From 0038151bf9ce39135c4cd241b359124c054d43a6 Mon Sep 17 00:00:00 2001 From: Lars Eggert Date: Mon, 18 Jul 2022 17:39:11 +0300 Subject: [PATCH] fix: Fix removetags (#4226) I don't think this ever worked. --- ietf/utils/html.py | 2 +- ietf/utils/templatetags/htmlfilters.py | 7 ++++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/ietf/utils/html.py b/ietf/utils/html.py index 9f589a47b..9d0cd7c84 100644 --- a/ietf/utils/html.py +++ b/ietf/utils/html.py @@ -34,7 +34,7 @@ def unescape(text): def remove_tags(html, tags): """Returns the given HTML sanitized, and with the given tags removed.""" allowed = set(acceptable_tags) - set([ t.lower() for t in tags ]) - return bleach.clean(html, tags=allowed) + return bleach.clean(html, tags=allowed, strip=True) # ---------------------------------------------------------------------- # Html fragment cleaning diff --git a/ietf/utils/templatetags/htmlfilters.py b/ietf/utils/templatetags/htmlfilters.py index 10c40408c..a0f9232c5 100644 --- a/ietf/utils/templatetags/htmlfilters.py +++ b/ietf/utils/templatetags/htmlfilters.py @@ -1,6 +1,7 @@ # Copyright The IETF Trust 2017-2020, All Rights Reserved # -*- coding: utf-8 -*- +import re from django.template.library import Library from django.template.defaultfilters import stringfilter @@ -9,9 +10,9 @@ from ietf.utils.html import remove_tags register = Library() + @register.filter(is_safe=True) @stringfilter def removetags(value, tags): - """Removes a space separated list of [X]HTML tags from the output.""" - return remove_tags(value, tags) - + """Removes a comma-separated list of [X]HTML tags from the output.""" + return remove_tags(value, re.split(r"\s*,\s*", tags))