Coverage for /pythoncovmergedfiles/medio/medio/usr/local/lib/python3.8/site-packages/bleach/__init__.py: 64%

11 statements  

« prev     ^ index     » next       coverage.py v7.2.7, created at 2023-07-01 06:54 +0000

1from bleach.linkifier import ( 

2 DEFAULT_CALLBACKS, 

3 Linker, 

4) 

5from bleach.sanitizer import ( 

6 ALLOWED_ATTRIBUTES, 

7 ALLOWED_PROTOCOLS, 

8 ALLOWED_TAGS, 

9 Cleaner, 

10) 

11 

12 

13# yyyymmdd 

14__releasedate__ = "20230123" 

15# x.y.z or x.y.z.dev0 -- semver 

16__version__ = "6.0.0" 

17 

18 

19__all__ = ["clean", "linkify"] 

20 

21 

22def clean( 

23 text, 

24 tags=ALLOWED_TAGS, 

25 attributes=ALLOWED_ATTRIBUTES, 

26 protocols=ALLOWED_PROTOCOLS, 

27 strip=False, 

28 strip_comments=True, 

29 css_sanitizer=None, 

30): 

31 """Clean an HTML fragment of malicious content and return it 

32 

33 This function is a security-focused function whose sole purpose is to 

34 remove malicious content from a string such that it can be displayed as 

35 content in a web page. 

36 

37 This function is not designed to use to transform content to be used in 

38 non-web-page contexts. 

39 

40 Example:: 

41 

42 import bleach 

43 

44 better_text = bleach.clean(yucky_text) 

45 

46 

47 .. Note:: 

48 

49 If you're cleaning a lot of text and passing the same argument values or 

50 you want more configurability, consider using a 

51 :py:class:`bleach.sanitizer.Cleaner` instance. 

52 

53 :arg str text: the text to clean 

54 

55 :arg set tags: set of allowed tags; defaults to 

56 ``bleach.sanitizer.ALLOWED_TAGS`` 

57 

58 :arg dict attributes: allowed attributes; can be a callable, list or dict; 

59 defaults to ``bleach.sanitizer.ALLOWED_ATTRIBUTES`` 

60 

61 :arg list protocols: allowed list of protocols for links; defaults 

62 to ``bleach.sanitizer.ALLOWED_PROTOCOLS`` 

63 

64 :arg bool strip: whether or not to strip disallowed elements 

65 

66 :arg bool strip_comments: whether or not to strip HTML comments 

67 

68 :arg CSSSanitizer css_sanitizer: instance with a "sanitize_css" method for 

69 sanitizing style attribute values and style text; defaults to None 

70 

71 :returns: cleaned text as unicode 

72 

73 """ 

74 cleaner = Cleaner( 

75 tags=tags, 

76 attributes=attributes, 

77 protocols=protocols, 

78 strip=strip, 

79 strip_comments=strip_comments, 

80 css_sanitizer=css_sanitizer, 

81 ) 

82 return cleaner.clean(text) 

83 

84 

85def linkify(text, callbacks=DEFAULT_CALLBACKS, skip_tags=None, parse_email=False): 

86 """Convert URL-like strings in an HTML fragment to links 

87 

88 This function converts strings that look like URLs, domain names and email 

89 addresses in text that may be an HTML fragment to links, while preserving: 

90 

91 1. links already in the string 

92 2. urls found in attributes 

93 3. email addresses 

94 

95 linkify does a best-effort approach and tries to recover from bad 

96 situations due to crazy text. 

97 

98 .. Note:: 

99 

100 If you're linking a lot of text and passing the same argument values or 

101 you want more configurability, consider using a 

102 :py:class:`bleach.linkifier.Linker` instance. 

103 

104 .. Note:: 

105 

106 If you have text that you want to clean and then linkify, consider using 

107 the :py:class:`bleach.linkifier.LinkifyFilter` as a filter in the clean 

108 pass. That way you're not parsing the HTML twice. 

109 

110 :arg str text: the text to linkify 

111 

112 :arg list callbacks: list of callbacks to run when adjusting tag attributes; 

113 defaults to ``bleach.linkifier.DEFAULT_CALLBACKS`` 

114 

115 :arg list skip_tags: list of tags that you don't want to linkify the 

116 contents of; for example, you could set this to ``['pre']`` to skip 

117 linkifying contents of ``pre`` tags 

118 

119 :arg bool parse_email: whether or not to linkify email addresses 

120 

121 :returns: linkified text as unicode 

122 

123 """ 

124 linker = Linker(callbacks=callbacks, skip_tags=skip_tags, parse_email=parse_email) 

125 return linker.linkify(text)