[issue12129] Document Object Model API - validation
Kyle Keating
report at bugs.python.org
Thu Jun 2 19:10:40 CEST 2011
Kyle Keating <kkeating at gmail.com> added the comment:
This looks to break pretty good... I did confirm this on 3.0, I'm guessing 3.2 is the same.
import sys
import xml.dom
doc = xml.dom.getDOMImplementation().createDocument(None, 'xml', None)
doc.firstChild.appendChild(doc.createElement('element00'))
element01 = doc.createElement('element01')
element01.setAttribute('attribute', "script><![CDATA[alert('script!');]]></script>")
doc.firstChild.appendChild(element01)
element02 = doc.createElement("script><![CDATA[alert('script!');]]></script>")
doc.firstChild.appendChild(element02)
element03 = doc.createElement("new line \n")
element03.setAttribute('attribute-name','new line \n')
doc.firstChild.appendChild(element03)
print doc.toprettyxml(indent=" ")
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
output:
<?xml version="1.0" ?>
<xml>
<element/>
<element01 attribute="script><![CDATA[alert('script!');]]></script
>"/>
<script><![CDATA[alert('script!');]]></script>/>
<new line
attribute-name="new line
"/>
</xml>
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue12129>
_______________________________________
More information about the Python-bugs-list
mailing list