allow plugins to modify Bleach tag lists (#700)

Allow plugins to modify Bleach tag lists

src/wiki/core/markdown/__init__.py

@@ -36,10 +36,16 @@ def get_markdown_extensions(self):
     def convert(self, text, *args, **kwargs):
         html = super(ArticleMarkdown, self).convert(text, *args, **kwargs)
         if settings.MARKDOWN_SANITIZE_HTML:
+            tags = settings.MARKDOWN_HTML_WHITELIST + plugin_registry.get_html_whitelist()
+
+            attrs = dict()
+            attrs.update(settings.MARKDOWN_HTML_ATTRIBUTES)
+            attrs.update(plugin_registry.get_html_attributes().items())
+
             html = bleach.clean(
                 html,
-                tags=settings.MARKDOWN_HTML_WHITELIST,
-                attributes=settings.MARKDOWN_HTML_ATTRIBUTES,
+                tags=tags,
+                attributes=attrs,
                 styles=settings.MARKDOWN_HTML_STYLES,
             )
         return html

src/wiki/core/plugins/registry.py

@@ -11,6 +11,8 @@
 _markdown_extensions = []
 _article_tabs = []
 _sidebar = []
+_html_whitelist = []
+_html_attributes = {}
 
 
 def register(PluginClass):
@@ -44,6 +46,18 @@ def register(PluginClass):
             'markdown_extensions',
             []))
 
+    _html_whitelist.extend(
+        getattr(
+            PluginClass,
+            'html_whitelist',
+            []))
+
+    _html_attributes.update(
+        getattr(
+            PluginClass,
+            'html_attributes',
+            dict()))
+
 
 def get_plugins():
     """Get loaded plugins - do not call before all plugins are loaded."""
@@ -67,3 +81,12 @@ def get_sidebar():
 
 def get_settings_forms():
     return _settings_forms
+
+
+def get_html_whitelist():
+    """Returns additional html tags that should be whitelisted"""
+    return _html_whitelist
+
+def get_html_attributes():
+    """Returns additional html attributes that should be whitelisted"""
+    return _html_attributes