Mercurial > libervia-backend

comparison src/plugins/plugin_misc_text_syntaxes.py @ 674:fb0b1100c908

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
plugin text_syntaxes: fixed clean_xhml (it now return XHTML instead of HTML)
author Goffi <goffi@goffi.org>
date Sat, 09 Nov 2013 10:16:35 +0100
parents 6a64e0a759e6
children e98db42cd78c
comparison
equal deleted inserted replaced
673:903c4749de15 674:fb0b1100c908
20 from logging import debug, info, error 20 from logging import debug, info, error
21 21
22 from wokkel import disco, pubsub 22 from wokkel import disco, pubsub
23 from twisted.internet import defer 23 from twisted.internet import defer
24 from twisted.internet.threads import deferToThread 24 from twisted.internet.threads import deferToThread
25 from lxml.html import defs, clean 25 from lxml import html
26 from lxml.html import clean
27
26 28
27 CATEGORY = "Composition" 29 CATEGORY = "Composition"
28 NAME = "Syntax" 30 NAME = "Syntax"
29 _SYNTAX_XHTML = "XHTML" 31 _SYNTAX_XHTML = "XHTML"
30 32
121 def clean_xhtml(self, xhtml): 123 def clean_xhtml(self, xhtml):
122 """ Clean XHTML text by removing potentially dangerous/malicious parts 124 """ Clean XHTML text by removing potentially dangerous/malicious parts
123 @param xhtml: raw xhtml text to clean 125 @param xhtml: raw xhtml text to clean
124 """ 126 """
125 # FIXME: styles are allowed but not cleaned, they have to be cleaned (whitelist ? cssutils ?) ! 127 # FIXME: styles are allowed but not cleaned, they have to be cleaned (whitelist ? cssutils ?) !
126 safe_attrs = defs.safe_attrs.union(('style',)) 128 def blocking_cleaning(xhtml):
127 cleaner = clean.Cleaner(style=False, 129 safe_attrs = html.defs.safe_attrs.union(('style',))
128 add_nofollow=False, 130 xhtml_elt = html.fromstring(xhtml)
129 safe_attrs=safe_attrs) 131 cleaner = clean.Cleaner(style=False,
130 d = deferToThread(cleaner.clean_html, xhtml) 132 add_nofollow=False,
133 safe_attrs=safe_attrs)
134 return html.tostring(cleaner.clean_html(xhtml_elt), method='xml')
135
136 d = deferToThread(blocking_cleaning, xhtml)
131 return d 137 return d
132 138
133 def convert(self, text, syntax_from, syntax_to=_SYNTAX_XHTML, safe=True): 139 def convert(self, text, syntax_from, syntax_to=_SYNTAX_XHTML, safe=True):
134 """ Convert a text between two syntaxes 140 """ Convert a text between two syntaxes
135 @param text: text to convert 141 @param text: text to convert