kotti.sanitizers

For a high level introduction and available configuration options see Sanitizers.

kotti.sanitizers.sanitize(html: str, sanitizer: str) → str[source]

Sanitize HTML

Parameters:
  • html (basestring) – HTML to be sanitized
  • sanitizer (str) – name of the sanitizer to use
Result:

sanitized HTML

Return type:

str

kotti.sanitizers.xss_protection(html: str) → str[source]

Sanitizer that removes tags that are not considered XSS safe. See bleach_whitelist.generally_xss_unsafe for a complete list of tags that are removed. Attributes and styles are left untouched.

Parameters:html (basestring) – HTML to be sanitized
Result:sanitized HTML
Return type:str
kotti.sanitizers.minimal_html(html: str) → str[source]

Sanitizer that only leaves a basic set of tags and attributes. See bleach_whitelist.markdown_tags, bleach_whitelist.print_tags, bleach_whitelist.markdown_attrs, bleach_whitelist.print_attrs for a complete list of tags and attributes that are allowed. All styles are completely removed.

Parameters:html (basestring) – HTML to be sanitized
Result:sanitized HTML
Return type:str
kotti.sanitizers.no_html(html: str) → str[source]

Sanitizer that removes all tags.

Parameters:html (basestring) – HTML to be sanitized
Result:plain text
Return type:str
kotti.sanitizers.includeme(config: pyramid.config.Configurator) → None[source]

Pyramid includeme hook.

Parameters:config (pyramid.config.Configurator) – app config