annotate libervia/server/html_tools.py @ 1479:095e94ca6728

pages: disable CSRF token check when service profile is used: CSRF token check doesn't make sense when no user is logged in, and it causes trouble for caching. fix 400
author Goffi <goffi@goffi.org>
date Fri, 22 Oct 2021 16:04:23 +0200
parents 822bd0139769
children 106bae41f5c8
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1239
f511f8fbbf8a fixed shebangs
Goffi <goffi@goffi.org>
parents: 1237
diff changeset
1 #!/usr/bin/env python3
f511f8fbbf8a fixed shebangs
Goffi <goffi@goffi.org>
parents: 1237
diff changeset
2
8
88ae360198ee html tools
Goffi <goffi@goffi.org>
parents:
diff changeset
3
339
2067d6241927 fixed docstrings wrong usage for licence informations
Goffi <goffi@goffi.org>
parents: 331
diff changeset
4 # Libervia: a Salut à Toi frontend
1396
822bd0139769 date update
Goffi <goffi@goffi.org>
parents: 1239
diff changeset
5 # Copyright (C) 2011-2021 Jérôme Poisson <goffi@goffi.org>
8
88ae360198ee html tools
Goffi <goffi@goffi.org>
parents:
diff changeset
6
339
2067d6241927 fixed docstrings wrong usage for licence informations
Goffi <goffi@goffi.org>
parents: 331
diff changeset
7 # This program is free software: you can redistribute it and/or modify
2067d6241927 fixed docstrings wrong usage for licence informations
Goffi <goffi@goffi.org>
parents: 331
diff changeset
8 # it under the terms of the GNU Affero General Public License as published by
2067d6241927 fixed docstrings wrong usage for licence informations
Goffi <goffi@goffi.org>
parents: 331
diff changeset
9 # the Free Software Foundation, either version 3 of the License, or
2067d6241927 fixed docstrings wrong usage for licence informations
Goffi <goffi@goffi.org>
parents: 331
diff changeset
10 # (at your option) any later version.
8
88ae360198ee html tools
Goffi <goffi@goffi.org>
parents:
diff changeset
11
339
2067d6241927 fixed docstrings wrong usage for licence informations
Goffi <goffi@goffi.org>
parents: 331
diff changeset
12 # This program is distributed in the hope that it will be useful,
2067d6241927 fixed docstrings wrong usage for licence informations
Goffi <goffi@goffi.org>
parents: 331
diff changeset
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
2067d6241927 fixed docstrings wrong usage for licence informations
Goffi <goffi@goffi.org>
parents: 331
diff changeset
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
2067d6241927 fixed docstrings wrong usage for licence informations
Goffi <goffi@goffi.org>
parents: 331
diff changeset
15 # GNU Affero General Public License for more details.
8
88ae360198ee html tools
Goffi <goffi@goffi.org>
parents:
diff changeset
16
339
2067d6241927 fixed docstrings wrong usage for licence informations
Goffi <goffi@goffi.org>
parents: 331
diff changeset
17 # You should have received a copy of the GNU Affero General Public License
2067d6241927 fixed docstrings wrong usage for licence informations
Goffi <goffi@goffi.org>
parents: 331
diff changeset
18 # along with this program. If not, see <http://www.gnu.org/licenses/>.
8
88ae360198ee html tools
Goffi <goffi@goffi.org>
parents:
diff changeset
19
451
1a0cec9b0f1e better PEP-8 compliance
souliane <souliane@mailoo.org>
parents: 449
diff changeset
20
8
88ae360198ee html tools
Goffi <goffi@goffi.org>
parents:
diff changeset
21 def sanitizeHtml(text):
88ae360198ee html tools
Goffi <goffi@goffi.org>
parents:
diff changeset
22 """Sanitize HTML by escaping everything"""
1113
cdd389ef97bc server: code style reformatting using black
Goffi <goffi@goffi.org>
parents: 1054
diff changeset
23 # this code comes from official python wiki: http://wiki.python.org/moin/EscapingHtml
8
88ae360198ee html tools
Goffi <goffi@goffi.org>
parents:
diff changeset
24 html_escape_table = {
88ae360198ee html tools
Goffi <goffi@goffi.org>
parents:
diff changeset
25 "&": "&amp;",
88ae360198ee html tools
Goffi <goffi@goffi.org>
parents:
diff changeset
26 '"': "&quot;",
88ae360198ee html tools
Goffi <goffi@goffi.org>
parents:
diff changeset
27 "'": "&apos;",
88ae360198ee html tools
Goffi <goffi@goffi.org>
parents:
diff changeset
28 ">": "&gt;",
88ae360198ee html tools
Goffi <goffi@goffi.org>
parents:
diff changeset
29 "<": "&lt;",
1113
cdd389ef97bc server: code style reformatting using black
Goffi <goffi@goffi.org>
parents: 1054
diff changeset
30 }
8
88ae360198ee html tools
Goffi <goffi@goffi.org>
parents:
diff changeset
31
451
1a0cec9b0f1e better PEP-8 compliance
souliane <souliane@mailoo.org>
parents: 449
diff changeset
32 return "".join(html_escape_table.get(c, c) for c in text)
588
c8cca1a373dd server_side: static blog: convert \n in raw text message to <br/>
souliane <souliane@mailoo.org>
parents: 451
diff changeset
33
c8cca1a373dd server_side: static blog: convert \n in raw text message to <br/>
souliane <souliane@mailoo.org>
parents: 451
diff changeset
34
c8cca1a373dd server_side: static blog: convert \n in raw text message to <br/>
souliane <souliane@mailoo.org>
parents: 451
diff changeset
35 def convertNewLinesToXHTML(text):
1113
cdd389ef97bc server: code style reformatting using black
Goffi <goffi@goffi.org>
parents: 1054
diff changeset
36 return text.replace("\n", "<br/>")