Generated: Wed 2013-03-13 10:33 CET
Source file: /media/Envs/Envs/filer-gallery/lib/python2.7/site-packages/cms/utils/html.py
Stats: 0 executed, 9 missed, 2 excluded, 12 ignored
# -*- coding: utf-8 -*-from html5lib import sanitizer, serializer, treebuilders, treewalkersimport html5libDEFAULT_PARSER = html5lib.HTMLParser(tokenizer=sanitizer.HTMLSanitizer, tree=treebuilders.getTreeBuilder("dom"))def clean_html(data, full=True, parser=DEFAULT_PARSER): """ Cleans HTML from XSS vulnerabilities using html5lib If full is False, only the contents inside <body> will be returned (without the <body> tags). """ if full: dom_tree = parser.parse(data) else: dom_tree = parser.parseFragment(data) walker = treewalkers.getTreeWalker("dom") stream = walker(dom_tree) s = serializer.htmlserializer.HTMLSerializer(omit_optional_tags=False, quote_attr_values=True) return u''.join(s.serialize(stream))