diff options
| author | Andrew Godwin | 2022-11-11 22:02:43 -0700 |
|---|---|---|
| committer | Andrew Godwin | 2022-11-11 22:02:43 -0700 |
| commit | feb5d9b74fa1e8454eaaf29afae3643c6d7c81f1 (patch) | |
| tree | 3889a826dfc2c852aa4873daff2a27cb7c1a2b01 /core/html.py | |
| parent | fbfad9fbf5e061cb7c658dada3c4014c9796021c (diff) | |
| download | takahe-feb5d9b74fa1e8454eaaf29afae3643c6d7c81f1.tar.gz takahe-feb5d9b74fa1e8454eaaf29afae3643c6d7c81f1.tar.bz2 takahe-feb5d9b74fa1e8454eaaf29afae3643c6d7c81f1.zip | |
Got up to incoming posts working
Diffstat (limited to 'core/html.py')
| -rw-r--r-- | core/html.py | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/core/html.py b/core/html.py new file mode 100644 index 0000000..e63dda3 --- /dev/null +++ b/core/html.py @@ -0,0 +1,11 @@ +import bleach +from django.utils.safestring import mark_safe + + +def sanitize_post(post_html: str) -> str: + """ + Only allows a, br, p and span tags, and class attributes. + """ + return mark_safe( + bleach.clean(post_html, tags=["a", "br", "p", "span"], attributes=["class"]) + ) |