From 1d1ae251b534af9e15cae7f1e4c3a4902c0dff23 Mon Sep 17 00:00:00 2001
From: Nathan Woodburn <github@nathan.woodburn.au>
Date: Wed, 8 Nov 2023 23:07:53 +1100
Subject: [PATCH] fix: Less strict sanitation

---
 requirements.txt | 3 +--
 sites/website.py | 7 +++----
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 29cbeb3..f1de7fd 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -9,5 +9,4 @@ py3dns
 passlib
 argon2-cffi
 mysql-connector-python
-beautifulsoup4
-html-sanitizer
\ No newline at end of file
+beautifulsoup4
\ No newline at end of file
diff --git a/sites/website.py b/sites/website.py
index 8a82c66..ed3efc0 100644
--- a/sites/website.py
+++ b/sites/website.py
@@ -1,6 +1,6 @@
 from flask import Flask, make_response, redirect, render_template_string, request, jsonify, render_template, send_from_directory
 from bs4 import BeautifulSoup
-import html_sanitizer
+from lxml.html.clean import clean_html
 
 def render(data):
     if data == "":
@@ -11,9 +11,8 @@ def render(data):
         for script in soup.find_all('script'):
             script.extract()
         modified_data = str(soup)
-        default_settings = dict(html_sanitizer.sanitizer.DEFAULT_SETTINGS)
-        sanitizer = html_sanitizer.Sanitizer(default_settings)        
-        return render_template_string(str(sanitizer.sanitize(modified_data)))
+        
+        return render_template_string(clean_html(modified_data))
 
 
     except Exception as e: