django-sanitizer

  183 downloads
0.2 Other/Proprietary License
  UNRATED
Django template filter application for sanitizing user submitted HTML

description

download

specifications

django-sanitizer is a Django app that allows only whitelisted tags and attributes through.

The setting ALLOWED_TAGS can override the behavior. The syntax of this setting is a space-separated list of tags, which are optionally followed by a colon and a comma-separated list of attribute permitted in the tag.

For example, to allow < a > tags which are links or named anchors, but not to allow definition of an onclick attribute:

    ALLOWED_TAGS = "a:href,name"

In your templates, sanitizing is easy.

    {% load sanitizer %}

    {{ user_comment|allowtags|safe }}

    {{ user_comment|allowtags:"b i"|safe }}


Disallowed tags or attributes are simply removed.
read more   
Last updated on February 24th, 2012

0 User reviews so far.

SUBMIT