kotti.sanitizers¶

For a high level introduction and available configuration options see Sanitizers.

kotti.sanitizers.sanitize(html: str, sanitizer: str) → str[source]¶

Sanitize HTML

Parameters:	html (basestring) – HTML to be sanitized sanitizer (str) – name of the sanitizer to use
Result:	sanitized HTML
Return type:	str

kotti.sanitizers.xss_protection(html: str) → str[source]¶

Sanitizer that removes tags that are not considered XSS safe. See bleach_whitelist.generally_xss_unsafe for a complete list of tags that are removed. Attributes and styles are left untouched.

Parameters:	html (basestring) – HTML to be sanitized
Result:	sanitized HTML
Return type:	str

kotti.sanitizers.minimal_html(html: str) → str[source]¶

Sanitizer that only leaves a basic set of tags and attributes. See bleach_whitelist.markdown_tags, bleach_whitelist.print_tags, bleach_whitelist.markdown_attrs, bleach_whitelist.print_attrs for a complete list of tags and attributes that are allowed. All styles are completely removed.

Parameters:	html (basestring) – HTML to be sanitized
Result:	sanitized HTML
Return type:	str

kotti.sanitizers.no_html(html: str) → str[source]¶

Sanitizer that removes all tags.

Parameters:	html (basestring) – HTML to be sanitized
Result:	plain text
Return type:	str

kotti.sanitizers.includeme(config: pyramid.config.Configurator) → None[source]¶

Pyramid includeme hook.

Parameters:	config (`pyramid.config.Configurator`) – app config