[python-uk] Favourite ways of scrubbing HTML/whitelisting specific HTML tags?
Jon Ribbens
jon+python-uk at unequivocal.co.uk
Thu Feb 7 16:48:46 CET 2008
On Thu, Feb 07, 2008 at 02:35:29PM +0000, Michael Sparks wrote:
> Just a quick Q for people: what's your favourite way (preferably a library :)
> of allowing a subset of HTML tags through? I can think of 1/2 dozen different
> ways of doing this, but I'm sure there's a preferred approach for some...
Be aware that if you are doing this for security reasons (e.g. to
prevent cross-site scripting), it is very hard to get right.
The code at
http://www.voidspace.org.uk/python/weblog/arch_d7_2005_04_23.shtml#e35
is wrong, for example.
More information about the python-uk
mailing list