tmp/foo">foo</a>',
            {},
            '<a>foo</a>'
        ),

        # Specified protocols are allowed
        (
            '<a href="myprotocol://more_text">allowed href</a>',
            {'protocols': ['myprotocol']},
            '<a href="myprotocol://more_text">allowed href</a>'
        ),

        # Unspecified protocols are not allowed
        (
            '<a href="http://example.com";>invalid href</a>',
            {'protocols': ['myprotocol']},
            '<a>invalid href</a>'
        ),

        # Anchors are ok
        (
            '<a href="#example.com">foo</a>',
            {'protocols': []},
            '<a href="#example.com">foo</a>'
        ),

        # Allow implicit http if allowed
        (
            '<a href="example.com">valid</a>',
            {'protocols': ['http']},
            '<a href="example.com">valid</a>'
        ),
        (
            '<a href="example.com:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="example.com:8000">valid</a>'
        ),
        (
            '<a href="localhost">valid</a>',
            {'protocols': ['http']},
            '<a href="localhost">valid</a>'
        ),
        (
            '<a href="localhost:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="localhost:8000">valid</a>'
        ),
        (
            '<a href="192.168.100.100">valid</a>',
            {'protocols': ['http']},
            '<a href="192.168.100.100">valid</a>'
        ),
        (
            '<a href="192.168.100.100:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="192.168.100.100:8000">valid</a>'
        ),

        # Disallow implicit http if disallowed
        (
            '<a href="example.com">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="example.com:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="localhost">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="localhost:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="192.168.100.100">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="192.168.100.100:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),

        # Disallowed protocols with sneaky character entities
        (
            '<a href="javas&#x09;cript:alert(1)">alert</a>',
            {},
            '<a>alert</a>'
        ),
        (
            '<a href="&#14;javascript:alert(1)">alert</a>',
            {},
            '<a>alert</a>'
        ),

        # Checking the uri should change it at all
        (
            '<a href="http://example.com/?foo&nbsp;bar";>foo</a>',
            {},
            '<a href="http://example.com/?foo&nbsp;bar";>foo</a>'
        ),
    ])
    def test_uri_value_allowed_protocols(data, kwargs, expected):
>       assert clean(data, **kwargs) == expected
E       assert '<a>valid</a>' == '<a href="localhost:8000">valid</a>'
E         - <a>valid</a>
E         + <a href="localhost:8000">valid</a>

tests/test_clean.py:676: AssertionError
_ test_uri_value_allowed_protocols[<a
href="192.168.100.100:8000">valid</a>-kwargs10-<a
href="192.168.100.100:8000">valid</a>] _

data = '<a href="192.168.100.100:8000">valid</a>'
kwargs = {'protocols': ['http']}
expected = '<a href="192.168.100.100:8000">valid</a>'

    @pytest.mark.parametrize('data, kwargs, expected', [
        # javascript: is not allowed by default
        (
            '<a href="javascript:alert(\'XSS\')">xss</a>',
            {},
            '<a>xss</a>'
        ),

        # File protocol is not allowed by default
        (
            '<a href="file:///tmp/foo">foo</a>',
            {},
            '<a>foo</a>'
        ),

        # Specified protocols are allowed
        (
            '<a href="myprotocol://more_text">allowed href</a>',
            {'protocols': ['myprotocol']},
            '<a href="myprotocol://more_text">allowed href</a>'
        ),

        # Unspecified protocols are not allowed
        (
            '<a href="http://example.com";>invalid href</a>',
            {'protocols': ['myprotocol']},
            '<a>invalid href</a>'
        ),

        # Anchors are ok
        (
            '<a href="#example.com">foo</a>',
            {'protocols': []},
            '<a href="#example.com">foo</a>'
        ),

        # Allow implicit http if allowed
        (
            '<a href="example.com">valid</a>',
            {'protocols': ['http']},
            '<a href="example.com">valid</a>'
        ),
        (
            '<a href="example.com:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="example.com:8000">valid</a>'
        ),
        (
            '<a href="localhost">valid</a>',
            {'protocols': ['http']},
            '<a href="localhost">valid</a>'
        ),
        (
            '<a href="localhost:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="localhost:8000">valid</a>'
        ),
        (
            '<a href="192.168.100.100">valid</a>',
            {'protocols': ['http']},
            '<a href="192.168.100.100">valid</a>'
        ),
        (
            '<a href="192.168.100.100:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="192.168.100.100:8000">valid</a>'
        ),

        # Disallow implicit http if disallowed
        (
            '<a href="example.com">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="example.com:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="localhost">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="localhost:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="192.168.100.100">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="192.168.100.100:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),

        # Disallowed protocols with sneaky character entities
        (
            '<a href="javas&#x09;cript:alert(1)">alert</a>',
            {},
            '<a>alert</a>'
        ),
        (
            '<a href="&#14;javascript:alert(1)">alert</a>',
            {},
            '<a>alert</a>'
        ),

        # Checking the uri should change it at all
        (
            '<a href="http://example.com/?foo&nbsp;bar";>foo</a>',
            {},
            '<a href="http://example.com/?foo&nbsp;bar";>foo</a>'
        ),
    ])
    def test_uri_value_allowed_protocols(data, kwargs, expected):
>       assert clean(data, **kwargs) == expected
E       assert '<a>valid</a>' == '<a href="192.168.100.100:8000">valid</a>'
E         - <a>valid</a>
E         + <a href="192.168.100.100:8000">valid</a>

tests/test_clean.py:676: AssertionError
=============================== warnings summary ===============================
/usr/lib/python3/dist-packages/html5lib/_trie/_base.py:3
  /usr/lib/python3/dist-packages/html5lib/_trie/_base.py:3: DeprecationWarning:
Using or importing the ABCs from 'collections' instead of from 'collections.abc'
is deprecated since Python 3.3, and in 3.9 it will stop working
    from collections import Mapping

-- Docs: https://docs.pytest.org/en/latest/warnings.html
=============== 3 failed, 308 passed, 1 warnings in 1.03 seconds ===============
============================= test session starts ==============================
platform linux -- Python 3.7.6, pytest-4.6.9, py-1.8.0, pluggy-0.13.0
rootdir: /tmp/autopkgtest-lxc.l4h7ii7j/downtmp/build.VsR/src
collected 311 items

tests/test_callbacks.py ..........                                       [  3%]
tests/test_clean.py .................................................... [ 19%]
...............................................F.F.F.................... [ 43%]
......................                                                   [ 50%]
tests/test_css.py ........................                               [ 57%]
tests/test_html5lib_shim.py ...................                          [ 63%]
tests/test_linkify.py .................................................. [ 80%]
..................................................                       [ 96%]
tests/test_unicode.py .........                                          [ 99%]
tests/test_utils.py ...                                                  [100%]

=================================== FAILURES ===================================
_ test_uri_value_allowed_protocols[<a
href="example.com:8000">valid</a>-kwargs6-<a href="example.com:8000">valid</a>] 
_

data = '<a href="example.com:8000">valid</a>', kwargs = {'protocols': ['http']}
expected = '<a href="example.com:8000">valid</a>'

    @pytest.mark.parametrize('data, kwargs, expected', [
        # javascript: is not allowed by default
        (
            '<a href="javascript:alert(\'XSS\')">xss</a>',
            {},
            '<a>xss</a>'
        ),

        # File protocol is not allowed by default
        (
            '<a href="file:///tmp/foo">foo</a>',
            {},
            '<a>foo</a>'
        ),

        # Specified protocols are allowed
        (
            '<a href="myprotocol://more_text">allowed href</a>',
            {'protocols': ['myprotocol']},
            '<a href="myprotocol://more_text">allowed href</a>'
        ),

        # Unspecified protocols are not allowed
        (
            '<a href="http://example.com";>invalid href</a>',
            {'protocols': ['myprotocol']},
            '<a>invalid href</a>'
        ),

        # Anchors are ok
        (
            '<a href="#example.com">foo</a>',
            {'protocols': []},
            '<a href="#example.com">foo</a>'
        ),

        # Allow implicit http if allowed
        (
            '<a href="example.com">valid</a>',
            {'protocols': ['http']},
            '<a href="example.com">valid</a>'
        ),
        (
            '<a href="example.com:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="example.com:8000">valid</a>'
        ),
        (
            '<a href="localhost">valid</a>',
            {'protocols': ['http']},
            '<a href="localhost">valid</a>'
        ),
        (
            '<a href="localhost:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="localhost:8000">valid</a>'
        ),
        (
            '<a href="192.168.100.100">valid</a>',
            {'protocols': ['http']},
            '<a href="192.168.100.100">valid</a>'
        ),
        (
            '<a href="192.168.100.100:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="192.168.100.100:8000">valid</a>'
        ),

        # Disallow implicit http if disallowed
        (
            '<a href="example.com">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="example.com:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="localhost">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="localhost:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="192.168.100.100">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="192.168.100.100:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),

        # Disallowed protocols with sneaky character entities
        (
            '<a href="javas&#x09;cript:alert(1)">alert</a>',
            {},
            '<a>alert</a>'
        ),
        (
            '<a href="&#14;javascript:alert(1)">alert</a>',
            {},
            '<a>alert</a>'
        ),

        # Checking the uri should change it at all
        (
            '<a href="http://example.com/?foo&nbsp;bar";>foo</a>',
            {},
            '<a href="http://example.com/?foo&nbsp;bar";>foo</a>'
        ),
    ])
    def test_uri_value_allowed_protocols(data, kwargs, expected):
>       assert clean(data, **kwargs) == expected
E       assert '<a>valid</a>' == '<a href="example.com:8000">valid</a>'
E         - <a>valid</a>
E         + <a href="example.com:8000">valid</a>

tests/test_clean.py:676: AssertionError
_ test_uri_value_allowed_protocols[<a href="localhost:8000">valid</a>-kwargs8-<a
href="localhost:8000">valid</a>] _

data = '<a href="localhost:8000">valid</a>', kwargs = {'protocols': ['http']}
expected = '<a href="localhost:8000">valid</a>'

    @pytest.mark.parametrize('data, kwargs, expected', [
        # javascript: is not allowed by default
        (
            '<a href="javascript:alert(\'XSS\')">xss</a>',
            {},
            '<a>xss</a>'
        ),

        # File protocol is not allowed by default
        (
            '<a href="file:///tmp/foo">foo</a>',
            {},
            '<a>foo</a>'
        ),

        # Specified protocols are allowed
        (
            '<a href="myprotocol://more_text">allowed href</a>',
            {'protocols': ['myprotocol']},
            '<a href="myprotocol://more_text">allowed href</a>'
        ),

        # Unspecified protocols are not allowed
        (
            '<a href="http://example.com";>invalid href</a>',
            {'protocols': ['myprotocol']},
            '<a>invalid href</a>'
        ),

        # Anchors are ok
        (
            '<a href="#example.com">foo</a>',
            {'protocols': []},
            '<a href="#example.com">foo</a>'
        ),

        # Allow implicit http if allowed
        (
            '<a href="example.com">valid</a>',
            {'protocols': ['http']},
            '<a href="example.com">valid</a>'
        ),
        (
            '<a href="example.com:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="example.com:8000">valid</a>'
        ),
        (
            '<a href="localhost">valid</a>',
            {'protocols': ['http']},
            '<a href="localhost">valid</a>'
        ),
        (
            '<a href="localhost:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="localhost:8000">valid</a>'
        ),
        (
            '<a href="192.168.100.100">valid</a>',
            {'protocols': ['http']},
            '<a href="192.168.100.100">valid</a>'
        ),
        (
            '<a href="192.168.100.100:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="192.168.100.100:8000">valid</a>'
        ),

        # Disallow implicit http if disallowed
        (
            '<a href="example.com">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="example.com:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="localhost">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="localhost:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="192.168.100.100">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="192.168.100.100:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),

        # Disallowed protocols with sneaky character entities
        (
            '<a href="javas&#x09;cript:alert(1)">alert</a>',
            {},
            '<a>alert</a>'
        ),
        (
            '<a href="&#14;javascript:alert(1)">alert</a>',
            {},
            '<a>alert</a>'
        ),

        # Checking the uri should change it at all
        (
            '<a href="http://example.com/?foo&nbsp;bar";>foo</a>',
            {},
            '<a href="http://example.com/?foo&nbsp;bar";>foo</a>'
        ),
    ])
    def test_uri_value_allowed_protocols(data, kwargs, expected):
>       assert clean(data, **kwargs) == expected
E       assert '<a>valid</a>' == '<a href="localhost:8000">valid</a>'
E         - <a>valid</a>
E         + <a href="localhost:8000">valid</a>

tests/test_clean.py:676: AssertionError
_ test_uri_value_allowed_protocols[<a
href="192.168.100.100:8000">valid</a>-kwargs10-<a
href="192.168.100.100:8000">valid</a>] _

data = '<a href="192.168.100.100:8000">valid</a>'
kwargs = {'protocols': ['http']}
expected = '<a href="192.168.100.100:8000">valid</a>'

    @pytest.mark.parametrize('data, kwargs, expected', [
        # javascript: is not allowed by default
        (
            '<a href="javascript:alert(\'XSS\')">xss</a>',
            {},
            '<a>xss</a>'
        ),

        # File protocol is not allowed by default
        (
            '<a href="file:///tmp/foo">foo</a>',
            {},
            '<a>foo</a>'
        ),

        # Specified protocols are allowed
        (
            '<a href="myprotocol://more_text">allowed href</a>',
            {'protocols': ['myprotocol']},
            '<a href="myprotocol://more_text">allowed href</a>'
        ),

        # Unspecified protocols are not allowed
        (
            '<a href="http://example.com";>invalid href</a>',
            {'protocols': ['myprotocol']},
            '<a>invalid href</a>'
        ),

        # Anchors are ok
        (
            '<a href="#example.com">foo</a>',
            {'protocols': []},
            '<a href="#example.com">foo</a>'
        ),

        # Allow implicit http if allowed
        (
            '<a href="example.com">valid</a>',
            {'protocols': ['http']},
            '<a href="example.com">valid</a>'
        ),
        (
            '<a href="example.com:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="example.com:8000">valid</a>'
        ),
        (
            '<a href="localhost">valid</a>',
            {'protocols': ['http']},
            '<a href="localhost">valid</a>'
        ),
        (
            '<a href="localhost:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="localhost:8000">valid</a>'
        ),
        (
            '<a href="192.168.100.100">valid</a>',
            {'protocols': ['http']},
            '<a href="192.168.100.100">valid</a>'
        ),
        (
            '<a href="192.168.100.100:8000">valid</a>',
            {'protocols': ['http']},
            '<a href="192.168.100.100:8000">valid</a>'
        ),

        # Disallow implicit http if disallowed
        (
            '<a href="example.com">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="example.com:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="localhost">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="localhost:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="192.168.100.100">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),
        (
            '<a href="192.168.100.100:8000">foo</a>',
            {'protocols': []},
            '<a>foo</a>'
        ),

        # Disallowed protocols with sneaky character entities
        (
            '<a href="javas&#x09;cript:alert(1)">alert</a>',
            {},
            '<a>alert</a>'
        ),
        (
            '<a href="&#14;javascript:alert(1)">alert</a>',
            {},
            '<a>alert</a>'
        ),

        # Checking the uri should change it at all
        (
            '<a href="http://example.com/?foo&nbsp;bar";>foo</a>',
            {},
            '<a href="http://example.com/?foo&nbsp;bar";>foo</a>'
        ),
    ])
    def test_uri_value_allowed_protocols(data, kwargs, expected):
>       assert clean(data, **kwargs) == expected
E       assert '<a>valid</a>' == '<a href="192.168.100.100:8000">valid</a>'
E         - <a>valid</a>
E         + <a href="192.168.100.100:8000">valid</a>

tests/test_clean.py:676: AssertionError

--- End Message ---

--- Begin Message ---

Version: 3.7.7-1+rm

Dear submitter,

as the package python3.7 has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/962098

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

Please note that the changes have been done on the master archive and
will not propagate to any mirrors until the next dinstall run at the
earliest.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)

--- End Message ---

Bug#952503: marked as done (Breaking change introduced in python3.7 3.7.6 breaks python-bleach)

Reply via email to