Adjust sanitization code to allow HTML5 'data-' attributes through. #19

Open
wants to merge 1 commit into
from
Jump to file or symbol
Failed to load files and symbols.
+3 −1
Diff settings

Always

Just for now

@@ -2518,6 +2518,8 @@ def unknown_starttag(self, tag, attrs):
elif key=='style':
clean_value = self.sanitize_style(value)
if clean_value: clean_attrs.append((key,clean_value))
+ elif key.startswith('data-'):
+ clean_attrs.append((key, value))
_BaseHTMLProcessor.unknown_starttag(self, tag, clean_attrs)
def unknown_endtag(self, tag):
@@ -169,7 +169,7 @@ def sanitize_token(self, token):
if token.has_key("data"):
attrs = dict([(name,val) for name,val in
token["data"][::-1]
- if name in self.allowed_attributes])
+ if name in self.allowed_attributes or name.startswith('data-')])
for attr in self.attr_val_is_uri:
if not attrs.has_key(attr):
continue