[New-bugs-announce] [issue25239] HTMLParser handle_starttag replaces entity references in attribute value even without semicolon
Sean Liu
report at bugs.python.org
Sat Sep 26 18:46:39 CEST 2015
New submission from Sean Liu:
In the document of HTMLParser.handle_starttag, it states "All entity references from html.entities are replaced in the attribute values." However it will replace the string if it matches ampersand followed by the entity name without the semicolon.
For example <a href="go?t=buy¤cy=usd">foo</a> will produce "t=buy¤cy=usd" as the value of href attribute due to "curren" is the entity name for the currency sign.
----------
components: Library (Lib)
files: parserentity.py
messages: 251654
nosy: Sean Liu
priority: normal
severity: normal
status: open
title: HTMLParser handle_starttag replaces entity references in attribute value even without semicolon
type: behavior
versions: Python 3.4
Added file: http://bugs.python.org/file40588/parserentity.py
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue25239>
_______________________________________
More information about the New-bugs-announce
mailing list