update to latest html5lib

Author: ikirudennis

requirements.txt

@@ -1,2 +1,2 @@
-html5lib==0.999
+html5lib>=1.0b10
 Pillow==3.0.0

tests/test_textile.py

@@ -71,16 +71,16 @@ def test_sanitize():
         expect = textile.Textile().parse(test, sanitize=True)
         assert result == expect
 
-        test = """<p style="width: expression(alert('evil'));">a paragraph of evil text</p>"""
-        result = '<p style="">a paragraph of evil text</p>'
+        test = """<p onclick="alert('evil');">a paragraph of evil text</p>"""
+        result = '<p>a paragraph of evil text</p>'
         expect = textile.Textile().parse(test, sanitize=True)
         assert result == expect
 
         test = """<p>a paragraph of benign text<br />and more text</p>"""
         result = '<p>a paragraph of benign text<br />\nand more text</p>'
         expect = textile.Textile(html_type='html5').parse(test, sanitize=True)
         assert result == expect
-    except Exception as e:
+    except ImportError as e:
         message = '{0}'.format(e)
         assert "html5lib not available" in message
 

textile/tools/sanitizer.py

@@ -4,17 +4,11 @@ def sanitize(string):
     break the page.
     """
     try:
-        import html5lib
-        from html5lib import sanitizer, serializer, treewalkers
+        from html5lib import parseFragment, serialize
     except ImportError:
         raise Exception("html5lib not available")
 
-    p = html5lib.HTMLParser(tokenizer=sanitizer.HTMLSanitizer)
-    tree = p.parseFragment(string)
-
-    walker = treewalkers.getTreeWalker("etree")
-    stream = walker(tree)
-
-    s = serializer.htmlserializer.HTMLSerializer(omit_optional_tags=False,
-            quote_attr_values=True)
-    return s.render(stream)
+    parsed = parseFragment(string)
+    clean = serialize(parsed, sanitize=True, omit_optional_tags=False,
+                      quote_attr_values='always')
+    return clean