|
19 | 19 |
|
20 | 20 | from ietf.doc.models import ConsensusDocEvent |
21 | 21 | from ietf.utils.text import wordwrap, fill, wrap_text_if_unwrapped |
| 22 | +from ietf.utils.html import sanitize_fragment |
22 | 23 |
|
23 | 24 | register = template.Library() |
24 | 25 |
|
@@ -130,15 +131,14 @@ def format_textarea(value): |
130 | 131 | Also calls keep_spacing.""" |
131 | 132 | return keep_spacing(linebreaksbr(escape(value).replace('<b>','<b>').replace('</b>','</b>').replace('<br>','<br>'))) |
132 | 133 |
|
133 | | -@register.filter(name='sanitize_html') |
134 | | -def sanitize_html(value): |
| 134 | +@register.filter(name='sanitize') |
| 135 | +def sanitize(value): |
135 | 136 | """Sanitizes an HTML fragment. |
136 | 137 | This means both fixing broken html and restricting elements and |
137 | 138 | attributes to those deemed acceptable. See ietf/utils/html.py |
138 | 139 | for the details. |
139 | 140 | """ |
140 | | - from ietf.utils.html import sanitize_html |
141 | | - return sanitize_html(value) |
| 141 | + return mark_safe(sanitize_fragment(value)) |
142 | 142 |
|
143 | 143 |
|
144 | 144 | # For use with ballot view |
@@ -374,7 +374,7 @@ def format_snippet(text, trunc_words=25): |
374 | 374 | # expressions, for instance [REF](http://example.com/foo) |
375 | 375 | # Use bleach.linkify instead |
376 | 376 | text = bleach.linkify(text) |
377 | | - full = keep_spacing(collapsebr(linebreaksbr(mark_safe(sanitize_html(text))))) |
| 377 | + full = keep_spacing(collapsebr(linebreaksbr(mark_safe(sanitize_fragment(text))))) |
378 | 378 | snippet = truncatewords_html(full, trunc_words) |
379 | 379 | if snippet != full: |
380 | 380 | return mark_safe(u'<div class="snippet">%s<button class="btn btn-xs btn-default show-all"><span class="fa fa-caret-down"></span></button></div><div class="hidden full">%s</div>' % (snippet, full)) |
|
0 commit comments