def clean_localized_string(self): # All links (text and markup) are normalized. linkified = linkify_with_outgoing(self.localized_string) # Keep only the allowed tags and attributes, escape the rest. return bleach.clean(linkified, tags=self.allowed_tags, attributes=self.allowed_attributes)
def test_linkify_with_outgoing_text_links(mock_linkify_bounce_url_callback): def side_effect(attrs, new=False): attrs['href'] = 'bar' return attrs mock_linkify_bounce_url_callback.side_effect = side_effect # Without nofollow. res = linkify_with_outgoing('a text http://example.com link', nofollow=False) eq_(res, 'a text <a href="bar">http://example.com</a> link') # With nofollow (default). res = linkify_with_outgoing('a text http://example.com link') eq_(res, 'a text <a rel="nofollow" href="bar">http://example.com</a> link') res = linkify_with_outgoing('a text http://example.com link', nofollow=True) eq_(res, 'a text <a rel="nofollow" href="bar">http://example.com</a> link')
def test_linkify_with_outgoing_markup_links(mock_linkify_bounce_url_callback): def side_effect(attrs, new=False): attrs['href'] = 'bar' return attrs mock_linkify_bounce_url_callback.side_effect = side_effect # Without nofollow. res = linkify_with_outgoing( 'a markup <a href="http://example.com">link</a> with text', nofollow=False) eq_(res, 'a markup <a href="bar">link</a> with text') # With nofollow (default). res = linkify_with_outgoing( 'a markup <a href="http://example.com">link</a> with text') ok_(res in ['a markup <a rel="nofollow" href="bar">link</a> with text', 'a markup <a href="bar" rel="nofollow">link</a> with text']) res = linkify_with_outgoing( 'a markup <a href="http://example.com">link</a> with text', nofollow=True) ok_(res in ['a markup <a rel="nofollow" href="bar">link</a> with text', 'a markup <a href="bar" rel="nofollow">link</a> with text'])
def escape_all(v, linkify=True): """Escape html in JSON value, including nested items.""" if isinstance(v, basestring): v = jinja2.escape(smart_unicode(v)) if linkify: v = linkify_with_outgoing(v) return v elif isinstance(v, list): for i, lv in enumerate(v): v[i] = escape_all(lv, linkify=linkify) elif isinstance(v, dict): for k, lv in v.iteritems(): v[k] = escape_all(lv, linkify=linkify) elif isinstance(v, Translation): v = jinja2.escape(smart_unicode(v.localized_string)) return v