Задать вопрос

Тел: +7 965 3737 888

509

Просмотров

3

Ответов

Sanitize text field HTML (here from the Dojo Toolkit Editor2 widget)

When using a JavaScript WYSIWYG editor widget for text area content, the resulting HTML should be sanitized so no unallowed HTML tags (esp. script tags) are present.

The BeautifulSoup library handles HTML processing in the solution presented above, so you should place it in the Python path.

The snippet also assumes that you have the Dojo Toolkit and its Editor2 widget loaded on your page.

Note: this snippet was originally written for use with Dojo Toolkit 0.4, and it hasn't been updated for 0.9 or 1.0.

Вопрос полезен? Да0/Нет0
file_4958.py(1017.0б)
None

Ответы (3):

Ответakaihola:21.04.2008
Ответ полезен? Да0/Нет0

marcink: Thanks for the heads up. It's obviously a fatal mistake to have left out that check.

Ответmarcink:10.02.2008
Ответ полезен? Да0/Нет0

This is nice, but you should also look into href attributes to make sure they don't contain javascript code.

Ответguettli:16.11.2007
Ответ полезен? Да0/Нет0

Nice snippet!