escape_html bulletproofing

apprise/URLBase.py

@@ -24,6 +24,7 @@
 # THE SOFTWARE.
 
 import re
+import six
 import logging
 from time import sleep
 from datetime import datetime
@@ -199,9 +200,8 @@ class URLBase(object):
         Returns:
             str: The escaped html
         """
-        if not html:
-            # nothing more to do; return object as is
-            return html
+        if not isinstance(html, six.string_types) or not html:
+            return ''
 
         # Escape HTML
         escaped = sax_escape(html, {"'": "'", "\"": """})

test/test_notify_base.py

@@ -196,6 +196,11 @@ def test_notify_base():
         '/path/?name=Dr%20Disrespect', unquote=True) == \
         ['path', '?name=Dr', 'Disrespect']
 
+    # Give nothing, get nothing
+    assert NotifyBase.escape_html("") == ""
+    assert NotifyBase.escape_html(None) == ""
+    assert NotifyBase.escape_html(object()) == ""
+
     # Test quote
     assert NotifyBase.unquote('%20') == ' '
     assert NotifyBase.quote(' ') == '%20'