diff options
Diffstat (limited to 'core/html.py')
-rw-r--r-- | core/html.py | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/core/html.py b/core/html.py new file mode 100644 index 0000000..e63dda3 --- /dev/null +++ b/core/html.py @@ -0,0 +1,11 @@ +import bleach +from django.utils.safestring import mark_safe + + +def sanitize_post(post_html: str) -> str: + """ + Only allows a, br, p and span tags, and class attributes. + """ + return mark_safe( + bleach.clean(post_html, tags=["a", "br", "p", "span"], attributes=["class"]) + ) |