CAMP/camp
1
0
Fork 0
Code Issues 3 Pull Requests Releases Wiki Activity

use lxml.html to sanitize html

Browse Source
This commit is contained in:
root 2018-08-22 16:40:49 +00:00
parent 3d84677b70
commit 0a6af695ec
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
content/models.py
View File

@ -11,9 +11,14 @@ from photologue.models import Photo, Gallery
from markdownx.models import MarkdownxField from markdownx.models import MarkdownxField
from markdownx.utils import markdownify from markdownx.utils import markdownify
import ox import ox
import lxml.html
# Create your models here. # Create your models here.
def sanitize_html(string):
return '\n'.join(lxml.html.tostring(x) for x in lxml.html.fragment_fromstring(string).iterchildren())
class Acrolike(models.Model): class Acrolike(models.Model):
title = models.CharField(max_length=255) title = models.CharField(max_length=255)
@ -114,7 +119,8 @@ class Content(models.Model):
if self.teaser: if self.teaser:
value = markdownify(self.teaser) value = markdownify(self.teaser)
elif self.header: elif self.header:
value = ox.sanitize_html(ox.decode_html(markdownify(self.header))) value = ox.decode_html(markdownify(self.header))
value = sanitize_html('<div>' + value + '</div>')
else: else:
value = '' value = ''
return mark_safe(value) return mark_safe(value)