[BUG] Bleach 6.0.0 breaks escape method at mezzanine/utils/html.py

[dbeltra]

Is there an existing issue for this?

• I have searched the existing Issues

Current Behavior

When trying to save a rich text page you get the following error:

TypeError: unsupported operand type(s) for +: 'frozenset' and 'list'

Expected Behavior

The page should be saved without errors

Steps To Reproduce

1. Install Mezzanine 6.0.0 and bleach 6.0.0
2. Create a new project and try to save a page

Environment

* Mezzanine 6.0.0
* Django 4.1.7
* Python 3.8.13
* SQLite 3.38.5
* Darwin 21.4.0

Anything else?

On the latest bleach release, ALLOWED_PROTOCOLS has been changed from list to a frozenset, this is the specific commit: mozilla/bleach@29231a1

This makes this code (https://github.com/stephenmcd/mezzanine/blob/master/mezzanine/utils/html.py#L113) crash:
protocols=ALLOWED_PROTOCOLS + ["tel"] since lists and frozensets can't be added

Downgrading to bleach==5.0.1 fixes the issue.

[Dziugas]

Yup, ran into this one too.

[andr0s]

Yep same

[LordVan]

I just changed line 113 to this and it seems to work so far:
protocols=list(ALLOWED_PROTOCOLS) + ["tel"],

[v6]

Same env same bug, found LordVan's write up here and it fixed it:

https://blog.lordvan.com/blog/upgrading-mezzanine-forced-to-due-to-move-to-python310/

Maybe worth a PR? Or is there a good reason we can't list() this?

[henri-hulski]

This is fixed in Mezzanine 6.0.1.