def pre_save(self, instance, add: bool): """Ran just before the model is saved, allows us to built the slug. Arguments: instance: The model that is being saved. add: Indicates whether this is a new entry to the database or an update. """ localized_value = getattr(instance, self.attname) if not localized_value: return None for lang_code, _ in settings.LANGUAGES: value = localized_value.get(lang_code) if not value: continue localized_value.set( lang_code, bleach.clean(value, **get_bleach_default_options())) return localized_value
def __init__(self, allowed_tags=None, allowed_attributes=None, allowed_styles=None, allowed_protocols=None, strip_comments=None, strip_tags=None, *args, **kwargs): self.widget = get_default_widget() super(BleachField, self).__init__(*args, **kwargs) self.bleach_options = get_bleach_default_options() if allowed_tags is not None: self.bleach_options['tags'] = allowed_tags if allowed_attributes is not None: self.bleach_options['attributes'] = allowed_attributes if allowed_styles is not None: self.bleach_options['styles'] = allowed_styles if allowed_protocols is not None: self.bleach_options['protocols'] = allowed_protocols if strip_tags is not None: self.bleach_options['strip'] = strip_tags if strip_comments is not None: self.bleach_options['strip_comments'] = strip_comments
def bleach_value(value): """Same as django_bleach, but convert the <br> we get back to valid XML, for the AN export.""" bleach_args = get_bleach_default_options() bleached_value = bleach.clean(value, **bleach_args) bleached_value = bleached_value.replace('<br>', '<br/>') return mark_safe(bleached_value)
def update_event_form(request, event): if request.data.get('form_fields'): event.form_fields = request.data.get('form_fields') for i, field in enumerate(event.form_fields): if field.has_key('html'): event.form_fields[i]['html'] = bleach.clean( event.form_fields[i]['html'], **get_bleach_default_options() ) #removetags(event.form_fields[i]['html'], 'script style') event.save() return Response({'status': 'success'})
def custom_bleach(value, allowed_tags): """ Works just like the 'bleach' tempalte filter, but takes an argument of a comma-separated string of the tags that should be allowed through the filter. This list of tags *overrides* the list in the settings, so be thorough. """ # Use the bleach_args built from the settings, but replace the 'tags' arg with the supplied comma-separated list. bleach_args = get_bleach_default_options() kwargs = dict(**bleach_args) kwargs['tags'] = [tag.strip() for tag in allowed_tags.split(',')] bleached_value = bleach.clean(value, **kwargs) return mark_safe(bleached_value)
def bleach_value(value, tags=None): if value is None: return None bleach_args = get_bleach_default_options() if tags is not None: args = bleach_args.copy() args["tags"] = tags.split(",") else: args = bleach_args bleached_value = bleach.clean(value, **args) return mark_safe(bleached_value)
def bleach_field_handler(obj: Model, field: BleachField) -> str: """Handles BleachField Args: obj (Model): Model object. field (BleachField): Model's field. Returns: str: Allowed content as safe data """ value = str(getattr(obj, field.name, "")) bleach_options = get_bleach_default_options() clean_value = bleach.clean(value, **bleach_options) return mark_safe(clean_value)
def __init__(self, allowed_tags=None, allowed_attributes=None, allowed_styles=None, strip_comments=None, strip_tags=None, *args, **kwargs): self.widget = default_widget super(BleachField, self).__init__(*args, **kwargs) self.bleach_options = get_bleach_default_options() if allowed_tags is not None: self.bleach_options['tags'] = allowed_tags if allowed_attributes is not None: self.bleach_options['attributes'] = allowed_attributes if allowed_styles is not None: self.bleach_options['styles'] = allowed_styles if strip_tags is not None: self.bleach_options['strip'] = strip_tags if strip_comments is not None: self.bleach_options['strip_comments'] = strip_comments
def _validate(non_bleached_value, bleached_value): """Validates whether the specified non-bleached value ended up being correctly bleached. Arguments: non_bleached_value: The value before bleaching. bleached_value: The value after bleaching. """ for lang_code, _ in settings.LANGUAGES: if not non_bleached_value.get(lang_code): assert not bleached_value.get(lang_code) continue expected_value = bleach.clean(non_bleached_value.get(lang_code), get_bleach_default_options()) assert bleached_value.get(lang_code) == expected_value
def pre_save(self, instance, add: bool): """Ran just before the model is saved, allows us to built the slug. Arguments: instance: The model that is being saved. add: Indicates whether this is a new entry to the database or an update. """ # the bleach library vendors dependencies and the html5lib # dependency is incompatible with python 3.9, until that's # fixed, you cannot use LocalizedBleachField with python 3.9 # sympton: # ImportError: cannot import name 'Mapping' from 'collections' try: import bleach from django_bleach.utils import get_bleach_default_options except ImportError: raise UserWarning( "LocalizedBleachField is not compatible with Python 3.9 yet." ) localized_value = getattr(instance, self.attname) if not localized_value: return None for lang_code, _ in settings.LANGUAGES: value = localized_value.get(lang_code) if not value: continue localized_value.set( lang_code, bleach.clean(value, **get_bleach_default_options()) ) return localized_value
def test_strip_comments(self, settings): bleach_args = get_bleach_default_options() self.assertEqual(bleach_args['strip_comments'], True)
def test_custom_tags(self, settings): bleach_args = get_bleach_default_options() self.assertEqual(bleach_args['tags'], ALLOWED_TAGS)
def test_custom_styles(self, settings): bleach_args = get_bleach_default_options() self.assertEqual(bleach_args['styles'], ALLOWED_STYLES)
def test_custom_proto(self, settings): bleach_args = get_bleach_default_options() self.assertEqual(bleach_args['protocols'], ALLOWED_PROTOCOLS)
def test_custom_attrs(self, settings): bleach_args = get_bleach_default_options() self.assertEqual(bleach_args['attributes'], ALLOWED_ATTRIBUTES)
def update_event_form(request, event): if request.data.get('form_fields'): event.form_fields = request.data.get('form_fields') for i, field in enumerate(event.form_fields): if field.has_key('html'): event.form_fields[i]['html'] = bleach.clean(event.form_fields[i]['html'], **get_bleach_default_options())#removetags(event.form_fields[i]['html'], 'script style') event.save() return Response({'status':'success'})