cms.utils.html: 11 total statements, 0.0% covered

Generated: Wed 2013-03-13 10:33 CET

Source file: /media/Envs/Envs/filer-gallery/lib/python2.7/site-packages/cms/utils/html.py

Stats: 0 executed, 9 missed, 2 excluded, 12 ignored

  1. # -*- coding: utf-8 -*-
  2. from html5lib import sanitizer, serializer, treebuilders, treewalkers
  3. import html5lib
  4. DEFAULT_PARSER = html5lib.HTMLParser(tokenizer=sanitizer.HTMLSanitizer,
  5. tree=treebuilders.getTreeBuilder("dom"))
  6. def clean_html(data, full=True, parser=DEFAULT_PARSER):
  7. """
  8. Cleans HTML from XSS vulnerabilities using html5lib
  9. If full is False, only the contents inside <body> will be returned (without
  10. the <body> tags).
  11. """
  12. if full:
  13. dom_tree = parser.parse(data)
  14. else:
  15. dom_tree = parser.parseFragment(data)
  16. walker = treewalkers.getTreeWalker("dom")
  17. stream = walker(dom_tree)
  18. s = serializer.htmlserializer.HTMLSerializer(omit_optional_tags=False,
  19. quote_attr_values=True)
  20. return u''.join(s.serialize(stream))