nathanwoodburn/shakecities
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix: Try new sanitization
All checks were successful
Build Docker / Build Main Image (push) Successful in 34s
Details
Build Docker / Build SLDs Image (push) Successful in 35s
Details

Browse Source
This commit is contained in:
Nathan Woodburn 2023-11-08 23:25:01 +11:00
parent e60a00f997
commit 5ab71b84e0
Signed by: nathanwoodburn
GPG Key ID: 203B000478AD0EF1
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
requirements.txt
View File

@ -10,4 +10,4 @@ passlib
argon2-cffi argon2-cffi
mysql-connector-python mysql-connector-python
beautifulsoup4 beautifulsoup4
lxml bleach

8
sites/website.py
View File

@ -1,6 +1,6 @@
from flask import Flask, make_response, redirect, render_template_string, request, jsonify, render_template, send_from_directory from flask import Flask, make_response, redirect, render_template_string, request, jsonify, render_template, send_from_directory
from bs4 import BeautifulSoup from bs4 import BeautifulSoup
from lxml.html.clean import clean_html import bleach
def render(data): def render(data):
if data == "": if data == "":
@ -10,9 +10,9 @@ def render(data):
soup = BeautifulSoup(data, 'html.parser') soup = BeautifulSoup(data, 'html.parser')
for script in soup.find_all('script'): for script in soup.find_all('script'):
script.extract() script.extract()
modified_data = str(soup)
modified = str(soup)
return render_template_string(clean_html(modified_data)) return render_template_string(bleach.clean(modified))
except Exception as e: except Exception as e: