Package web2py :: Package gluon :: Module sanitizer

Module sanitizer

   # from http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/496942
   # Title: Cross-site scripting (XSS) defense
   # Submitter: Josh Goldfoot (other recipes)
   # Last Updated: 2006/08/05
   # Version no: 1.0

Classes

[hide private]

XssCleaner

Functions

[hide private]

xssescape(text)
Gets rid of < and > and & and, for good measure, :

source code

sanitize(text, permitted_tags=['a', 'b', 'blockquote', 'br/', 'i', 'li', 'ol', 'ul', 'p', 'c..., allowed_attributes={'a': ['href', 'title'], 'blockquote': ['type'], 'img': ['src'..., escape=True) source code