coalition.content.html_sanitizer
HTML sanitization utilities to prevent XSS attacks.
Classes
Sanitize HTML content to prevent XSS attacks while preserving safe formatting. |
Module Contents
- class coalition.content.html_sanitizer.HTMLSanitizer[source]
Sanitize HTML content to prevent XSS attacks while preserving safe formatting.
- ALLOWED_TAGS = ['p', 'br', 'span', 'div', 'strong', 'b', 'em', 'i', 'u', 's', 'mark', 'sub', 'sup', 'small',...[source]
- classmethod sanitize(html: str | None, strip: bool = True) str[source]
Sanitize HTML content to remove dangerous tags and attributes.
- Parameters:
html – The HTML content to sanitize
strip – Whether to strip disallowed tags (True) or escape them (False)
- Returns:
Sanitized HTML safe for rendering
- classmethod sanitize_plain_text(text: str | None) str[source]
Sanitize plain text by removing any HTML tags but preserving the text content. Use this for fields that should never contain HTML markup.
- Parameters:
text – Plain text to sanitize
- Returns:
Text with HTML tags removed but content preserved