1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
|
import bleach
from bleach._vendor.html5lib.filters.base import Filter
from .csscolors import csscolors
allowed_tags = [
'p',
'h1',
'h2',
'h3',
'h4',
'h5',
'h6',
'pre',
'del',
'ins',
'mark',
'img',
'marquee',
'pulsate',
'sup','sub',
'table','thead','tbody','tr','th','td',
'details','summary',
'hr',
'br',
'iframe',
]
john_css = "margin-left:auto;display:block;margin-right:auto;max-width:732px;width:100%;height:94px;border:none;"
class IFrameCSS:
def sanitize_css(self, css):
if css == john_css:
return css
else:
return ""
class IFrameSandboxFilter(Filter):
def sanitize_token(self, token):
if token["type"] != "StartTag":
return token
if token["name"] == "iframe":
token["data"][(None, "sandbox")] = \
"allow-forms " + \
"allow-scripts " + \
"allow-top-navigation-by-user-activation " + \
"allow-top-navigation-to-custom-protocols"
for key in token["data"]:
if key[1] in ("height", "width"):
try:
if int(token["data"][key]) > 1000:
token["data"][key] = "800"
except ValueError:
del token["data"][key]
return token
def __iter__(self):
for token in Filter.__iter__(self):
token = self.sanitize_token(token)
if token:
yield token
allowed_tags += csscolors
allowed_tags += ("mark" + c for c in csscolors)
allowed_attributes = bleach.sanitizer.ALLOWED_ATTRIBUTES.copy()
allowed_attributes.update(
img=['src','height','width','alt','title'],
iframe=['src','height','width','srcdoc','style'],
ol=['start'],
details=['open'],
marquee=[
'behavior', 'bgcolor', 'direction', 'height', 'hspace', 'loop',
'scrollamount', 'scrolldelay', 'truespeed', 'vspace', 'width',
],
)
allowed_tags.extend(bleach.sanitizer.ALLOWED_TAGS)
cleaner = bleach.sanitizer.Cleaner(
tags=allowed_tags,
attributes=allowed_attributes,
css_sanitizer=IFrameCSS(),
filters=[IFrameSandboxFilter])
import markdown
md = markdown.Markdown(extensions=[
'pymdownx.tilde',
'pymdownx.caret',
'fenced_code',
'tables',
'pymdownx.details',
])
def render(text):
text = md.reset().convert(text)
text = cleaner.clean(text)
return text
|