94 lines
3.3 KiB
Python
94 lines
3.3 KiB
Python
# Copyright The IETF Trust 2010-2020, All Rights Reserved
|
|
# -*- coding: utf-8 -*-
|
|
# Taken from http://code.google.com/p/soclone/source/browse/trunk/soclone/utils/html.py
|
|
"""Utilities for working with HTML."""
|
|
|
|
|
|
import bleach
|
|
import copy
|
|
import html2text
|
|
import lxml.etree
|
|
import lxml.html
|
|
import lxml.html.clean
|
|
|
|
import debug # pyflakes:ignore
|
|
|
|
from django import forms
|
|
from django.utils.functional import keep_lazy
|
|
|
|
from ietf.utils.mime import get_mime_type
|
|
|
|
acceptable_tags = ('a', 'abbr', 'acronym', 'address', 'b', 'big',
|
|
'blockquote', 'body', 'br', 'caption', 'center', 'cite', 'code', 'col',
|
|
'colgroup', 'dd', 'del', 'dfn', 'dir', 'div', 'dl', 'dt', 'em', 'font',
|
|
'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'head', 'hr', 'html', 'i', 'ins', 'kbd',
|
|
'li', 'ol', 'p', 'pre', 'q', 's', 'samp', 'small', 'span', 'strike', 'style',
|
|
'strong', 'sub', 'sup', 'table', 'title', 'tbody', 'td', 'tfoot', 'th', 'thead',
|
|
'tr', 'tt', 'u', 'ul', 'var')
|
|
|
|
acceptable_protocols = ['http', 'https', 'mailto', 'xmpp', ]
|
|
|
|
def unescape(text):
|
|
"""
|
|
Returns the given text with ampersands, quotes and angle brackets decoded
|
|
for use in URLs.
|
|
|
|
This function undoes what django.utils.html.escape() does
|
|
"""
|
|
return text.replace(''', "'").replace('"', '"').replace('>', '>').replace('<', '<' ).replace('&', '&')
|
|
|
|
@keep_lazy(str)
|
|
def remove_tags(html, tags):
|
|
"""Returns the given HTML sanitized, and with the given tags removed."""
|
|
allowed = set(acceptable_tags) - set([ t.lower() for t in tags ])
|
|
return bleach.clean(html, tags=allowed)
|
|
|
|
# ----------------------------------------------------------------------
|
|
# Html fragment cleaning
|
|
|
|
bleach_cleaner = bleach.sanitizer.Cleaner(tags=acceptable_tags, protocols=acceptable_protocols, strip=True)
|
|
|
|
def sanitize_fragment(html):
|
|
return bleach_cleaner.clean(html)
|
|
|
|
# ----------------------------------------------------------------------
|
|
# Page cleaning
|
|
|
|
|
|
class Cleaner(lxml.html.clean.Cleaner):
|
|
charset = 'utf-8'
|
|
# Copied from lxml 4.2.0 and modified to insert charset meta:
|
|
def clean_html(self, html):
|
|
result_type = type(html)
|
|
if isinstance(html, (str, bytes)):
|
|
doc = lxml.html.fromstring(html)
|
|
else:
|
|
doc = copy.deepcopy(html)
|
|
self(doc)
|
|
head = doc.find('head')
|
|
if head != None:
|
|
meta = lxml.etree.Element('meta', charset=self.charset)
|
|
meta.tail = '\n'
|
|
head.insert(0, meta)
|
|
return lxml.html._transform_result(result_type, doc)
|
|
|
|
# We will be saving as utf-8 later, so set that in the meta tag.
|
|
lxml_cleaner = Cleaner(allow_tags=acceptable_tags, remove_unknown_tags=None, style=False, page_structure=False, charset='utf-8')
|
|
|
|
def sanitize_document(html):
|
|
return lxml_cleaner.clean_html(html)
|
|
|
|
|
|
# ----------------------------------------------------------------------
|
|
# Text field cleaning
|
|
|
|
def clean_text_field(text):
|
|
mime_type, encoding = get_mime_type(text.encode('utf8'))
|
|
if mime_type == 'text/html': # or re.search(r'<\w+>', text):
|
|
text = html2text.html2text(text)
|
|
elif mime_type in ['text/plain', 'application/x-empty', ]:
|
|
pass
|
|
else:
|
|
raise forms.ValidationError("Unexpected text field mime type: %s" % mime_type)
|
|
return text
|
|
|