CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2026-05-10 16:04:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

HTML Sanitizer: Allow the class attribute

Browse Source
This commit is contained in:
Raphael Michel
2017-03-28 10:54:08 +02:00
parent 8dacbe0fc6
commit c1a76c4c18
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/pretix/base/templatetags/rich_text.py
View File

@@ -25,6 +25,8 @@ ALLOWED_TAGS = [
'tr', 'tr',
'td', 'td',
'th', 'th',
'div',
'span'
] ]
ALLOWED_ATTRIBUTES = { ALLOWED_ATTRIBUTES = {
@@ -33,6 +35,9 @@ ALLOWED_ATTRIBUTES = {
'acronym': ['title'], 'acronym': ['title'],
'table': ['width'], 'table': ['width'],
'td': ['width', 'align'], 'td': ['width', 'align'],
'div': ['class'],
'p': ['class'],
'span': ['class'],
} }
@@ -41,5 +46,9 @@ def rich_text(text: str, **kwargs):
""" """
Processes markdown and cleans HTML in a text input. Processes markdown and cleans HTML in a text input.
""" """
body_md = bleach.linkify(bleach.clean(markdown.markdown(text), tags=ALLOWED_TAGS, attributes=ALLOWED_ATTRIBUTES)) body_md = bleach.linkify(bleach.clean(
markdown.markdown(text),
tags=ALLOWED_TAGS,
attributes=ALLOWED_ATTRIBUTES,
))
return mark_safe(body_md) return mark_safe(body_md)