fix: Try new sanitization
This commit is contained in:
parent
e60a00f997
commit
5ab71b84e0
@ -10,4 +10,4 @@ passlib
|
|||||||
argon2-cffi
|
argon2-cffi
|
||||||
mysql-connector-python
|
mysql-connector-python
|
||||||
beautifulsoup4
|
beautifulsoup4
|
||||||
lxml
|
bleach
|
@ -1,6 +1,6 @@
|
|||||||
from flask import Flask, make_response, redirect, render_template_string, request, jsonify, render_template, send_from_directory
|
from flask import Flask, make_response, redirect, render_template_string, request, jsonify, render_template, send_from_directory
|
||||||
from bs4 import BeautifulSoup
|
from bs4 import BeautifulSoup
|
||||||
from lxml.html.clean import clean_html
|
import bleach
|
||||||
|
|
||||||
def render(data):
|
def render(data):
|
||||||
if data == "":
|
if data == "":
|
||||||
@ -10,9 +10,9 @@ def render(data):
|
|||||||
soup = BeautifulSoup(data, 'html.parser')
|
soup = BeautifulSoup(data, 'html.parser')
|
||||||
for script in soup.find_all('script'):
|
for script in soup.find_all('script'):
|
||||||
script.extract()
|
script.extract()
|
||||||
modified_data = str(soup)
|
|
||||||
|
modified = str(soup)
|
||||||
return render_template_string(clean_html(modified_data))
|
return render_template_string(bleach.clean(modified))
|
||||||
|
|
||||||
|
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
|
Loading…
Reference in New Issue
Block a user