kotti.sanitizers¶
For a high level introduction and available configuration options see Sanitizers.
- kotti.sanitizers.sanitize(html: str, sanitizer: str) str [source]¶
Sanitize HTML
- Parameters
html (basestring) – HTML to be sanitized
sanitizer (str) – name of the sanitizer to use
- Result
sanitized HTML
- Return type
str
- kotti.sanitizers.xss_protection(html: str) str [source]¶
Sanitizer that removes tags that are not considered XSS safe. See
bleach_whitelist.generally_xss_unsafe
for a complete list of tags that are removed. Attributes and styles are left untouched.- Parameters
html (basestring) – HTML to be sanitized
- Result
sanitized HTML
- Return type
str
- kotti.sanitizers.minimal_html(html: str) str [source]¶
Sanitizer that only leaves a basic set of tags and attributes. See
bleach_whitelist.markdown_tags
,bleach_whitelist.print_tags
,bleach_whitelist.markdown_attrs
,bleach_whitelist.print_attrs
for a complete list of tags and attributes that are allowed. All styles are completely removed.- Parameters
html (basestring) – HTML to be sanitized
- Result
sanitized HTML
- Return type
str
- kotti.sanitizers.no_html(html: str) str [source]¶
Sanitizer that removes all tags.
- Parameters
html (basestring) – HTML to be sanitized
- Result
plain text
- Return type
str
- kotti.sanitizers.includeme(config: Configurator) None [source]¶
Pyramid includeme hook.
- Parameters
config (
pyramid.config.Configurator
) – app config