Michael Sparks wrote: > On Thursday 07 February 2008 15:48:46 Jon Ribbens wrote: > >> The code at >> http://www.voidspace.org.uk/python/weblog/arch_d7_2005_04_23.shtml#e35 >> is wrong, for example. >> > > That's because it whitelists a collection of tags but doesn't whitelist > specific attributes, I presume. > > I can certainly adapt that code to work the way I'd prefer it. > > Changing allowed_tags to something like: > allowed_tags = { > 'a' : ["id", "name", "href"], > 'img' : ["id", "src"], > .. > <tag> : [ <list of allowed attributes> ] > } > > Would allow that code to be used with only a small modification, if I'm > reading your objection right. >
Ahhh... sounds entirely plausible. Michael _______________________________________________ python-uk mailing list python-uk@python.org http://mail.python.org/mailman/listinfo/python-uk
