coalition.content.html_sanitizer
================================

.. py:module:: coalition.content.html_sanitizer

.. autoapi-nested-parse::

   HTML sanitization utilities to prevent XSS attacks.



Classes
-------

.. autoapisummary::

   coalition.content.html_sanitizer.HTMLSanitizer


Module Contents
---------------

.. py:class:: HTMLSanitizer

   Sanitize HTML content to prevent XSS attacks while preserving safe formatting.


   .. py:attribute:: ALLOWED_TAGS
      :value: ['p', 'br', 'span', 'div', 'strong', 'b', 'em', 'i', 'u', 's', 'mark', 'sub', 'sup', 'small',...



   .. py:attribute:: ALLOWED_ATTRIBUTES


   .. py:attribute:: ALLOWED_PROTOCOLS
      :value: ['http', 'https', 'mailto', 'tel']



   .. py:method:: sanitize(html: str | None, strip: bool = True) -> str
      :classmethod:


      Sanitize HTML content to remove dangerous tags and attributes.

      :param html: The HTML content to sanitize
      :param strip: Whether to strip disallowed tags (True) or escape them (False)

      :returns: Sanitized HTML safe for rendering



   .. py:method:: sanitize_plain_text(text: str | None) -> str
      :classmethod:


      Sanitize plain text by removing any HTML tags but preserving the text content.
      Use this for fields that should never contain HTML markup.

      :param text: Plain text to sanitize

      :returns: Text with HTML tags removed but content preserved