Loading django/utils/html.py +7 −7 Original line number Diff line number Diff line Loading @@ -16,7 +16,7 @@ from django.utils.functional import allow_lazy from django.utils import six from django.utils.text import normalize_newlines from .html_parser import HTMLParser from .html_parser import HTMLParser, HTMLParseError # Configuration for urlize() function. Loading Loading @@ -136,13 +136,13 @@ class MLStripper(HTMLParser): def strip_tags(value): """Returns the given HTML with all tags stripped.""" s = MLStripper() s.feed(value) data = s.get_data() try: res = s.close() except Exception as e: data += s.rawdata return data s.feed(value) s.close() except HTMLParseError: return value else: return s.get_data() strip_tags = allow_lazy(strip_tags) def remove_tags(html, tags): Loading docs/ref/utils.txt +8 −2 Original line number Diff line number Diff line Loading @@ -564,7 +564,13 @@ escaping HTML. strip_tags(value) If ``value`` is ``"<b>Joel</b> <button>is</button> a <span>slug</span>"`` the return value will be ``"Joel is a slug"``. return value will be ``"Joel is a slug"``. Note that ``strip_tags`` result may still contain unsafe HTML content, so you might use :func:`~django.utils.html.escape` to make it a safe string. .. versionchanged:: 1.6 For improved safety, ``strip_tags`` is now parser-based. .. function:: remove_tags(value, tags) Loading tests/utils_tests/test_html.py +3 −0 Original line number Diff line number Diff line Loading @@ -70,6 +70,9 @@ class TestUtilsHtml(TestCase): ('</adf>a', 'a'), ('<asdf><asdf>e', 'e'), ('hi, <f x', 'hi, <f x'), ('234<235, right?', '234<235, right?'), ('a4<a5 right?', 'a4<a5 right?'), ('b7>b2!', 'b7>b2!'), ('</fe', '</fe'), ('<x>b<y>', 'b'), ('a<p onclick="alert(\'<test>\')">b</p>c', 'abc'), Loading Loading
django/utils/html.py +7 −7 Original line number Diff line number Diff line Loading @@ -16,7 +16,7 @@ from django.utils.functional import allow_lazy from django.utils import six from django.utils.text import normalize_newlines from .html_parser import HTMLParser from .html_parser import HTMLParser, HTMLParseError # Configuration for urlize() function. Loading Loading @@ -136,13 +136,13 @@ class MLStripper(HTMLParser): def strip_tags(value): """Returns the given HTML with all tags stripped.""" s = MLStripper() s.feed(value) data = s.get_data() try: res = s.close() except Exception as e: data += s.rawdata return data s.feed(value) s.close() except HTMLParseError: return value else: return s.get_data() strip_tags = allow_lazy(strip_tags) def remove_tags(html, tags): Loading
docs/ref/utils.txt +8 −2 Original line number Diff line number Diff line Loading @@ -564,7 +564,13 @@ escaping HTML. strip_tags(value) If ``value`` is ``"<b>Joel</b> <button>is</button> a <span>slug</span>"`` the return value will be ``"Joel is a slug"``. return value will be ``"Joel is a slug"``. Note that ``strip_tags`` result may still contain unsafe HTML content, so you might use :func:`~django.utils.html.escape` to make it a safe string. .. versionchanged:: 1.6 For improved safety, ``strip_tags`` is now parser-based. .. function:: remove_tags(value, tags) Loading
tests/utils_tests/test_html.py +3 −0 Original line number Diff line number Diff line Loading @@ -70,6 +70,9 @@ class TestUtilsHtml(TestCase): ('</adf>a', 'a'), ('<asdf><asdf>e', 'e'), ('hi, <f x', 'hi, <f x'), ('234<235, right?', '234<235, right?'), ('a4<a5 right?', 'a4<a5 right?'), ('b7>b2!', 'b7>b2!'), ('</fe', '</fe'), ('<x>b<y>', 'b'), ('a<p onclick="alert(\'<test>\')">b</p>c', 'abc'), Loading
