Mercurial > libervia-backend
comparison src/plugins/plugin_misc_text_syntaxes.py @ 674:fb0b1100c908
plugin text_syntaxes: fixed clean_xhml (it now return XHTML instead of HTML)
author | Goffi <goffi@goffi.org> |
---|---|
date | Sat, 09 Nov 2013 10:16:35 +0100 |
parents | 6a64e0a759e6 |
children | e98db42cd78c |
comparison
equal
deleted
inserted
replaced
673:903c4749de15 | 674:fb0b1100c908 |
---|---|
20 from logging import debug, info, error | 20 from logging import debug, info, error |
21 | 21 |
22 from wokkel import disco, pubsub | 22 from wokkel import disco, pubsub |
23 from twisted.internet import defer | 23 from twisted.internet import defer |
24 from twisted.internet.threads import deferToThread | 24 from twisted.internet.threads import deferToThread |
25 from lxml.html import defs, clean | 25 from lxml import html |
26 from lxml.html import clean | |
27 | |
26 | 28 |
27 CATEGORY = "Composition" | 29 CATEGORY = "Composition" |
28 NAME = "Syntax" | 30 NAME = "Syntax" |
29 _SYNTAX_XHTML = "XHTML" | 31 _SYNTAX_XHTML = "XHTML" |
30 | 32 |
121 def clean_xhtml(self, xhtml): | 123 def clean_xhtml(self, xhtml): |
122 """ Clean XHTML text by removing potentially dangerous/malicious parts | 124 """ Clean XHTML text by removing potentially dangerous/malicious parts |
123 @param xhtml: raw xhtml text to clean | 125 @param xhtml: raw xhtml text to clean |
124 """ | 126 """ |
125 # FIXME: styles are allowed but not cleaned, they have to be cleaned (whitelist ? cssutils ?) ! | 127 # FIXME: styles are allowed but not cleaned, they have to be cleaned (whitelist ? cssutils ?) ! |
126 safe_attrs = defs.safe_attrs.union(('style',)) | 128 def blocking_cleaning(xhtml): |
127 cleaner = clean.Cleaner(style=False, | 129 safe_attrs = html.defs.safe_attrs.union(('style',)) |
128 add_nofollow=False, | 130 xhtml_elt = html.fromstring(xhtml) |
129 safe_attrs=safe_attrs) | 131 cleaner = clean.Cleaner(style=False, |
130 d = deferToThread(cleaner.clean_html, xhtml) | 132 add_nofollow=False, |
133 safe_attrs=safe_attrs) | |
134 return html.tostring(cleaner.clean_html(xhtml_elt), method='xml') | |
135 | |
136 d = deferToThread(blocking_cleaning, xhtml) | |
131 return d | 137 return d |
132 | 138 |
133 def convert(self, text, syntax_from, syntax_to=_SYNTAX_XHTML, safe=True): | 139 def convert(self, text, syntax_from, syntax_to=_SYNTAX_XHTML, safe=True): |
134 """ Convert a text between two syntaxes | 140 """ Convert a text between two syntaxes |
135 @param text: text to convert | 141 @param text: text to convert |