On Tue, Jun 20, 2006 at 06:58:46PM -0400, Jay Parlar wrote:
> Well, as it stands right now, I only need this to make sure that text
> entered into the Admin is ok, and that's all by trusted users, so
> Beautiful Soup might do it.
>
> But what about the comments framework? I guess people are just
> restricting their comment fields such that only things supported by
> contrib.markdown are allowed? Maybe something like:
>
> {{comment|striptags|markdown}}
>
> How do sites like Fark.com that allow HTML do it? I guess they've just
> written their own sanitizers.
I'm using Universal Feed Parsers sanitizer in some code that I wrote for
$some_site, code can be viewed at:
http://arch.sommitrealweird.co.uk/viewarch/[EMAIL
PROTECTED]/alug--mainline--0.1--patch-32/alug/validators.py
Basically, it sets up an isSafeXHTMLFragment validator that takes the
input, throws it through feedparsers sanitizer, and checks the output
against the input raising a validation exception in the case that they
don't match - seems to work quite well!
Cheers,
--
Brett Parker
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users
-~----------~----~----~----~------~----~------~--~---
