gh-149468: Add option to validate ElementTree during serialization#149469
Open
serhiy-storchaka wants to merge 3 commits into
Open
gh-149468: Add option to validate ElementTree during serialization#149469serhiy-storchaka wants to merge 3 commits into
serhiy-storchaka wants to merge 3 commits into
Conversation
Member
Author
|
This PR also fixes some bugs in serialization to HTML. I am going to extract them into separate issue before merging this PR. But for now, it is more convenient to review them together. |
sethmlarson
reviewed
May 6, 2026
| @@ -0,0 +1,3 @@ | |||
| Add the *validate* option to :mod:`xml.etree.ElementTree` serialization | |||
| functions, which allows to validate the element or element tree before | |||
Contributor
There was a problem hiding this comment.
Suggestion on wording: "...which validates the element or element tree names and values only contain allowed/escaped characters prior to serialization"
merwok
reviewed
May 6, 2026
serhiy-storchaka
requested review from
a team,
FFY00,
ZeroIntensity,
corona10,
emmatyping,
encukou,
ericsnowcurrently and
erlend-aasland
as code owners
* The content of comments, processing instructions and elements "xmp", "iframe", "noembed", "noframes", and "plaintext" is no longer escaped. * The "plaintext" element no longer have the closing tag. * Add support of empty attributes (with value None).
serhiy-storchaka
force-pushed
the
xml-etree-validate
branch
from
73e1b24 to
a134c0b
Compare
Member
Author
|
Rebased it onto #149490. |
vstinner
reviewed
May 13, 2026
|
|
||
|
|
||
| xml.etree.ElementTree | ||
| --------------------- |
Member
There was a problem hiding this comment.
You should now move this entry to Doc/whatsnew/3.16.rst.
serhiy-storchaka
force-pushed
the
xml-etree-validate
branch
from
ca19970 to
c81fe70
Compare
| generate a Unicode string (otherwise, a bytestring is generated). *method* | ||
| is either ``"xml"``, ``"html"`` or ``"text"`` (default is ``"xml"``). | ||
| *xml_declaration*, *default_namespace* and *short_empty_elements* has the same | ||
| *xml_declaration*, *default_namespace*, *validate* and *short_empty_elements* has the same |
Member
There was a problem hiding this comment.
Suggested change
| *xml_declaration*, *default_namespace*, *validate* and *short_empty_elements* has the same | |
| *xml_declaration*, *default_namespace*, *validate* and *short_empty_elements* have the same |
| generate a Unicode string (otherwise, a bytestring is generated). *method* | ||
| is either ``"xml"``, ``"html"`` or ``"text"`` (default is ``"xml"``). | ||
| *xml_declaration*, *default_namespace* and *short_empty_elements* has the same | ||
| *xml_declaration*, *default_namespace*, *validate* and *short_empty_elements* has the same |
Member
There was a problem hiding this comment.
Suggested change
| *xml_declaration*, *default_namespace*, *validate* and *short_empty_elements* has the same | |
| *xml_declaration*, *default_namespace*, *validate* and *short_empty_elements* have the same |
Comment on lines
+758
to
761
| .. versionchanged:: next | ||
| Added the *validate* parameter. | ||
|
|
||
| .. versionchanged:: 3.8 |
Member
There was a problem hiding this comment.
Suggested change
| .. versionchanged:: next | |
| Added the *validate* parameter. | |
| .. versionchanged:: 3.8 | |
| .. versionchanged:: 3.8 |
This is duplicated below.
Comment on lines
+1210
to
+1215
| If *validate* is true, check that all characters are legal XML or HTML | ||
| characters, depending on *method*, element and attribute names are | ||
| valid, and the content of comments, processing instructions and | ||
| HTML elements like ``<script>`` do not contain illegal sequences, | ||
| and raise :exc:`ValueError` otherwise. | ||
| By default, no validation is performed. |
Member
There was a problem hiding this comment.
This sentence is a bit of a mouthful, but it's a nice compromise between conciseness and clarity.
It could be improved with a couple of minor tweaks:
Suggested change
| If *validate* is true, check that all characters are legal XML or HTML | |
| characters, depending on *method*, element and attribute names are | |
| valid, and the content of comments, processing instructions and | |
| HTML elements like ``<script>`` do not contain illegal sequences, | |
| and raise :exc:`ValueError` otherwise. | |
| By default, no validation is performed. | |
| If *validate* is true, check that all characters are legal XML or HTML | |
| characters (depending on *method*), that element and attribute names are | |
| valid, and that the content of comments, processing instructions and | |
| HTML elements like ``<script>`` do not contain illegal sequences. | |
| Raise :exc:`ValueError` if any check fails. | |
| By default, or if *method* is ``"text"``, no validation is performed. |
or (if the method applies to all checks):
Suggested change
| If *validate* is true, check that all characters are legal XML or HTML | |
| characters, depending on *method*, element and attribute names are | |
| valid, and the content of comments, processing instructions and | |
| HTML elements like ``<script>`` do not contain illegal sequences, | |
| and raise :exc:`ValueError` otherwise. | |
| By default, no validation is performed. | |
| If *validate* is true, check that all characters are legal, | |
| that element and attribute names are valid, and that the content | |
| of comments, processing instructions and HTML elements | |
| like ``<script>`` do not contain illegal sequences according | |
| to the selected *method* (``"xml"`` or ``"html"``). | |
| Raise :exc:`ValueError` if any check fails. | |
| By default, or if *method* is ``"text"``, no validation is performed. |
Another option is to list the checks:
Suggested change
| If *validate* is true, check that all characters are legal XML or HTML | |
| characters, depending on *method*, element and attribute names are | |
| valid, and the content of comments, processing instructions and | |
| HTML elements like ``<script>`` do not contain illegal sequences, | |
| and raise :exc:`ValueError` otherwise. | |
| By default, no validation is performed. | |
| If *validate* is true and *method* is either ``"xml"`` or ``"html"``, | |
| check that: | |
| * all characters are legal XML or HTML characters | |
| * element and attribute names are valid | |
| * the content of comments, processing instructions and HTML elements | |
| like ``<script>`` do not contain illegal sequences | |
| and raise :exc:`ValueError` otherwise. | |
| By default, or if *method* is ``"text"``, no validation is performed. |
Comment on lines
+1478
to
+1480
| self.check(ET.Element(ET.QName('\ufffe', 'tag'))) | ||
|
|
||
| class HTMLValidationTest(unittest.TestCase): |
Member
There was a problem hiding this comment.
Suggested change
| self.check(ET.Element(ET.QName('\ufffe', 'tag'))) | |
| class HTMLValidationTest(unittest.TestCase): | |
| self.check(ET.Element(ET.QName('\ufffe', 'tag'))) | |
| class HTMLValidationTest(unittest.TestCase): |
Comment on lines
+1429
to
+1435
| def test_invalid_attr_value(self): | ||
| self.check(ET.Element('tag', attrib={'key': '\x00'})) | ||
| self.check(ET.Element('tag', attrib={'key': '\ud8ff'})) | ||
| self.check(ET.Element('tag', attrib={'key': '\ufffe'})) | ||
| self.check(ET.Element('tag', attrib={'key': ET.QName('\x00')})) | ||
| self.check(ET.Element('tag', attrib={'key': ET.QName('\ud8ff')})) | ||
| self.check(ET.Element('tag', attrib={'key': ET.QName('\ufffe')})) |
Member
There was a problem hiding this comment.
This and several other methods could use subTests if you think it's an improvement, e.g.:
Suggested change
| def test_invalid_attr_value(self): | |
| self.check(ET.Element('tag', attrib={'key': '\x00'})) | |
| self.check(ET.Element('tag', attrib={'key': '\ud8ff'})) | |
| self.check(ET.Element('tag', attrib={'key': '\ufffe'})) | |
| self.check(ET.Element('tag', attrib={'key': ET.QName('\x00')})) | |
| self.check(ET.Element('tag', attrib={'key': ET.QName('\ud8ff')})) | |
| self.check(ET.Element('tag', attrib={'key': ET.QName('\ufffe')})) | |
| @support.subTests('value', ('\x00', '\ud8ff', '\ufffe')) | |
| def test_invalid_attr_value(self, value): | |
| self.check(ET.Element('tag', attrib={'key': value})) | |
| self.check(ET.Element('tag', attrib={'key': ET.QName(value)})) |
Comment on lines
+1574
to
1576
| self.check(elem) | ||
|
|
||
| class IterparseTest(unittest.TestCase): |
Member
There was a problem hiding this comment.
Suggested change
| self.check(elem) | |
| class IterparseTest(unittest.TestCase): | |
| self.check(elem) | |
| class IterparseTest(unittest.TestCase): |
| write("<!--%s-->" % text) | ||
| elif tag is ProcessingInstruction: | ||
| if validate: | ||
| m = re.search('[ \t\r\n]', text) |
| if text: | ||
| if validate: | ||
| if '\0' in text: | ||
| raise ValueError('invalid characters') |
Member
There was a problem hiding this comment.
Suggested change
| raise ValueError('invalid characters') | |
| raise ValueError('invalid character ("\\0")') |
Similarly the other error messages could specify what is invalid.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.