Fix entities inside a tags in linkification (#704)

mozilla · Oct 6, 2023 · b56aa7c · b56aa7c
1 parent 6f0aaaa
commit b56aa7c
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/bleach/linkifier.py b/bleach/linkifier.py
@@ -591,7 +591,7 @@ def __iter__(self):
                     in_a = False
                     token_buffer = []
                 else:
-                    token_buffer.append(token)
+                    token_buffer.extend(list(self.extract_entities(token)))
                 continue
 
             if token["type"] in ["StartTag", "EmptyTag"]:

diff --git a/tests/test_linkify.py b/tests/test_linkify.py
@@ -323,16 +323,26 @@ def test_link_fragment():
 
 
 def test_link_entities_in_qs():
+    """Entities in the querystring get escaped"""
     assert (
         linkify("http://xx.com/?a=1&b=2")
         == '<a href="http://xx.com/?a=1&amp;b=2" rel="nofollow">http://xx.com/?a=1&amp;b=2</a>'
     )
 
 
 def test_link_entities_in_characters_token():
+    """Entitites in a Characters token don't get escaped"""
     assert linkify("foo &nbsp; bar") == "foo &nbsp; bar"
 
 
+def test_link_entities_in_a_tag():
+    """Entitites between an a start tag and an a end tag don't get escaped"""
+    assert (
+        linkify('<a href="/">Some&nbsp;entity&rsquo;s</a>', callbacks=[])
+        == '<a href="/">Some&nbsp;entity&rsquo;s</a>'
+    )
+
+
 def test_escaped_html():
     """If I pass in escaped HTML, it should probably come out escaped."""
     s = "&lt;em&gt;strong&lt;/em&gt;"