Permalink
Browse files

allow plugins to modify Bleach tag lists (#700)

Allow plugins to modify Bleach tag lists
  • Loading branch information...
jenda1 authored and benjaoming committed Oct 9, 2017
1 parent 8bfc746 commit c4eb76cc4e0eccfd79259d31f64e2204c361462a
Showing with 31 additions and 2 deletions.
  1. +8 −2 src/wiki/core/markdown/__init__.py
  2. +23 −0 src/wiki/core/plugins/registry.py
@@ -36,10 +36,16 @@ def get_markdown_extensions(self):
def convert(self, text, *args, **kwargs):
html = super(ArticleMarkdown, self).convert(text, *args, **kwargs)
if settings.MARKDOWN_SANITIZE_HTML:
tags = settings.MARKDOWN_HTML_WHITELIST + plugin_registry.get_html_whitelist()
attrs = dict()
attrs.update(settings.MARKDOWN_HTML_ATTRIBUTES)
attrs.update(plugin_registry.get_html_attributes().items())
html = bleach.clean(
html,
tags=settings.MARKDOWN_HTML_WHITELIST,
attributes=settings.MARKDOWN_HTML_ATTRIBUTES,
tags=tags,
attributes=attrs,
styles=settings.MARKDOWN_HTML_STYLES,
)
return html
@@ -11,6 +11,8 @@
_markdown_extensions = []
_article_tabs = []
_sidebar = []
_html_whitelist = []
_html_attributes = {}
def register(PluginClass):
@@ -44,6 +46,18 @@ def register(PluginClass):
'markdown_extensions',
[]))
_html_whitelist.extend(
getattr(
PluginClass,
'html_whitelist',
[]))
_html_attributes.update(
getattr(
PluginClass,
'html_attributes',
dict()))
def get_plugins():
"""Get loaded plugins - do not call before all plugins are loaded."""
@@ -67,3 +81,12 @@ def get_sidebar():
def get_settings_forms():
return _settings_forms
def get_html_whitelist():
"""Returns additional html tags that should be whitelisted"""
return _html_whitelist
def get_html_attributes():
"""Returns additional html attributes that should be whitelisted"""
return _html_attributes

0 comments on commit c4eb76c

Please sign in to comment.