pool/python-mistune
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Add 295-overagreesive-escape_url.patch make

Browse Source 
mistune.util.escape_url less aggressive
  (gh#lepture/mistune#295).

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mistune?expand=0&rev=37
This commit is contained in:
Matej Cepl 2022-01-06 19:51:38 +00:00 committed by Git OBS Bridge
parent 7ad293b1aa
commit 0793a0bfd3
3 changed files with 45 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
295-overagreesive-escape_url.patch Normal file
View File

@ -0,0 +1,34 @@
From fc2cd53d7698e432ab5b250ffac53458263a49e2 Mon Sep 17 00:00:00 2001
From: Jeff Dairiki <dairiki@dairiki.org>
Date: Thu, 6 Jan 2022 09:30:32 -0800
Subject: [PATCH] Make mistune.util.escape_url less aggressive
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This adds ';', '!', and '$' to the set of characters which will be
passed unmolested by escape_url. These are all in RFC 3986 reserved
character list — that is to say: escaping these may change the meaning
of a URL.
---
mistune/util.py | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/mistune/util.py b/mistune/util.py
index 192f6ef..f99fe37 100644
--- a/mistune/util.py
+++ b/mistune/util.py
@@ -20,7 +20,12 @@ def escape(s, quote=True):
def escape_url(link):
- safe = '/#:()*?=%@+,&'
+ safe = (
+ ':/?#@' # gen-delims - '[]' (rfc3986)
+ '!$&()*+,;=' # sub-delims - "'" (rfc3986)
+ '%' # leave already-encoded octets alone
+ )
+
if html is None:
return quote(link.encode('utf-8'), safe=safe)
return html.escape(quote(html.unescape(link), safe=safe))

7
python-mistune.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Thu Jan 6 19:50:25 UTC 2022 - Matej Cepl <mcepl@suse.com>
- Add 295-overagreesive-escape_url.patch make
mistune.util.escape_url less aggressive
(gh#lepture/mistune#295).
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Dec 31 17:09:33 UTC 2021 - Ben Greiner <code@bnavigator.de> Fri Dec 31 17:09:33 UTC 2021 - Ben Greiner <code@bnavigator.de>

5
python-mistune.spec
View File

@ -1,7 +1,7 @@
# #
# spec file # spec file
# #
# Copyright (c) 2021 SUSE LLC # Copyright (c) 2022 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -27,6 +27,9 @@ License: BSD-3-Clause
Group: Development/Languages/Python Group: Development/Languages/Python
URL: https://github.com/lepture/mistune URL: https://github.com/lepture/mistune
Source: https://github.com/lepture/%{modname}/archive/refs/tags/v%{version}.tar.gz#/%{modname}-%{version}.tar.gz Source: https://github.com/lepture/%{modname}/archive/refs/tags/v%{version}.tar.gz#/%{modname}-%{version}.tar.gz
# PATCH-FIX-UPSTREAM 295-overagreesive-escape_url.patch gh#lepture/mistune#295 mcepl@suse.com
# Make mistune.util.escape_url less aggressive
Patch0: 295-overagreesive-escape_url.patch
BuildRequires: %{python_module pip} BuildRequires: %{python_module pip}
BuildRequires: %{python_module pytest} BuildRequires: %{python_module pytest}
BuildRequires: %{python_module setuptools} BuildRequires: %{python_module setuptools}